Any IT professional working to protect clients must walk a fine line. Talk too much about cybersecurity, and you risk sounding like the MSP who cried wolf. Talk too little, and you may hear from a client, "Why didn't you do more?"
At Exigent, we make it a point not to peddle FUD—fear, uncertainty, and doubt. Instead, we focus on education. Through this blog, free resources, and honest, ongoing conversations, we keep our clients informed—probably more than they'd like—about cybersecurity risks and how to manage them.
We emphasize that cybersecurity is a constant battle with high stakes. Winning requires collaboration, shared responsibility, and trust. Trust that your MSP isn't recommending security training or advanced solutions just to pad the bottom line—but because it's the right thing to do.
We advocate for these practices to prevent situations like the one dominating tech news this week: Ingram Micro, the largest technology distributor in the world—a $48 billion enterprise that supports a vast network of MSPs and IT providers—fell victim to a ransomware attack. Systems were shut down, customer orders were disrupted, and now the company faces both operational and reputational damage.
Key Takeaways
- Cyberattacks are a matter of when, not if. Every organization is a target, and the impact of a breach can be overwhelming.
- Even top-tier enterprises with expansive security teams can be breached. Threat actors often exploit the smallest cracks.
- Ingram Micro is struggling to respond across multiple fronts. If a company with its resources is facing this kind of fallout, imagine the risk to your small or midsize business.
How Would Your Organization Fare During an Attack?
Rather than casting blame, let's treat this as a teachable moment. If your business was attacked today, would you be prepared? Here's what you must have in place:
Cyber Insurance
If nothing else, take this lesson to heart: cyber incidents are costly. Ingram is already seeing a hit to its stock value, and the media is speculating on loss of trust, liability, and significant downtime. Cyber insurance provides a financial safety net—covering fines, investigations, revenue loss, and more.
Integrated, Tailored Cybersecurity Solutions
Security gaps often exist in the seams between disparate tools. Work with your MSP to build a cohesive, layered security strategy tailored to your environment. And don't ignore aging tech—such as Windows 10, which will reach end-of-support in October, opening new vulnerabilities.
Employee Security Awareness Training
Your employees are your first—and often best—line of defense. Invest in training that instills a security-first mindset across the organization. Routine security awareness training for your team can transform your cybersecurity posture. Since human error remains the leading cause of breaches, this offers some of the best ROI in cybersecurity.
A Crisis Communication Plan
Ingram Micro has been criticized for not communicating quickly enough. While the company may have acted swiftly behind the scenes, the perception of silence damaged trust. Since we aren't on the inside, let's not Monday morning quarterback. Instead, think for a minute about who you would need to notify if a breach happened in your network, and then also consider—how? Could you access contact lists if your systems were down? A solid crisis plan includes communication protocols outside of digital systems and ensures you're ready to act.
A Tested Business Continuity Strategy
Backups are only valuable if they work. Whether restoring files or performing a full system rebuild, you need to know where your data is and how the heck to recover it. Alarmingly, only 35% of data is recovered in most restores. Don't let this be you. Your business should have a detailed data backup and recovery plan that addresses multiple scenarios. From there, test regularly and refine your plan as your organization grows.
Multifactor Authentication (MFA)
This is no longer optional. MFA, along with strong password policies and frequent updates, is your frontline defense against credential compromise. Do. It. Now.
An Incident Response Plan
Your leadership team needs a playbook for managing any type of disruption—whether it's a ransomware event, power outage, or hurricane. Remember, an effective business continuity strategy is significantly larger than just backup and recovery. That comprehensive blueprint should include an incident response plan outlining:
- Roles and responsibilities during incidents
- Notification workflows (internal, external, legal, clients, partners)
- Incident classification by type and severity
- Steps for containment, mitigation, investigation, recovery, and reporting
- Backup strategies for both digital and physical assets
- Employee protection and alternate worksite plans for physical disruptions
Need a starting point? Get our incident response template guide.
Cybersecurity Is a Shared Responsibility
Your MSP should be more than a vendor—they should be a strategic partner helping you build a secure, resilient organization. But here's the key: You need to engage.
- Sit down with your MSP to understand what security measures are in place—and what's missing.
- Ask questions and prioritize their recommendations.
- Use their tools and resources.
Cybersecurity isn't a one-sided service—it's a collaboration. We can design, deploy, and optimize technology, but only if you partner with us and make cybersecurity a cultural priority across your organization.
A Final Word on Empathy
Experiencing a cyberattack is often one of the most chaotic and stressful times a business can face. Be patient and kind with those going through it. Because someday, it could be you.
Have questions? Contact us.
