Share This:

Managed security service providers (MSSPs) are going to need to prove their worth during an economic downturn that has security leaders starting to ask tougher questions about the value of their services.

A Forrester Planning Guide 2023: Security & Risk report is recommending that among the areas where security spending could be scaled back is allocations for managed security services. The report states:

“Over time, MSSPs devolved into alert factories sending templated emails about alerts to clients that failed to provide context or accelerate decision-making. As MSSPs wane, swap those investments to managed detection and response (MDR) or security operations center-as-a-service (SOCaaS) providers.”

Other cutback recommendations being made by Forester include standalone data loss prevention (DLP) platforms and user behavioral analytics tools.

Security platforms represent a threat and opportunity for MSSPs

Managed Detection and Response (MDR) and Security Operations Center-as-a-Service (SOCaaS) platforms that provide a range of capabilities delivered as a cloud service are gaining traction. In some regards, they can represent a threat to MSSPs when a vendor provides them directly to a customer. In other instances, MSSPs are reselling these services to provide a richer set of services at a lower cost than they could if they chose to build out the same capabilities themselves. The issue, of course, is what level of profitability can be achieved by reselling a service versus an MSSP building and maintaining a platform on their own.

The Forrester advice to customers from an MSSP perspective is not all negative. Forrester advises security leaders to continue to spend on security controls that protect customer-facing and revenue-producing workloads.

Forrester also recommended budgets that support modernization efforts involving cloud and zero-trust along with software supply chain security, extended detection and response (EDR) capabilities, attack surface management and breach and attack simulation and privacy-preserving technologies should be defended against cutbacks. Specific areas that warrant additional attention include application programming interface (API) security, bot management, cloud workload security, zero-trust network access and security analytics all merit additional investment, the report notes.

Path of least resistance for securing the business

It’s unlikely most organizations will have the expertise required to implement any of these emerging security technologies let alone integrate and maintain them. As such, MSSPs need to position themselves as the path of the least cost resistance to acquiring these capabilities.

Achieving that goal would naturally require MSSPs to increase their current levels of investment in product and service development. Therein lies the rub, of course, a MSSP must be generating a sufficient level of profit from their existing services to fund those investments or attract additional rounds of outside investment that can be used to create higher-margin services that are truly differentiated.

There is no doubt the Forrester report does unfairly tarnish all MSSPs. However, there are MSSPs that are not providing their clients much more than a steady stream of meaningless alerts. Many of those MSSPs, despite an increased appreciation for cybersecurity, are likely to fall by the wayside as the economy contracts. Regardless of the level of service provided, however, MSSPs should expect to be fielding some difficult questions from clients in the days and weeks ahead.

Photo: CKA/ Shutterstock

Share This:
Mike Vizard

Posted by Mike Vizard

Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike blogs about emerging cloud technology for Smarter MSP.


  1. Definitely benefits to both offerings, assuming someone can get the system(s) up and running.


  2. MSPs are having to adapt to the ever-growing cybersecurity concerns, not only from an IT perspective but from a customer perspective. Lots of responsibilities and service thresholds we’re held to and must work to meet these expectations daily.

    Great article.


  3. Always difficult to find the balance between your offerings and what clients are willing to pay.


  4. Our #1 job, and biggest opportunity is to demonstrate value everyday. If we show ourselves as true partners working together through each challenge with our customers we can solidify our position as trusted advisor and weather whatever storm fickle finances present.


  5. Absolutely MSP’s opportunity to shine!


  6. Very insightful article. Passing along the recommendations.


  7. Need to show the value added you bring with the extra layer that a MSP can provide so they don’t have to


Leave a reply

Your email address will not be published. Required fields are marked *