UPDATED 15:49 EST / DECEMBER 23 2024

This image reflects glowing digital shields symbolizing cyber defense for SMBs, conveying themes of security, protection and technology. SECURITY

Kaseya delivers a next-level cybersecurity playbook for SMBs and MSPs

Small-to-midsize businesses are easy prey for cybercriminals, and effective cyber defense for SMBs must evolve to meet rising threats. With a 70% increase in attacks this year, SMBs face unprecedented risk but often lack the robust defenses of larger enterprises, according to Christophe Bertrand, principal analyst at theCUBE Research. This “it won’t happen to me” mindset leaves SMBs exposed as cybercriminals shift their sights to vulnerable endpoints and cloud-based applications.

This growing threat took center stage at DattoCon 2024, where Kaseya Inc. revealed new tools to support cybersecurity for SMBs and help managed service providers strengthen their security posture. The company introduced Kaseya 365 User, a subscription offering that safeguards user identity and security across software-as-a-service applications. Kaseya also announced its acquisition of SaaS Alerts, integrating the firm’s technology into 365 User to help managed service providers protect clients’ cloud-based applications.

“Cyber resilience is everyone’s problem, regardless of size,” Bertrand said. “SMBs need help from vendors who approach cyber resilience holistically, across the entire IT environment.”

This focus on protection goes beyond technology — it’s about economic impact. Effective cyber defense for SMBs is critical, as these companies generate 52% of the global gross domestic product and employ 53% of the workforce, underscoring their vital role in the global economy. During the DattoCon keynote, Fred Voccola, chief executive officer of Kaseya, emphasized how MSPs are critical to helping SMBs manage digital transformation, aligning with Kaseya’s mission to support this essential partnership.

In one-on-one discussions with theCUBE, Bertrand, Jim Lippie, chief executive officer at SaaS Alerts, and  Mike Puglia, general manager of security products at Kaseya, shared insights into Kaseya’s strategy for fortifying cybersecurity, empowering MSPs and driving SMB growth.

This feature is part of SiliconANGLE Media’s ongoing series exploring the latest developments in the cybersecurity landscape. (* Disclosure below.) 

Why endpoint protection is critical to cyber defense for SMBs, MSPs and IT pros

SMBs often assume they’re too insignificant to attract cybercriminals, but the reality is far more perilous. Automated attacks make it easy for hackers to cast a wide net, exposing gaps in cyber defense for SMBs that lack the robust protections of larger enterprises, according to Puglia. This vulnerability creates a low-risk, high-reward scenario for attackers, making SMBs prime targets.

“No company is too small for cyber criminals to care about,” Puglia said. “We see small businesses all the time paying ransoms of $50,000 to $100,000 because they thought they weren’t a target.”

Firewalls and antivirus software are no longer enough to support cyber defense for SMBs. Hackers now use “living off the land” tactics, exploiting legitimate system tools to slip past defenses, according to Puglia. Kaseya’s Datto EDR counters these attacks by recognizing abnormal activity and enabling SMBs and MSPs to intervene before attackers gain control. Unlike enterprise-grade EDR, which often seems to assume users have Ph.D.s in cybersecurity, Kaseya’s solution prioritizes critical alerts and simplifies action steps for smaller teams, according to Puglia.

“EDR is designed to catch attackers in motion, not just when they walk in the front door,” he said. “It watches for unusual patterns as they move through your system, so you’re not relying on a single line of defense.”

Instead of sounding the alarm after an attack has succeeded, EDR acts as a tripwire system, detecting signs of intrusion early and alerting SMBs and MSPs to suspicious activity, Puglia explained. This proactive approach is a key element of cyber defense for SMBs, giving them a chance to block attackers before serious damage occurs, which is critical to combating automated threats that move rapidly once inside a network.

“We’ve seen cases where an attacker created a new admin account at 2 a.m. and installed remote access tools,” Puglia said. “Our system triggered an alert, and we called the client immediately. They shut it down before the attacker could cause real damage. That’s the difference — our EDR focuses on what matters most.”

Double-extortion ransomware — where attackers steal and encrypt data — has become one of the most significant challenges in cyber defense for SMBs, according to Puglia. Companies hit by these attacks face operational downtime, the threat of public exposure and potential fines from regulators if sensitive information is exposed. Even companies with backups aren’t immune because attackers now demand payment to prevent the release of stolen data.

“What I can tell you is it’s going to impact your business,” Puglia added. “Most businesses can’t function if all their computers are encrypted. It’s going to take days, weeks, months to recover, and it’s going to cost a lot of money.”

