wannacry ransomware

Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

A growing number of business leaders realize they need managed security service providers (MSSPs) to keep their infrastructures safeguarded against cyberattacks. Here are some of the emerging cybersecurity opportunities MSSPs can take advantage of to produce results, both for their businesses and their customers.

Remote Work

Although the COVID-19 crisis devastated many sectors, the MSSP industry has been doing well, and that trend is projected to continue. One of the likely reasons for the ongoing success is the emergence of new services, such as managed detection and response (MDR).

MSSPs have been able to harness opportunities by promoting their ability to secure remote work. A Mordor Intelligence market report looked at trends in the MSSP market from 2021-2026. The data suggest the sector will surpass $64 billion by the end of that five-year period. If that happens, it will represent a 15.2% compound annual growth rate.

The analysts cited remote work as a significant factor driving that growth. They mentioned the increasing expenses associated with in-house efforts to maintain a secure infrastructure and the rising costs of data breaches as other notable factors spurring the market increase.

See our picks for the best MDR tools for MSPs looking to add MDR services.

Remote Risks Become Priority

Gartner senior research director Jonathan Care said the sudden shift to remote work forced a dramatic change in IT priorities.

“Before the pandemic, most enterprises designed their risk appetites around the assumption that remote working was the exception, rather than the norm,” he said. “When that scenario was flipped, risks such as always-on VPNs and bring-your-own-device, which were previously a lower priority for security leaders, suddenly became top of mind. This forced security teams to rapidly reassess their enterprise’s risk landscape and deploy new solutions and policies accordingly.”

Gartner’s data also found that 75% of CEOs will be held personally liable for cyber or physical security incidents by 2024. It’s not surprising, then, that C-suite members will want to reduce the chances of such incidents occurring. MSSPs can help them do that.

Cloud-Delivered Services

Security operations technologies are coming together in broad, cloud-based platforms, adding to the growth of MDR services. It also encourages security leaders to reconsider their budget allocation decisions so that those choices are most appropriate for today’s cybersecurity challenges.

A recent report from Spiceworks Ziff Davis showed that 26% of IT budgets will go towards hosted or cloud-based services in 2022. That’s a 4% increase over 2020 figures. Another finding was that security services would comprise 7% of companies’ cloud budgets.

The report’s authors also examined budgets for managed services specifically. They expect security services to take up 10% of the managed services budget, showing a 3% climb over 2020’s numbers.

A different section assessed the primary drivers for increasing IT budget sizes. One standout finding that could help MSSPs is that 14% of parties will raise budgets in 2022 because they need better tech expertise.

MSSPs can drive their business by highlighting the assortment of cloud-provided options they offer. They could clarify how cloud-based security tools can complement what a business already uses to improve its resilience and growth. Plus, it’s worth pointing out that many companies choose MSSPs because they lack on-site tech expertise and resources. All these characteristics and others make working with MSSPs a sound financial decision.

Ransomware Boosts Incident Response Need

Failing to detect cybersecurity incidents and mitigate them promptly can make attacks much more severe to a business than they’d otherwise be.

Ransomware is a particular threat due to how much it can disable operations. This kind of attack makes files unusable and may cause them to have strange extension names. Users will often find a message on their screens telling them they’ve been hit by a ransomware attack, with instructions on how to pay the ransom.

wannacry ransomware
WannaCry Ransomware notice

In August 2021, the Italian region of Lazio got hit with an apparent ransomware attack. In a statement, Nicola Zingaretti, the region’s president, confirmed, “On the night between Saturday and Sunday, the Regione Lazio suffered a first cyberattack of criminal matrix. We don’t know who is responsible and their goals. The attack blocked almost every file in the data center.” It also disrupted the vaccination program against COVID-19.

A 2021 report also showed a 1,070% year-over-year increase in ransomware attacks. The research revealed that 83% of respondents deemed it extremely or very important for their cybersecurity solutions to have integrated and actionable threat intelligence.

“With the rise of ransomware and risks,” says Mark Wah, Senior Director Analyst in the Technology and Service Provider (TSP) division of Gartner, “incident response (IR) services are on the rise within MSSP and MDR providers.”

There is an opportunity for MSSPs and MDR providers to help potential customers understand how incident response services can reduce the chances of successful attacks, especially if they offer continual monitoring. Many cyber criminals gain access to networks weeks before the associated damage becomes evident. However, a specialized third-party system that detects network intrusion sooner allows customers to act fast and minimize issues.

See our picks for the best backup tools for MSPs looking to offer ransomware protection services to customers.

Combating Cybersecurity Tool Sprawl

An analysis from Statista indicates that the worldwide cybersecurity market will exceed $345 billion by 2026. As the sector gets larger, the overall number of tools a company could use to prevent attacks rises. However, that’s not always a good thing.

Research published in October 2021 examined cybersecurity product usage in organizations with at least 10,000 employees. Such companies have an average of nearly 46 monitoring tools. However, 51% of respondents admitted they no longer use many of them.

The top three reasons for the disuse were lack of integration (42%), too few skilled professionals (39%), and challenges stemming from understanding how to operationalize the tools (38%). There were associated human costs, too.

For example, 55% of respondents did not feel confident in their ability to respond to and prioritize cybersecurity alerts as they arrived. Additionally, 70% were overwhelmed due to the volume of those notifications. MSSPs are well-positioned to show potential customers that relying on them can eliminate the trend where decision-makers invest in tools that fall short of expectations.

That cluster of poorly used security tools can be used as a sales pitch in a number of ways. For example, providers might directly compare MSSP costs versus the expenses of dozens of tools used by people who feel swamped by what the products add to their workloads. Doing that could help an interested person see that MSSPs may be much better investments.

MSSPs Can Use These Trends to Grow Business

Cybersecurity needs are ongoing and evolving. However, since managed security service providers have the expertise, technology, and labor force to handle these fluctuations, they make good business sense for potential customers that want tailored assistance to keep their infrastructures and defenses strong and up to date against potential online criminals.