Sunday, May 10, 2026
Latest:

The London Business Journal

London's number 1 business magazine for news, features business, commerce and entrepreneurship in the UK and worldwide

Cyber Security Technology 

CYBER ATTACKS ON SERVICE PROVIDERS POSE SYSTEMIC RISK TO BUSINESSES

NewsDesk , , , , , , , , , , , , , , ,

Businesses must rethink cyber security as a company-wide responsibility rather than a narrow IT function, as attackers increasingly exploit weaknesses within managed service provider (MSP) ecosystems to scale their impact across multiple organisations.

That is the warning from Roy Shelton, Group Chief Executive of Connectus Business Solutions, following new research indicating that cyber criminals are shifting tactics. Rather than focusing solely on uncovering new software vulnerabilities, attackers are increasingly relying on impersonation, remote access exploitation and infiltration of software supply chains—particularly within environments managed by third-party providers.

The shift reflects the growing strategic importance of MSPs in the modern digital economy. As businesses outsource IT infrastructure, data management and cyber security functions, these providers have become deeply embedded in operational systems—making them attractive targets for threat actors seeking to maximise disruption.

“The growing cyber risk associated with managed service provider ecosystems and the way attackers are increasingly exploiting trusted technology pathways to scale disruption is rightly highlighted,” said Roy Shelton, Group CEO of Connectus Business Solutions.

“When an MSP is compromised, the potential impact can cascade across dozens or even hundreds of organisations simultaneously, creating systemic cyber risk that extends beyond a single business.”

Industry analysts point to four emerging areas of concern: identity abuse, misuse of legitimate administrative tools, vulnerabilities in remote access infrastructure and weaknesses in software supply chains. These attack vectors allow cyber criminals to bypass traditional defences and operate within trusted systems, often undetected.

Shelton argues that two structural shifts have intensified the threat landscape over the past year. The first is the growing reliance of small and mid-sized enterprises on MSPs to manage complex digital systems—effectively elevating these providers to critical infrastructure status.

“Many small and mid-sized organisations rely on them to manage systems, data and security that would otherwise be beyond their internal capability. That trust, however, also makes MSPs an attractive target for threat actors seeking a ‘force multiplier’ effect from a single breach.”

The second shift is the need for a more collaborative approach to cyber resilience, rather than a retreat from outsourced services.

“Cyber resilience today requires deeper collaboration between MSPs, insurers, technology vendors and clients.”

For business leaders, the implications are clear: cyber security can no longer sit solely within IT departments. Instead, it must be embedded across governance, operations and organisational culture.

Shelton emphasises that awareness and accountability should be normalised at every level of a business, supported by stronger frameworks and continuous monitoring.

“Robust security frameworks, transparent risk management, and proactive monitoring must become standard practice rather than optional extras.”

He adds that MSPs themselves must evolve in response to the changing threat landscape, positioning themselves not just as service providers but as strategic partners in risk management.

“At Connectus, we believe MSPs have an opportunity to evolve from being viewed purely as technology providers to becoming strategic risk partners for their clients. That means helping organisations understand cyber exposure, supporting stronger governance, and ensuring the right blend of security controls and cyber insurance protection.”

As cyber attacks grow in both sophistication and scale, the cost of complacency is rising. For organisations navigating an increasingly interconnected digital ecosystem, resilience will depend on recognising that security is a shared responsibility extending across the entire supply chain.

“Cyber disruption will continue to grow in scale and sophistication. The organisations that succeed will be those that treat cybersecurity not as an IT issue, but as a shared responsibility across the entire digital supply chain.”

You May Also Like

HOME-START UK JOINS FORCES WITH BT TO TACKLE THE DIGITAL DIVIDE

NewsDesk

UK LEAN PIONEER MICHELLE LEONG BUILDS SMART APP TO APPLY KAIZEN TO EVERYDAY LIFE

NewsDesk

NEW PARTNERSHIPS FOR BRANDSTAK.IO

NewsDesk

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by