Amazon Web Services (AWS) is raising the bar for managed security services providers (MSSPs) by adding a range of specialized certification requirements.
An update to the AWS MSSP Competency program introduces specific categories, including infrastructure security, workload security, application security, data protection, identity and access management, incident response, and cyber recovery, that AWS now requires partners to demonstrate they have successfully delivered.
MSSPs must submit documentation of case studies that demonstrate how they created and delivered those services. AWS solution architects then review the submissions for approval.
AWS certifications offer benefits and challenges for channel partners
The overall goal is to ensure that AWS customers experience consistent delivery of managed security services. Of course, most channel partners have a love/hate relationship with certifications of any kind. On the one hand, efforts to distinguish partners who have invested significantly in acquiring the necessary expertise are generally appreciated. These investments help ensure customer satisfaction and build trust in the services provided. However, the effort required to attain certifications can be considerable, resulting in higher costs for partners.
An added frustration is when, after attaining certification, a vendor does little to promote the services of the partners that have incurred those expenses. In the case of AWS, the system refers sales leads to partners who have attained certifications. Additionally, there are opportunities to market services through the AWS Marketplace.
Hopefully, it will become much simpler to apply for certifications in the era of artificial intelligence (AI). Not only will it become simpler to aggregate the required documentation, but the amount of time required to review it should also substantially decline.
Cybersecurity demand drives opportunity for MSSPs
Nevertheless, the expectation, as always, is that regardless of how many certifications they might have attained, partners will still need to drive demand for their services on their own. Fortunately, demand for cybersecurity technologies continues to increase. A report from the Futurum Group projects cybersecurity spending will increase at a compound annual growth rate (CAGR) of 11.6 percent from 2024 to 2029 to reach $287.6 billion in revenue. Cybersecurity vendors, which make up 70 percent of the market, provided revenue growth forecasts for analysis. Based on this data, analysts predict that the five fastest-growing cybersecurity segments will include integrated risk management/security operations, identity and access management, cloud security, application security, and data security. These segments will likely experience the highest growth rates in the coming years.
It’s unclear how much of the spending on these cybersecurity technologies will go toward managed services, but MSSPs have a substantial opportunity. The level of expertise required to deploy the multiple layers of defense needed generally exceeds what most organizations can internally muster. Without the knowledge and experience that MSSPs uniquely provide, most organizations will struggle to mount an effective defense against cyber threats. As a result, they are more vulnerable to emerging threats and attacks.
The challenge, of course, lies not only in acquiring the cybersecurity skills needed to succeed but also in maintaining them. As the tactics and techniques employed by adversaries continuously evolve, staying current becomes increasingly tricky. Cybersecurity is, after all, not for the faint of heart but rather for those most committed to making the investments required to ensure it.
Photo: 1footage / Shutterstock
