Demand for managed cybersecurity services is huge and growing rapidly. With the market projected to reach $25.77 billion by 2029 (up from $13.52 billion in 2022), managed services providers (MSPs) that hope to take full advantage of this opportunity need to choose their cybersecurity vendor partners wisely. Considerations include everything from the breadth of product portfolio to the ability to anticipate what your customers need—not just today but in the future.
Customer needs are growing and changing. The rapidly evolving threat landscape is only getting more difficult for organizations to adequately protect against on their own due to the shortage of cybersecurity professionals—a worldwide gap that (ISC)2, a global nonprofit association for information security leaders, estimated to be 3.4 million in 2022.
This has led to more business for MSPs like Saje Network Systems, according to owner Jodi Gawf. “We actually picked up clients this year solely because their IT person left and they cannot find someone qualified to replace them or they’ve decided not to replace them because the job is too big,” she says.
Two other factors driving increased demand for outsourced security are cyber insurance and compliance. As damages from threats like ransomware increase, insurers are adding more requirements, reducing coverage, and charging more for policies to stem losses. According to Calvin Engen, CTO of Canada-based MSP F12.net, “We’re seeing that it’s more difficult for small to medium enterprises to obtain cyber insurance. They’re looking for trusted advisers to help them unpack what they can do.”
Globally, organizations are also concerned about complying with new and existing data privacy laws that, in some cases, carry hefty financial penalties. In Ecuador, for instance, Paul Harris, executive president of New Access S.A. (recently acquired by EdgeUno), says a new personal data privacy law that took effect there this year has organizations increasingly concerned about “protecting their networks and preventing events that could potentially imply loss of information with larger consequences, not only for them internally, but also by being penalized by the new law.”
So, what should MSPs be looking for in a cybersecurity vendor to capture these opportunities? According to these global business leaders, based on their extensive experience vetting cybersecurity providers, MSPs should seek vendors that:
- Offer solutions that work for businesses of all sizes, not just large enterprises. According to MarÃa Mérida, sales director at MicroCAD Informática, “In Spain, 90% of businesses are small- to medium-sized businesses who don’t have the resources to hire their own IT department, but really need cybersecurity solutions.”
- Offer trusted, leading-edge technology. “From the technical and business sides of evaluating a vendor, we first look at the technical factor. We look at its performance. Our portfolio of business continuity services is mission-critical, so we cannot afford something that’s not dependable and trustable. We need solutions that require the minimum intervention from our side over time,”says New Access’ Harris.
- Offer a unified security platform. According to Harris, it’s better for both efficiency and effectiveness to have a single vendor with an integrated solution for both the network and the endpoint. “One relationship, one management console, and one learning curve for the IT support staff both within the customer’s company and the external provider.”
- Structure their business to benefit channel partners. From payment terms to support and training, it’s essential that the vendor understands what MSPs need to succeed. Says MicroCAD’s Mérida, “We want to work with a vendor who trusts and values our work. From our point of view, their focus should be how to help and grow our business and establish a win-win relationship.”
- Provide flexible terms. “I look at the margins of the vendor and see how relational the company is, and how much involvement they have with their partners, because this plays directly into how much money can they make,” says Gawf of Saje Network Systems. “If I’m working with a partner that only quotes one price no matter your entry point, then I’m not excited about that. With a relational company, it works out better.”
For MSPs, the pace of demand for cybersecurity isn’t likely to slow any time soon. Notes Gawf, “Managed services are becoming increasingly important in part due to the IT and cybersecurity trends not getting any better. They’re getting worse.”
Successfully capturing those opportunities and, most importantly, keeping their customers safe from harm, will rest on how well MSPs and their cybersecurity vendors work together to deliver the right mix of services and technologies.
DIANA HARTER is audience marketing manager at WatchGuard Technologies.