As cyberattacks get more sophisticated and the sheer volume of devices increases, organizations are struggling to protect their endpoints. In fact, a recent ESG report shows that 59% of organizations are having difficulty managing their endpoints because there are too many IoT and mobile devices. This inability to manage and secure all endpoints gives attackers increased opportunities for exploitation. But it also provides new opportunities for managed service providers (MSPs) and managed security service providers (MSSPs) to fill the gap and help organizations with security and endpoint management services.
Over the last decade, MSPs and MSSPs have become a significant resource for organizations struggling with security. Their comprehensive knowledge of the latest tools, strategies, and extensive engineering resources makes them invaluable. Not surprisingly, the MSSP market specifically is expected to grow 12.3% over the next four years. Offering new security services, like attack surface visibility and vulnerability management, can further differentiate and drive additional revenue opportunities for MSSPs.
When it comes to cybersecurity, a shift from a fortification mindset to one of resiliency has been underway over the last several years for both MSSPs and the organizations they serve. In this context, resiliency is the ability to anticipate, withstand, recover from, and adapt to adverse security conditions. Case in point, MITRE recently published a cyber resiliency framework focused on sharing an understanding of what it takes to maintain and inform preparedness. This framework is driven by the sheer volume and diversity of new threats and the reality that it’s nearly impossible to stop all attacks. With that previous fortification mindset, organizations focused on detection and response. Organizations must instead focus on prevention and continuous protection.
This is why MSSPs must address cyber hygiene. It’s a balancing act of putting the right security pieces in place and ensuring proper configuration to manage and secure endpoints constantly. MSSPs managing endpoints are patching and updating firmware, but maintaining cyber hygiene becomes challenging as the attack vectors change in real time. Layer on cloud, hyperconverged technologies, and mobile devices, and visibility becomes crucial when working to identify possible threat vectors (which is important when shifting to a resiliency mindset). Hygiene also plays a major role in visibility—how can a team stay resilient if they can’t see all the pieces?
Questions MSPs/MSSPs Need to Answer
That combination of resiliency and hygiene are the major pillars that MSSPs are tackling for customers today. But there are a variety of other important questions and activities that customers are asking.
- Compliance – Organizations want to know how security and endpoint management impacts compliance and what they should do to meet those requirements.
- Cyber Hygiene – Organizations are asking a lot of questions about the tools MSPs/MSSPs use to ensure cyber hygiene, and how they work together to provide the levels of visibility needed to protect against threats and eliminate vulnerabilities.
- Breach Recovery – Blocking 100% of attacks is impossible. Most organizations now recognize that. As a result, many are asking questions about how to maintain business operations post-breach while recovery occurs.
- Tool Sprawl – Most organizations want to consolidate tools. MSSPs are answering lots of questions about evaluating brand trust and need. What tools should they buy, do they need all the tools, what gap is a tool filling, can it be trusted, can it integrate, etc.
What are all the answers? At a high level, partners I’ve spoken with are actively consolidating tools, looking for feature sets that simplify management and deliver powerful functionality, aggressively leveraging correlation and automation features, and improving their security skill set (both with their internal analysts and engineers, but also across a customer’s employee base with education and training). They’re also working to determine gaps in customers’ remediation plans; working to orchestrate remediation through the operationalization of discovery, identification, and remediation processes; and increasing their adaptability by leveraging tools that support situational awareness (like human/machine collaboration).
The security landscape is constantly introducing new challenges for organizations. Successful MSPs and MSSPs are striving to find synergy across a customer’s security stack, increase efficiencies, reduce attacks, and quickly enable recovery.
ASHLEY LEONARD is the president and CEO of Syxsense—a global leader in unified security and endpoint management (USEM). Ashley is a technology entrepreneur with over 25 years of experience in enterprise software, sales, marketing, and operations, providing critical leadership during the high-growth stages of well-known technology organizations. Ashley manages U.S., European, and Australian operations in his current role, defines corporate strategies, oversees sales and marketing, and guides product development.