SaaS security gets a boost with Kaseya 365 User and SaaS Alerts integration

Cybercriminals have shifted their attention from devices to users and applications, creating new challenges in cyber defense for SMBs as companies adopt cloud-based tools, such as Microsoft Corp.’s Office 365 product family, Google LLC’s Workspace and Salesforce Inc., according to Lippie. This shift is compounded by remote work, where users access business-critical apps from personal networks and unmanaged devices. The “Microsoft Digital Defense Report 2024” reveals that 99% of all threats now target applications and users, making them a top priority for SMBs and MSPs.

“The paradigm has always been centered around the device,” Lippie said. “We now have to think about things differently. We have to be focused on the user and … on the applications. That’s why SaaS Alerts has become so popular so fast.”

Cybercriminals are no longer relying on brute-force attacks alone. Instead, they use sophisticated tactics such as virtual private network spoofing, token hijacking and man-in-the-middle attacks. A standard method is infiltrating Microsoft Office 365 accounts from unrecognized locations and quietly setting up email forwarding rules. These intrusions could persist undetected without tools such as SaaS Alerts to detect and block these activities in real time.

“Let’s say a user logs into an [Office] 365 account from an unfamiliar location on a device we don’t recognize. Within five minutes, an email forwarding rule is set up, so most likely, unless that user is supposed to be logging in from that location, the account has been breached,” Lippie said.

When attackers infiltrate user accounts, they don’t stop at interception. They escalate their access using tactics such as privilege escalation and credential theft, making cyber defense for SMBs essential to detect and block these threats as they happen. SaaS Alerts track these patterns in real time.

“If we see a user logging in from an unapproved location, a device we don’t recognize, then immediately an email forwarding rule is set up … lock the account, revoke the session token and force the password reset,” Lippie said. “Our technology will do that automatically.”

Integrating SaaS Alerts into Kaseya 365 User strengthens the platform’s ability to support cyber defense for SMBs in modern cloud environments. The platform provides cost-efficient unified capabilities, including dark web identity monitoring, email filtering, security awareness training, SaaS backup, and cloud detection and response, according to Lippie. Built with a multi-tenant architecture, it allows MSPs to monitor multiple customer environments simultaneously, giving them a unified view of threats across client accounts. These capabilities strengthen cyber defense for SMBs, offering MSPs a centralized way to protect cloud-based applications at scale.

“To put it in context, in 2021, when we launched SaaS Alerts, we had 10 beta MSPs on the platform, not paying us a penny,” Lippie said. “By October of 2024, when we became part of Kaseya, we had 1,200 MSPs paying us, protecting over 30,000 small businesses around the globe. It’s amazing, and it’s because there’s a recognition that protecting these applications and their users has become the number one priority.”

Going beyond technology: How Kaseya’s platform powers MSP business growth

MSPs play a vital role in supporting SMBs that fuel the global economy, especially as cyber defense for SMBs becomes a critical business need. But while SMBs account for more than half of global GDP and employment, many MSPs operate on slim margins, averaging just 10% compared to the 35% margins seen in industries such as accounting and legal, according to Bertrand. Kaseya aims to shift this dynamic with a platform designed to increase efficiency, reduce costs and drive higher-margin services for MSPs.

“There are IT folks who are running a business delivering services, so telling them, ‘I’m going to put another 20 or 30% point of margin in your pocket,’ is a big deal,” Bertrand said. “That’s the story for me. The message is not, ‘I have the best technology.’ The message is, ‘I have the best platform for you to be a successful business, for your customers to be satisfied and for you to keep growing your business.’”

Kaseya’s platform helps MSPs streamline operations and increase profitability while supporting cyber defense for SMBs. By reducing the need for costly on-site visits and enabling remote issue resolution, Kaseya’s platform minimizes operational friction, Bertrand added. This shift allows MSPs to offer higher-value services that generate stronger returns. Kaseya’s approach positions the platform as more than just a technology solution: It’s a growth engine for sustainable business development.

“MSPs are looking at two things as a service provider, Bertrand said. “You need a great technology platform that solves for market issues, the biggest issues being cyber resilience and compliance. But the message is not just about having the best technology. It’s about having the best platform to enable you to run a successful business, serve your customers better and keep growing.”

Kaseya’s commitment to MSPs extends beyond boosting profit margins. By aligning its platform with the growing need for cyber defense for SMBs, Kaseya enables MSPs to achieve margins closer to 35%, reinvest in their businesses, hire more employees and strengthen their communities, according to Bertrand. This shift allows MSPs to compete on par with higher-margin industries.

Kaseya’s strategy reflects an understanding of MSPs as essential business enablers, not just service providers, Lippie added.

“I understand because I was the CEO of an MSP,” Lippie said. “I understand the challenges they face every single day. The job is very hard. I believe that MSPs are the economy’s first responders. The economy — the lifeblood of the economy — is small business. It doesn’t run without technology, and the people that make that technology go for SMBs are MSPs.”

(* Disclosure: TheCUBE is a paid media partner with Kaseya Inc. Neither Kaseya nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Image: SiliconANGLE/DALL-E

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU