The managed security space is predisposed to constant change. Cyberattack targets — whether the OSI layer, the type of organization, or the employees in the business — shift from week to week, or in some cases, day to day. IT environments and operations adapt to consumer demands and competitive pressures, potentially introducing new risks. Also, technology is continually advancing to provide a higher level of protection and different delivery models, such as Security as a Service.
Managed security services providers (MSSPs) as well as managed services providers (MSPs) and value-added resellers who provide Security as a Service solutions are accustomed to adapting to change. However, you experienced even more – and at a breakneck pace — in 2020, that has changed the landscape of your business.
Vince Crisler, Founder and CEO of Dark Cubed (Dark3), has identified four trends impacting the security space that MSPs and other solutions providers need to take into account as they navigate their businesses into 2021:
The COVID-19 pandemic initiated a wide range of changes in how people work and do business, most notably, shifting to work from home and remote work. “Businesses that said they could never have operated remotely have discovered they could do it,” says Crisler. “Now, remote work is here to stay.”
With employees working from remote locations, however, business leaders have less oversight, and employees could be using technology or engaging in behaviors that create new security risks for their company.
Security as a Service providers have the opportunity to deploy additional solutions for their clients, such as automated threat detection and blocking, and endpoint protection for devices used remotely, that help keep the network, data – and their employers’ businesses – safe.
Along with the shift to remote work, businesses also accelerated their cloud adoption plans, implementing them in 2020 rather than two or three years in the future. Crisler points out that businesses that still harbored some fear about moving workflows into the cloud overcame them out of necessity when the pandemic impacted their operations. “They’re trading their fear for embracing cloud because it’s a way to keep working,” he says.
One factor that may still be preventing businesses from optimizing their cloud environments is concern over security. Research for (ISC)2’s 2020 Cloud Security Report revealed that data security concerns are still holding back 35 percent of organizations from cloud adoption. Your services can not only help secure their cloud or hybrid environments, but you may also provide the missing piece to their cloud strategy that enables them to implement new cloud-based solutions that result in greater efficiency, agility, and business continuity.
3Pressure on your clients to deploy security
More often, MSSPs are finding that clients who previously needed convincing to implement security are now asking for help. They know they need cybersecurity. Crisler says, often, a larger business partner will require them to deploy solutions to align with their risk management programs. Or, regulations, such as the General Data Protection Regulation (GDPR), the proposed California Consumer Privacy Act (CPRA), and the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC), are impacting their organizations with security requirements (and threats of punitive fines).
Crisler adds that businesses are also more aware of how much of an impact a data breach can have on their businesses in terms of loss, remediation costs, fines and harm to their reputations, however they still remain strongly cost-conscious.
Even though it may be easier to start a conversation with prospects about security, MSPs must still be prepared for meetings, ready to address security challenges in the prospect’s vertical or niche, educate them on optimal technologies, and answer their questions about compliance.
4Scarce human capital
The shortage of skilled cybersecurity professionals available to hire is also impacting the space. Research for the fourth annual Life and Times of Cybersecurity Professionals 2020 report from Enterprise Strategy Group (ESG) found that the cybersecurity skills shortage has increased in severity in the past few years. Furthermore, 39 percent of cybersecurity professionals surveyed believe it takes three to five years to develop expertise in this field, and 18 percent say it takes more than five years.
Crisler says, for this reason, MSSPs should provide Security as a Service solutions that leverage machine learning (ML), artificial intelligence (AI), or other means of automation so that they’re easier to use and manage. When you implement solutions with advanced capabilities, “an IT professional can click a button, protect their business and become a cybersecurity hero,” Crisler says.
Providing security solutions is no longer optional
Crisler comments that VARs and MSPs who do not have a slate of comprehensive security solutions in their portfolios will lose out to their competition that does. “Providing security solutions is no longer optional,” he says.
Businesses are looking for solutions providers who can not only provide them with industry-specific technology they need to run their businesses. They also need VARs or MSPs to provide them with solutions that can protect their businesses from cyberattacks.
Move into 2021, providing total solutions, including security, to maintain your market share and maybe even grow your business while helping your customers protect theirs.