As managed service providers (MSPs) experience accelerated growth, they face the challenge of keeping up with the latest cybersecurity solutions and technologies. These companies, which remotely manage their clients’ IT infrastructure and end-user systems, also struggle to keep pace with an avalanche of cyberthreats.
These were among the findings of a Sophos survey of 350 MSPs across the United States, the United Kingdom, Germany and Australia.
According to the report, MSPs perceive the biggest cybersecurity risk as a shortage of in-house cybersecurity skills, which impacts both their own operations and their clients’ security.
Given the current market for cybersecurity professionals, said Mike Hamilton, CISO of Critical Insight, it is unsurprising that MSPs find it hard to attract and retain roles such as penetration testers or GRC auditors. From his perspective, the best strategy is to partner with cybersecurity professional services companies with an adequate bench, a workforce development strategy and resources for surge capacity.
“Internal employee skills development is a longer-term solution. However, retention after training is always a gamble,” Hamilton said.
The report found stolen access data, credentials, and unpatched vulnerabilities were among other top risks identified for MSPs’ customers.
To streamline cybersecurity efforts, most MSPs partner with a limited number of vendors, the report found. Of these, 53% work with just one or two, and 83% use between one and five vendors.
The survey also revealed MSPs believe they could reduce their daily management time by nearly half (48%) if they could manage all their cybersecurity tools from a single platform.
Working with a limited number of cybersecurity vendors offers several benefits, suggested Chad Graham, manager of the Cyber Incident Response Team (CIRT) at Critical Start. “It simplifies vendor management, potentially reduces costs through bulk purchasing, and ensures better integration and interoperability between tools.”
A streamlined approach also allows MSPs to build deeper relationships with vendors, leading to better support and quicker issue resolution.
However, Graham cautioned that this strategy comes with potential drawbacks, such as over-reliance on a few vendors, which can create single points of failure. “If a chosen vendor fails to keep up with the latest threats, it can leave the MSP vulnerable,” he said. “Rotating vendors and providers periodically can be a strategy to mitigate over-reliance and ensure continuous access to cutting-edge solutions.”
The rapid pace of innovation in cybersecurity means that MSPs must stay ahead of several key trends. These include the increasing use of AI and machine learning for threat detection and response, the growing importance of Zero Trust architecture, and the integration of advanced analytics for predictive threat modeling. “Regulatory changes and the increasing need for compliance will drive MSPs to adopt more rigorous security practices,” Graham said.
To remain competitive, said Graham, MSPs should invest in continuous training for their staff, foster strong vendor relationships, and adopt flexible, scalable security solutions that can adapt to the changing threat landscape.
Vendor consolidation will lead to increased specialization, which presents an opportunity for MSPs. It lets them focus their hiring efforts on specific processes, technologies and service offerings, explained Dave Gerry, CEO at Bugcrowd. “Some customers using less popular solutions as a part of their security stack may find it harder over time to identify strong MSP partners that have specialization in that technology,” he said.
It’s critical for MSPs to develop deep specialization to differentiate themselves from their competitors, Gerry added. “We’ve seen a rapid onslaught of new MSPs entering the market. Customers have more choice than ever when evaluating new cyber partners,” Gerry said. “MSPs are leveraging homegrown software and service offerings to complement the third-party service offerings they provide their clients.”
Hamilton said MSPs would do well to evaluate the most prevalent threat vectors and address those head-on, rather than looking for new technologies that address more of the round-off error.
“For example, criminals have turned to rapid vulnerability exploit as a preferred initial access vector, such that product patches are immediately reverse engineered to develop exploits,” Hamilton said. “Developing a rapid and effective patching process reduces the likelihood of compromise.” Secondarily, implementing rapid and automated asset quarantine can help minimize a compromise’s impact.
Recent Articles By Author