Daniel Hurel, Vice President of Westcon Cyber Security & Next Gen Solutions, EMEA explains why the ground is set for MSSPs to experience meteoric growth in 2022 and how businesses can capitalise on this trend.
Cybersecurity has become a major priority for businesses of all shapes and sizes in recent years. Whereas enterprises and central government used to be the primary targets for bad actors, the threat landscape has expanded to the point where SME’s are now firmly in the crosshairs of cybercriminals. This has resulted in a dramatic increase in demand for cybersecurity capabilities, and has changed the way that the cybersecurity market operates, with supply chain and talent shortages further exacerbating the resource crunch. These conditions set the stage for an MSSP explosion in 2022. Even though the industry has been going from strength to strength in recent years but 2022 should see exponential growth in the sector.
The market conditions, which are laying the groundwork for MSSP’s
cybersecurity is now among the top priorities for executives, according to Gartner’s latest Emerging Risks Monitor Report. Ransomware, in particular, is an even greater concern for executives than pandemic related issues, including supply chain disruptions. To counteract this and limit the potential damage of an attack, businesses need to treat cybersecurity as a business-critical function with subsequent investment in new solutions. How business resources are allocated though, to meet these challenges, is changing to adapt to these new market conditions.
Traditionally, cybersecurity functions were handled in-house. Hardware was king in this environment and needed specialist skills within the organisation to operate these tools and adapt them to the needs of that particular business. While this worked for larger organisations who could make use of the functionality of “one size fits all” hardware, many smaller businesses who wanted to bolster their cybersecurity posture were priced out. They also didn’t need all of the capabilities that were packed into those products. Finding the right individuals to operate and maintain the hardware was also a challenge, top cybersecurity professionals are prized commodities in every industry. This again priced out smaller businesses that couldn’t afford the price tag that came with somebody who had all the right skills and knowledge to design and operate a robust cybersecurity operation. The competition to recruit them into organisations, particularly with fixed-term contracts, upped the ante too much for SMEs to sit at the table.
The events of the last few years have only made these issues worse. Though hardware is still the right option for many circumstances, the semiconductor shortage has driven both prices and wait times up. Companies simply can’t afford the time and monetary cost of waiting for expensive hardware and leaving themselves vulnerable. Though refurbished units are becoming more popular, with distributors investing more heavily in the circular economy to mitigate supply chain issues, finding the talent to operate them is a challenge.
The pandemic has also changed how work is done. Hybrid is the new modus operandi for businesses everywhere, unless it’s imperative that a role be performed on site, as is the case for manufacturing and industries where sensitive information and materials are handled (those roles were shifted to remote working in the early stages of the pandemic). When the world opened back up, employees everywhere wanted to keep hold of their newfound freedom. They’d proven they could be productive in a remote environment so pushed for hybrid work to gain the best of both worlds. This had the knock on effect of creating what was dubbed “The Great Resignation”, where employees everywhere reconsidered their work-lives. The impact of this has been measurably demonstrated in research conducted by Microsoft, which in its 2021 Work Trend Index, found that 41% of people are likely to consider leaving their jobs within the next year. Cybersecurity professionals are very much aligned with this thinking, they want the same flexibility and opportunities as their coworkers, making in-house roles where they’re needed on site to maintain and operate hardware unappealing.
Hybrid working has also thrown up a number of practical issues for businesses to consider. As employees are empowered to work from anywhere that has an Internet connection, the attack surface increases and threats become harder to predict. Employees now often work on multiple devices, in multiple locations on insecure consumer networks. There is also the threat that restrictions could come back into force. This means that the threat landscape of a business will ebb and flow much more than in the past. Hardware-based technology isn’t best equipped to handle these scaling issues, adding extra emphasis to go with an MSSP.
The internal business motivations to use an MSSP
While external factors have laid much of the foundation for MSSPs to experience exponential growth in 2022, internal business motivations are also a key element. The pandemic shone light on many of the fault lines in how businesses are typically structured. Though agility has been a talking point for many companies, this was evidently little more than lip service. Rigidity in processes, departments and thinking put many behind the curve when the pandemic first struck. It’s true that an exceptionally small number of organisations were truly prepared for something of that scale and there was a scramble to adapt, but those with flexible and scalable operations adapted quickest and best.
Lessons should be learned from this, businesses in 2022 need to increasingly value scalability and flexibility. The ability to turn capabilities on and off, to expand or reduce the number of covered devices, to upgrade to better forms of protection as and when the technology becomes available without needing to go through an arduous integration process are all key motivators. The simple answer to achieve all of these in 2022 is to go with an MSSP, and as complexity is the enemy of execution, the simple answer will be the best solution for many businesses.
How businesses can capitalise on the MSSP explosion
With both external and internal factors pushing businesses towards outsourcing their cybersecurity functions to an MSSP, the question now becomes “How can businesses in the channel capitalise on this?” The answer isn’t as simple as “become an MSSP”, because shifting from a traditional reseller to a managed service provider isn’t done at the push of a button. It’s a complicated process which involves rethinking the entire approach the business takes from its structure, financing, procurement, compensation, vendor partnerships right the way through to its transaction and billing policies.
There will be demand for traditional resale for some time to come, but the balance is shifting. Gartner estimates that Technology-as-a-Service will grow 4x in value from $93.8 billion in 2018 to $344.3 billion by 2024. The key element to get right at this moment in time is to offer flexibility and choice through a comprehensive portfolio of cloud and as-a-Service solutions. This needs to be supported by flexible payment solutions and subscription models that help drive adoption and deliver predictable recurring revenues for the solution supplier. Getting this right will unlock future growth opportunities and allow channel players to capitalise on the MSSP explosion. It will result in success for the partner community.
Read the latest edition of PCR’s monthly magazine here: