It’s no secret that security vendors are very interested in managed service providers these days. The reasons why are no secret either. Global spending on security software, hardware, and services will climb at a 9.4% CAGR through 2023 to $151.2 billion, according to IDC, but managed security spending will rise at an even faster 13.9% over that same span.
“That’s where the money is,” said SonicWall President and CEO Bill Conner to ChannelPro last week at the RSA Conference in San Francisco. “More and more people are consuming services, and I don’t mean installation services. It’s true services.”
As a result, SonicWall is one of many security vendors scrambling to attract MSPs to their products and programs. Malwarebytes, for example, has just rolled out a new partner program with an MSP-specific track. Carbonite and Webroot plan to introduce a combined partner program later this year that will include MSP-friendly requirements and benefits, while Bitdefender unveiled a similar offering last June.
Look more closely at the plans many security vendors are hatching at present, though, and a somewhat newer objective comes into focus: recruiting managed security service providers, or MSSPs.
Definitions of “MSSP” vary, and some observers believe any MSP with a security offering qualifies for the label. But the companies that security vendors increasingly have in their sights are a rarer breed with in-house security operations centers and experienced analysts on staff. Many such firms provide threat monitoring and log analysis services on an outsourced, often white label, basis to multiple MSPs that lack security expertise of their own. Forging alliances with a few dozen of them can be a more efficient way to construct a managed security channel than building thousands of MSP relationships individually.
“Let them be the master MSP,” says Conner of MSSPs, “and let them roll up or serve the MSP.”
That thinking underlies SonicWall’s recent introduction of a unified, cross-product management console specifically for MSSPs, and it has other vendors eyeing the MSSP community as well.
Those include SSL certificate provider Sectigo, which recently introduced a product that combines certificate management with vulnerability scanning, malware detection, and other website-related security services. The company plans to promote the new offering to front-line MSPs via master MSPs.
“We’re building out a team to specifically work with MSSPs,” says Michael Fowler, the vendor’s president of channel partners.
Deep Instinct, a small but fast-growing provider of endpoint and other security solutions powered by “deep learning” technology, is targeting MSSPs too. The company has about 30 alliances with such companies in the U.S. at present, and wants more.
“The MSSP business is kind of a huge growth factor for us right now,” says Greig Patton, Deep Instinct’s chief revenue officer. “I would expect that we add a significant amount of MSSP, master MSP, players over the course of the year.”
Like SonicWall and Sectigo, the company plans to herd MSPs toward its MSSP partners. “What we’ve seen with the pure play MSPs [is] they don’t have enough cyber knowledge,” Patton says. “They’ve got to get under the umbrella of somebody who can handle that level of SOC and cyber capability, so we’re better off getting them paired with the right people that can help them execute.”
Arctic Wolf is exactly the kind of provider Patton has in mind. Though MSPs represent about 10 to 15% of its channel at present, the SOC-as-a-service outsourcer is building out a dedicated sales, marketing, and support team in a bid to increase that number.
“The day-to-day, 24×7 triage, forensics, detection, response, that’s a world that is not where they historically specialized and it’s not a strategic direction for them to do themselves,” says Arctic Wolf Chief Revenue Officer Nick Schneider of MSPs. “We fill that void, which makes the rest of their story that much more compelling, and then they can bundle those other products or services that they’ve historically done really, really well around the Arctic Wolf message.”
Not surprisingly, meetings with security software and hardware makers dominated Schneider’s time at the RSA Conference last week. “It’s been my whole show,” he says. “That’s a very, very attractive conversation for both parties, right? It’s a very tangible value add that we can deliver to each other.”
Getting MSPs bought into partnering with MSSPs is still a work in progress, though, according to Tim Brown, vice president of security at SolarWinds. In 2018, that company introduced a program designed to help MSSPs who use its threat monitoring software and MSPs in need of threat monitoring services find one another. So far, however, a lot of MSPs see partnering with a security provider that has a direct sales team as a risky move.
“We need to work with the MSPs to still get them more comfortable with saying an MSSP partner is OK,” Brown says. “It’s just taking time for that comfort level to come up to speed.”
Still, few vendors, SolarWinds included, doubt that MSSPs will be an important route to market for anyone with managed security products eventually.
“At the end of the day, it’s dollars per endpoint per month when you’re looking at the service provider business,” notes Deep Instinct’s Patton. MSSPs are among the quickest ways for a vendor to get more endpoints under management.