Share This:

Managed service providers (MSPs) are far more specialized in 2024 than they were a decade ago. The days of hiring an outside service to fix a firewall or install a patch and then disappear, are gone. Today, MSPs are indispensable partners on the frontlines for many small and medium-sized businesses (SMBs). reached out to a variety of experts to find out what specialized cybersecurity expertise MSPs should offer to stay competitive and relevant in today’s evolving cybersecurity threat landscape.

Darian Shimy is the CEO and Founder of FutureFund and has extensive experience managing technology teams and leading major integrations at companies like Square Online and Weebly.

“I’ve seen the transformative impact that specialized services from MSPs can have on SMBs,” Shimy says.

Cybersecurity is expensive, MSPs keep costs down

Shimy shares that when it comes to cybersecurity solutions, developing an in-house security team can be prohibitively expensive. “MSPs offer advanced cybersecurity solutions that provide continuous monitoring, threat detection, and incident response.” However, within a budget framework, it is far more affordable than an SMB trying to develop that in-house.

“For example, MSPs utilize Security Information and Event Management systems that aggregate and analyze activities across your IT infrastructure to identify potential threats,” he explains, adding that this proactive approach ensures vulnerabilities are addressed promptly, protecting sensitive business data and maintaining customer trust.

“Additionally, MSPs can perform regular security audits and compliance assessments to ensure your business meets industry regulations and best practices,” Shimy says.

Josh Amishav, founder and CEO of Breachsense agrees, pointing out that “Most SMBs don’t have the skills to manage security threats. Whether it’s vulnerability management, threat detection, or incident response, when not handled properly, the SMB is likely to cause more damage than if handled by experienced professionals.”

Fractional services at a fraction of the cost

Cache Merrill, CEO of software company Zibtek, refers back to what Shimy states about how the real cybersecurity value that an MSP offers an SMB is the ability to offer top-notch cybersecurity service at far less cost. He explains, “The value is getting two to three experts on your team without hiring them full-time.”

For an SMB, each of those roles is a $100K hire. In security, it is the same. “There are experts at locking down your server, threat analysis, hardware, etc,” Merrill says, adding that most SMBs can’t afford professionals in all those areas, so an MSP can offer fractional people to fill those holes until an SMB is large enough to hire full-time.

“SMBs usually focus most of their hires on their core value prop to launch and get moving, which is a smart and successful model. From my experience, cybersecurity is one of the last fractional people to be brought on and one of the easiest to hire in an MSP model,” Merrill adds.

“It takes a team”

Cybersecurity consultant Michael Hasse shares that, when it comes to cybersecurity, MSPs do one of two things. They either “do it all” for smaller SMBs, (e.g. <50 employees), or they augment internal staff.

“In the case of ‘do-it-all,’ the SMB simply doesn’t have enough work for a full-time person. Yet, there’s enough complexity that they need technical expertise to keep things running smoothly,” Hasse explains. He adds that typically they will attempt to engage a “one-man-band” for a while. This is until they realize no one person can stay on top of everything in the technology arena. “Nowadays, it really takes a team. Augmentation gets a bit more nuanced. It depends on the size and complexity of the organization and the capabilities of the internal team.”

Typically, Hasse adds, you’ll see MSPs “doing the dirty work” on the low end (patches and updates and monitoring, etc.). These are things where an MSP’s toolset allows for automation and convenience at a level that would be cost-prohibitive for most SMBs. All this while freeing up the internal staff to work on projects that are more directly beneficial.

Versatility and value: The multifaceted role of MSPs

The flip side of that, Hasse says, is discrete projects where the MSP may bring higher level expertise that internal staff simply doesn’t have or provide a “safety net” for projects that can be handled internally but may be a bit of a stretch.

“MSPs can also be a backup staffing option in other ways. They are already familiar with the systems, e.g. covering for internal IT staff vacations or sick days, etc.,” Hasse adds. “An MSP has many customers. A challenge faced and solved for one customer may have a solution applicable elsewhere. This shortens the time to resolution for everyone and improves productivity across the board.”

Similarly, an MSP necessarily has its finger on the pulse of cybersecurity and many common application and service vendors. It must be prepared for anything that could affect its entire customer base. This puts it in a unique position as a trusted advisor for forward-looking plans, budgeting, etc.

“MSP can provide the benefits of having a CIO/CTO/CISO without the cost,” Hasse notes. And for many SMBs, when it comes to cybersecurity, that is priceless.

Photo: Mike Pellinni / Shutterstock

Share This:
Kevin Williams

Posted by Kevin Williams

Kevin Williams is a journalist based in Ohio. Williams has written for a variety of publications including the Washington Post, New York Times, USA Today, Wall Street Journal, National Geographic and others. He first wrote about the online world in its nascent stages for the now defunct “Online Access” Magazine in the mid-90s.

Leave a reply

Your email address will not be published. Required fields are marked *