As another year comes to close, most managed service providers (MSPs) are already squarely focused on the next. After all, there is little to be done now that could have a meaningful impact on financial results for 2022.
No major shifts expected
A survey of 1,703 information technology leaders conducted by Red Hat suggests there will be no major shakeups in terms of IT priorities. Security remains the top IT funding priority across all regions and almost all industries, with 44 percent of respondents calling it a top three funding priority, a full eight points higher than cloud infrastructure.
Specifically, network security (40 percent) and cloud security (38 percent) were the top priorities, while third-party or supply chain risk management (12 percent) and security or compliance staffing (13 percent) ranked as the lowest security funding priorities.
Security was also at the top of the list across many other categories. Cloud security was the top cloud infrastructure priority (42 percent). Data security and integrity was the top analytics funding priority (45 percent), edging out artificial intelligence (AI)/machine learning (ML). Security automation (35 percent) bested cloud services automation (33 percent) and network automation (30 percent) as the top automation priority.
Overall, three out of four respondents “somewhat increased” or “significantly increased” their investments in securing access by applications to other applications, data sources, or both, this year.
Cybersecurity is an arms race
The one thing that is certain is that as cyberattacks continue to increase in volume and sophistication there are very few organizations that will be capable of going it alone when it comes to cybersecurity. Most MSPs have already shown how indispensable they can be but getting customers to appreciate the true nature of the cybersecurity beast can be a challenge.
Cybercriminals are adversaries that continually evolve their techniques and tactics. More of those attacks as of late are targeting applications which in turn requires investments in additional tools and platforms to secure. It’s not simply a matter of shifting resources from one area to another because cybercriminals will simply shift back to launching attacks against infrastructure once they discover a weakness.
During difficult economic times customers are always looking to cut costs. However, while there may always be opportunities to be more efficient as cybersecurity platforms evolve, it’s crucial that customers understand that cybersecurity like it or not is an arms race. Each time the adversary discovers a new attack vector it will cost more to negate it.
Costs and complexity create opportunity
Of course, each time an attack vector is discovered the costs incurred by an MSP tend to rise as well. Making sure customers understand the true cost of cybersecurity is critical for any MSP that wants to remain profitable. Too many customers just assume that all managed security services are roughly equal until that day comes when there is a successful attack against some undefended portion of what are becoming increasingly complex IT environments. Complexity, as every MSP knows, is the enemy of cybersecurity so understanding the real task at hand is always critical for all concerned.
Undoubtedly, MSPs will find themselves with plenty of opportunities to play the cybersecurity hero in 2023. There will, however, inevitably be times in the coming year when despite everyone’s best efforts there will be suboptimal outcomes. The challenge and opportunity to make sure the number of times when MSPs carry the day far outnumber the ones when they don’t.
Photo: Khakimullin Aleksandr / Shutterstock
