Organisations today are locked in an endless battle to do more with less. Recent years have seen an increase in both the frequency and sophistication of cyberattacks, yet many businesses lack the necessary in-house resources, time and budget to effectively protect themselves from such attacks.
The problem is exacerbated by a lack of skilled cybersecurity professionals – 65 percent of organisations worldwide report a shortage of cybersecurity staff.
All these factors have led to an increase in managed security services, where organisations put their security requirements into the hands of a trusted Managed Security Service Provider (MSSP), so they can instead focus on other creative or revenue-generating activities.
Indeed, IDC’s latest Worldwide Semi-annual Security Spending Guide reports that managed security services, integration services, consulting services, and IT education and training received the largest share of security spending in 2019 – 44 percent, or more than $47 billion. Services will also have the fastest spending growth with a five-year CAGR of 11.2 percent.
Benefits to offering managed security
MSPs are in a position of strength when it comes to addressing and supporting the security requirements of their clients – especially SMBs. In its Trends in Managed Services report, IT trade association CompTIA described cybersecurity as “rich with new opportunities.”
It noted that “keeping pace with the sophistication of bad actors attempting to steal data, hack systems and extort ransoms requires advanced skills that many organizations, especially small businesses, do not have. They need help, and an MSP or MSSP that has those skills is sure to be in high demand and at a premium price point.”
Recent years have seen an increase in #cyberattacks, forcing many SMB customers of #MSPs to seek #ManagedSecurityServices from their IT provider.
This has been driven home by the current COVID-19 crisis, where organisations have been forced in many cases to implement a remote workforce overnight, leaving them susceptible to cyberattacks.
New research by Barracuda shows three main types of phishing attacks using COVID-19 themes — scamming, brand impersonation, and business email compromise (BEC). Goals of the attacks range from distributing malware to stealing credentials, and financial gain. Spear phishing attacks alone are up an astonishing 667 percent since the end of February.
Additional research from cybersecurity certifications body (ISC)² shows 23 percent of cybersecurity professionals say incidents against their organisation have increased since transitioning to remote work during the crisis began – with some tracking as many as double the number of incidents.
Of critical importance to MSPs, almost half of cybersecurity pros say they have been taken off some or all of their typical security duties to assist with other IT-related tasks, such as equipping a mobile workforce, leaving them exposed to greater risk. Fifteen percent of respondents indicate their information security teams do not have the resources they need to support a remote workforce, while another 34 percent said they do, but only for the time being.
Help clients navigate the pandemic
As an MSP, you have an opportunity to step in and help your customers navigate the current pandemic. Offering security advice and support at this time will prove invaluable to any business that finds itself struggling and will lay a foundation for a closer, and potentially more profitable, relationship when they emerge from current restrictions.
If your #MSP is not already offering, or have no plans to offer, security-based solutions and services, you are wasting a timely opportunity. #ManagedSecurityServices
Take the time to understand what they need. A multilayer email security solution should contain user security awareness training, fraud protection, email resiliency and a gateway defence. MSPs need to think about implementing policy management and automated patching to support and enhance their users’ security posture. Choosing the right partner is essential in helping you build and deliver multi-layered services that address the biggest security threats that exist today.
The situation is this: if you aren’t already offering, or have no plans to offer, security-based solutions and services, you are wasting a timely opportunity to provide the additional value that your customers need right now. Moreover, you are leaving a new revenue stream on the table – which your competitors will have little hesitation to pick up.
Photo: Pressmaster / Shutterstock