MSPs Expand Security Practices to Meet Demand: Kaspersky

Most managed service providers (MSPs) plan to grow their cybersecurity practices to meet demand from companies worried about the massive increase in threats that occurred at the same time that they had to deal with a dramatic shift to hybrid work environments brought on by the COVID-19 pandemic.

In a report released last week, cybersecurity vendor Kaspersky found that 93 percent of MSPs in North America intend to expand their portfolios of IT security services, with threat intelligence being the top choice at 49 percent.

Threat intelligence services MSPs plan to offer include advanced persistent threat (APT) reporting, at 30 percent, threat data feeds and lookup, malware analysis, security assessment and targeted attack discovery.

Demand for security services also can be seen in the growth of both MSPs and managed security services providers (MSSPs), according to the Kaspersky report. The pandemic forced both categories of service providers to adapt to changes in the IT environment and to demonstrate their agility and resilience, particularly as customers’ needs evolved.

See also: Top 12 Managed Security Service Providers (MSSPs) of 2021

Security a Booming Business

More than nine in 10 (91 percent) of MSSPs saw their client base grow since 2019, while almost the same could be said for MSPs (81 percent). In addition, 94 percent of MSPs expect the trend to continue, saying revenues will increase over the next two years.

“It is clear that dependence of businesses on IT is growing and will continue to grow, so it is very important for MSPs to pay serious attention to security,” the authors of the report wrote. “This means strengthening both the security posture and their own protection, which requires the installation of new products, and the provision of layered security on the customer side.”

According to Mikhail Kolchin, head of MSP business at Kaspersky, MSPs understand that in an increasingly complex business environment, the need to protect against security risks will only grow. Services like threat intelligence are part of the solution for being proactive in an IT world where being reactive isn’t enough.

“High-quality [threat intelligence] implies a range of characteristics, such as possession of a rich context that creates intelligence from data and provides additional value,” Kolchin said in a statement. “It also implies support from a recognized team of experts with proven experience in uncovering complex threats, and the smooth integration of services into a company’s existing security operations.”

For its MSP 2021 study, Kaspersky earlier this year surveyed 606 people in 21 countries, including managers or others in more senior positions, from MSPs and MSSPs.

Organizations are increasingly turning to MSPs for additional expertise in a rapidly evolving IT space. About 52 percent cited that expertise as their top reason to use MSPs, while 50 percent pointed to financial effectiveness. In addition, 45 percent said efficiency in providing cybersecurity services was a key motivator, while 49 percent listed the need to meet compliance requirements.

In addition, 24 percent said they went to MSPs or MSSPs in direct response to a data breach.

“This again demonstrates the need for businesses to have dedicated and specific resources at their disposal to prevent a breach from happening and safeguard against what could potentially lead to huge financial and reputational consequences if not tackled properly,” the authors wrote.

reasons to hire MSSP

Also read: How to Start a Managed Detection & Response (MDR) Business

Remote Work, Ransomware Drive Demand

The dramatic transition to remote work is forcing businesses to adopt new technologies and solutions, and MSPs are key to supporting that transition by eliminating tech worries from customer minds, particularly at a time when there continues to be an ongoing skills shortage and concern among organizations about being able to ensure their security, the report found.

“More reliance on technology has also seen increased understanding by businesses of the need for airtight cybersecurity to safeguard their data,” according to the authors. “With technology underpinning mission critical processes, it is vital that the connection between IT security and digital dependency is not underestimated.”

They wrote that the “reliance on digital continuity and complex distributed infrastructures, coupled with a lack of resources and skills, has increased concern among businesses about their ability to ensure cybersecurity. Attacks resulting in downtime, particularly ransomware and cryptolocker type attacks, were frequently mentioned by respondents as a key concern affecting their business.”

The findings in Kaspersky’s report mirror what market research firm Channelnomics has seen in its own research, according to Chris Gonsalves, senior vice president of research for the company. More than 60 percent of MSPs tell Channelnomics that their number-one priority is spinning up managed security services because of increased interest in the market, Gonsalves told Channel Insider.

That interest among companies is real, he said. Research into businesses that are undergoing either digital or cloud transformation efforts found that a key feature that these organizations want is greater security.

On both sides of the equation, there’s absolutely this imperative for managed service providers to become managed security services providers and spin up these kinds of practices,” Gonsalves said.

Also read: Best Backup Solutions for MSPs to Protect Against Ransomware

Becoming an MSSP Isn’t Easy

However, he added, “just because you can do something doesn’t mean you should and security is the ultimate example of this. Most MSPs are not prepared to become managed security service providers, not good ones. There’s a tremendous amount of responsibility when you present yourself to clients now as a security services provider.”

MSPs are taking on the responsibility of safeguarding clients’ systems in the best ways possible. At the same time, MSPs are increasingly becoming a target themselves, as bad actors want to take advantage of such tools as remote monitoring and management (RMM) software used by managed service providers to watch over their clients’ IT environments. By compromising the MSP, hackers get entrée into those client systems.

Given that, MSPs first need to ask themselves if they are capable of filling the role of an MSSP. They need to ensure their own systems and networks are secure by complying with frameworks like NIST CSF, that they are using all the safeguards on their own systems that they would recommend to their clients, and that they know their clients’ businesses well enough to assess the risks that are inherent in their particular industries.

In addition, MSP have to ensure that they have the necessary skills and expertise in place for such jobs as risk assessment and vulnerability management. The yawning skills gap in the cybersecurity field has been well documented and it’s one of the reasons why the demand for MSPs and MSSPs is so high, Gonsalves said.

Yes, there is high demand for MSPs and MSSPs to deliver security services and that opportunity for service providers is large. However, it comes with a word of caution, he said.

“Security is serious business,” Gonsalves said. “Many MSPs are not prepared to do what it takes, and you have to do some soul searching if what you want to do is spin up a managed security services practice, because you’re going to be responsible for safeguarding your client and that’s different than saying, ‘I’ll keep your networks running’ or ‘I’ll keep your laptops up and running.’ This is a domain unto itself and a serious business.”

Further reading: Data Protection Business Model Requires Nuanced Approach for MSPs

Jeffrey Burt
Jeffrey Burt has been a journalist for more than three decades, the last 20-plus years covering technology. During more than 16 years with eWEEK, he covered everything from data center infrastructure and collaboration technology to AI, cloud, quantum computing and cybersecurity. A freelance journalist since 2017, his articles have appeared on such sites as eWEEK, eSecurity Planet, Enterprise Networking Planet, Enterprise Storage Forum, Channel Insider, The Next Platform, ITPro Today, Channel Futures, Channelnomics, SecurityNow, and Data Breach Today.

RELATED ARTICLES

Must Read