The interest in managed security services is on the rise. However, it turns out that it’s not only becoming more difficult to deliver those services, customers of managed security service providers (MSSPs) are also becoming less satisfied.

Dark Cubed, a provider of a cybersecurity threat intelligence platform accessed via the cloud, has published a report based on data collected from firewalls deployed by managed service providers (MSPs). The report shows that MSPs who are managing these firewalls have been victimized by both automated and directed attacks. In fact, the report estimates that 6.9 percent of the traffic on MSP networks is related to bots, scanners, and hackers, with 160,613 malicious hosts observed attacking MSP networks.

Most of those attacks primarily focused on exploiting Windows Remote Desktop, followed by insecure remote access, file transfer, and hosting services. One MSP reports being the target of a botnet attack comprised of 20,000 unique IP addresses from 149 countries, sourced from 3,607 different organizations.

Complicating matters further, the report suggests that MSP defenses are overwhelmed by friendly fire in the form of routine scans. Two-thirds of the MSPs (66 percent) report being regularly scanned by Arbor Observatory, Shadowserver Foundation, and BitSight.

Cyberattacks are taking a toll

A survey of 637 IT and security practitioners conducted by The Ponemon Institute, on behalf of Respond Software, a provider of robotic decision automation (RDA) tools for security operations centers (SOCs), finds that 58 percent rate their MSSP as ineffective.

The survey suggests part of that dissatisfaction may have a lot to do with perceived costs. The survey revealed that organizations spend on average $2.86 million annually on their in-house SOCs. That compares to $4.44 million annually among organizations that rely on MSSPs. Of course, comparisons between individual organizations and MSPs will vary widely. Costs being analyzed in the survey may not reflect a true apples-to-apples comparison based on the capabilities provided by the in-house team versus the MSSP.

In theory, the MSSP should be less expensive because it can aggregate the cost of delivering cybersecurity services across multiple customers. Regardless of what economics are at play, the survey makes it clear many organizations are not happy with their existing MSSPs. Whether those organizations will bring their SOC back in-house or find a more cost-efficient MSSP remains to be seen.

It’s apparent there is a credibility crisis. MSPs are on the front lines of the cybersecurity war and have a great opportunity to prove to customers that they can adequately protect their sensitive data. There’s no doubt that many potential clients will be searching for an organization to do exactly that. Now, it’s just up to the MSPs to capture their attention and prove they are up to the challenge.

While advances in automation and artificial intelligence (AI) might one day help, MSPs will need to show that their current offering is enough to do the job. As such, MSPs would be well-advised to put aside their existing differences to circle the proverbial wagons in the face of a much larger threat.

Photo: F8 studio / Shutterstock

Mike Vizard

Posted by Mike Vizard

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike blogs about emerging cloud technology for Smarter MSP.

Leave a reply

Your email address will not be published. Required fields are marked *