Putting Solution Providers, MSSPs on the Same TeamBy Michael Vizard | Print
NEWS ANALYSIS: As the nature of security threats changes, solution providers that go it alone—rather than tapping MSSP expertise—are begging for trouble.
As the security landscape becomes increasingly complex, multiple players are needed to work in tandem to provide managed security services. For starters, the cost of delivering these services is becoming increasingly prohibitive. Not only is finding people with IT security expertise extremely difficult in a highly competitive market, the salaries those security professionals can command are considerable.
The good news is that demand for managed security services is expected to create a $32.9 billion market by 2020, according to projections from ABI Research. That figure will climb to $32.9 billion in 2020 as more businesses are turning to MSSPs that offer expertise and dedicated security personal as they face continuing pressures due to a lack of internal resources, rising threats and government regulations.
Simultaneously, solution providers are also discovering they need to invest more in analytics to identify and prevent security threats that are becoming increasingly sophisticated with each passing day. In fact, solution providers of all types and sizes are also discovering that many customers will not take on new IT projects unless they can address the IT security issues associated with that project.
Solution Providers Team Up With MSPs
The end result is a fundamental change in how managed security services are being constructed and the willingness of solution providers to partner with managed service providers (MSPs) that specialize in IT security. In fact, a three-tier architecture for delivering managed security services is starting to emerge that begins with vendors increasingly bearing the brunt of the costs associated with investing in technologies, such as big data analytics applications, that are optimized for tracking complex IT security events.
Symantec, for example, is investing heavily in cloud security services that it expects partners to resell. Amit Jasuja, senior vice president of products for enterprise security at Symantec, said it's not feasible for the average provider of managed security services to keep pace with the level of investment required.
"We've got 13 data centers distributed around the globe to collect data," said Jasuja. "Now we need to make it drop-dead simple for our partners and customers to implement security services."
In a similar vein, Dell is previewing a new advanced persistent threat (APT) protection service that it will deliver via Dell SonicWALL firewalls that are sold primarily via its channel partners. Bill Evans, senior director of product marketing for Dell Software, said the nature of the threats facing IT organizations now requires a more instant response that can only be delivered via the cloud.
"We're creating a service to address zero-day threats," Evans said. "That requires taking advantage of the cloud."
Similarly, Arbor Networks, a unit of NetScout, recently rolled out a managed security service for countering distributed denial-of-service (DDoS) attacks that its partners can resell. While partners can clearly use the company's software to build their own managed service, the economics of IT security would suggest that, going forward, more of them are going to rely on vendors to construct those services, said Sam Curry, chief technology and security officer for Arbor Networks.