The managed security space is predisposed to constant change. Cyberattack targets – whether the OSI layer, the type of organization, or the employees in the business – shift from week to week, or in some cases, day to day. IT environments and operations adapt to consumer demands and competitive pressures, potentially introducing new risks. Also, technology is continually advancing to provide a higher level of protection and different delivery models, such as Security as a Service.
Managed security services providers (MSSPs) as well as managed services providers (MSPs) and value-added resellers who provide Security as a Service solutions are accustomed to adapting to change. However, you experienced even more lately, and that has changed the landscape of your business.
Vince Crisler, Founder and CEO of Dark Cubed (Dark3), has identified four trends impacting the security space that MSPs and other solutions providers need to take into account:
The COVID-19 pandemic initiated a wide range of changes in how people work and do business, most notably, shifting to work from home and remote work. “Businesses that said they could never have operated remotely have discovered they could do it,” says Crisler. “Now, remote work is here to stay.”
With employees working from remote locations, however, business leaders have less oversight, and employees could be using technology or engaging in behaviors that create new security risks for their company.
Security as a Service providers have the opportunity to deploy additional solutions for their clients, such as automated threat detection and blocking, and endpoint protection for devices used remotely, that help keep the network, data – and their employers’ businesses – safe.
Along with the shift to remote work, businesses also accelerated their cloud adoption plans. Crisler points out that businesses that still harbored some fear about moving workflows into the cloud overcame them out of necessity when the pandemic impacted their operations. “They’re trading their fear for embracing cloud because it’s a way to keep working,” he says.
One factor that may still be preventing businesses from optimizing their cloud environments is the struggle between performance and security. Research for F5’s State of Application Security report found that 76 percent of respondents say that if given the choice they’d turn off security to improve performance. Your services can not only help secure their cloud or hybrid environments, but you may also provide the missing piece to their cloud strategy that enables them to implement new cloud-based solutions that result in greater efficiency, productivity, agility, and business continuity.
3Pressure on Your Clients to Deploy Security
More often, MSSPs are finding that clients who previously needed convincing to implement security are now asking for help. They know they need cybersecurity. Crisler says, often, a larger business partner will require them to deploy solutions to align with their risk management programs. Or, regulations, such as the General Data Protection Regulation (GDPR), the proposed California Consumer Privacy Act (CPRA), and the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC), are impacting their organizations with security requirements (and threats of punitive fines).
Crisler adds that businesses are also more aware of how much of an impact a data breach can have on their businesses in terms of loss, remediation costs, fines and harm to their reputations, however they still remain strongly cost-conscious.
Even though it may be easier to start a conversation with prospects about security, MSPs must still be prepared for meetings, ready to address security challenges in the prospect’s vertical or niche, educate them on optimal technologies, and answer their questions about compliance.
4Scarce Human Capital
The shortage of skilled cybersecurity professionals available to hire is also impacting the space. IEEE research found that filling open tech positions is “very challenging” or “somewhat challenging” for 73 percent of organizations.
Crisler says, for this reason, MSSPs should provide Security as a Service solutions that leverage machine learning (ML), artificial intelligence (AI), or other means of automation so that they’re easier to use and manage. When you implement solutions with advanced capabilities, “an IT professional can click a button, protect their business and become a cybersecurity hero,” Crisler says.
Providing Security Solutions is No Longer Optional
Crisler comments that VARs and MSPs who do not have a slate of comprehensive security solutions in their portfolios will lose out to their competition that does. “Providing security solutions is no longer optional,” he says.
Businesses are looking for solutions providers who can not only provide them with industry-specific technology they need to run their businesses. They also need VARs or MSPs to provide them with solutions that can protect their businesses from cyberattacks.
Provide total solutions, including security, to maintain your market share and grow your business while helping your customers protect theirs.