Hackers and spammers have targeted Canada for phishing scams, but even with the major decrease the country currently ranks fourth on the global cybercrime list for hosted phishing sites.
This stat surprised Websense Canada country manager Fiaaz Walji. However, the good news is tempered by news that Canada ranks 3rd in the most command the control centers in the world ahead of even China and Russia.
“General overall phishing has gone down, but targeted phishing, that social engineered attack has increased. Targeted or spear phishing looks at someone’s LinkedIn profile and finds that they like hockey or have a child in a hockey program and sends them a schedule for upcoming hockey games. They click on it and they become infected,” Walji said.
The report also found that malware hosting in Canada increased by 25 per cent year-over year and the number of command and control servers in Canada zoomed up by 83 per cent.
Canada claimed the number 10 position for all countries hosting malware. But the opportunity for security focused channel partners are in three areas from Walji’s perspective: Education, Technology Alignment and Deployment Services.
Managed services are becoming an increasingly popular approach for customers especially in the SMB space. “For the SMB it’s easy for them. It’s like a utility and they can look at it from a Capex or Opex perspective. If you have a small IT budget and no IT person a managed services provider can do this for you,” Walji said.
He added that managed services have also become popular in larger environments as well, for example mining. “Mining companies are asking the channel to host it and manage it for them for a monthly fee.”
Walji has seen Websense Canada’s base of managed service providers increasing. He has also seen traditional VARs making an investment in developing a managed services practice. Walji said that the company is not actively looking to recruit new managed services partners, but he is encouraged by the progress.
“The challenge is how do you monetize it? The best ways are to arrange security assessments and see what’s wrong and do a roll out. Development and adoption of security policies can also lead to a re-occurring revenue stream for partners,” Walji said.
For example, a channel partner can set a policy where LinkedIn is allowed and Facebook is read only. The data leakage protection is on all customer data and it can never leave the organization. Then three months later the company adopts bring you own device and now the policies have to be changed. Walji advises that live tests on policies should be run by channel partners every six months.
Websense also upgraded its opportunity incentive portion of its deal registration program. Walji said more margin will be added to help motivate partners to win net new business.