Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

With the annual RSA security conference set to kick off next week, much of the attention in the channel community naturally turns to security. With demand for IT security expertise at an all-time high, more organizations than ever are looking for external services to help secure their IT environments.

The challenge is that creating a managed security service practice to serve that demand is no simple undertaking. Not only does it require a lot of technical expertise, IT professionals with IT security skills are in short supply.

To help its channel partners make the transition to becoming a managed security services provider (MSSP), RSA has launched a RSA SecurWorld Delivery Services Program. Via this program, RSA channel partners are exposed to a series of advanced technical training sessions, various security delivery methodologies and mentoring engagements with RSA. Once complete, they are deemed an RSA Certified Delivery Services Partner in a particular solution.

The first solution that RSA is providing channel partners access to under this program is RSA Identity Management and Governance. This is emerging as one of the hotter categories in security because IT organizations are trying to secure content while also coming into compliance with a whole range of regulatory requirements, said William Taylor, vice president of worldwide channels and alliances at RSA.

In general, Taylor said the RSA SecurWorld Delivery Services Program is an exercise in sales enablement for the channel. By working hand-in-glove with channel partners to get them started, instead of simply handing out leads, RSA is committed to teaching channel partners how to hunt on their own, Taylor said. Then, they can determine to what degree they want to develop their own security and compliance expertise versus reselling services provided by RSA.

Providing IT security services is clearly not a business for the faint of heart. A few critical mistakes can wind up making any security engagement an unprofitable endeavor at a time when hackers are more sophisticated than ever. At the same time, however, solution providers that have the right culture and expertise can wind up making a fortune providing managed security services. The challenge, of course, often comes down to finding someone to show the organization just where and how to get started.

Michael Vizard has been covering IT issues in the enterprise for 25 years as an editor and columnist for publications such as InfoWorld, eWEEK, Baseline, CRN, ComputerWorld and Digital Review.