Making the jump to become an MSSP

Person jumping through gap between two cliffs
(Image credit: Shutterstock)

While we all hope for a good year ahead, we can be sure that it’s not going to get any easier or safer for businesses and organisations as cyber threats continue to grow in sophistication and complexity. And as the going gets tougher and the shortage of cyber security skills gets more acute, more companies, particularly SMEs, are turning to their trusted IT solution providers for outsourced support to defend against cyber attacks. Ransomware is what keeps most CISOs awake at night but there is a whole host of old and new attack vectors to lose sleep over.

The Global Managed Security Services market size is projected to grow from USD 22.8 billion in 2021 to USD 43.7 billion by 2026, according to a report published by MarketsandMarkets. But if you’re a traditional cyber security reseller that wants to embrace the as-a-service opportunity, or if you’re an IT managed service provider (MSP) looking to add the extra S for security, what does it take and what are the things to avoid?

Prevent, detect, respond

First and foremost, it’s no good offering half the solution. Businesses are looking for a “one-stop-shop” and with a threat landscape that gets scarier by the day, you need a layered approach to managed services that include prevention, detection and response. And it’s not enough to be reactive, relying on signature-based anti-malware solutions, for example. Zero-day protection should not be negotiable. It’s key to certifying all running processes and preventing any program or even lines of code from executing without having been previously certified.

A complete managed security offering must also include protection for both networks and endpoints along with other services such as Multi-Factor Authentication (MFA) and DNS protection. MFA has traditionally been too costly to implement for SMEs but the cloud has changed that, making it possible to streamline delivery and simplify operations. Users can be added or removed and passwords changed with just a few clicks and without the need for time-consuming and costly site visits. A cloud-based management system can centralise a ton of previously arduous configuration, deployment, and management tasks through a single pane of glass, and help maintain a strong network performance and security posture at scale. And the more offerings you can adopt from a single source, while ensuring that customers get the services they need, the easier it is to keep your total vendor and hassle count down.

20/20 vision

As IT infrastructures grow in size and complexity, granular visibility into activity across them is crucial, to recognise patterns, threats, and security gaps, and to respond before damage occurs. Some SMEs don’t even know what resources are being consumed by whom, where they reside, and how they interact.

The problem is that many network platforms deliver large volumes of data, but with little clarity and ranking. If you’re managing multiple companies with multiple sites, it becomes essential to have a clear insight that provides actionable data to quickly and effectively identify, prioritise, investigate, resolve, and report multiple issues. From a remote network admin standpoint, actionable data is about tracking the top users, destinations, applications, domains, and includes things like the top blocked botnet sites, intrusion preventions, advanced malware attack attempts, and blocked malicious destinations.

With this level of granularity, you can see what’s going on in your customers’ networks and endpoints in real-time, from anywhere. Making sense of all this and actioning the appropriate response requires the MSP to have skilled security professionals. However, advances around AI and machine learning algorithms are increasing threat detection automation, classification of running processes, and prioritisation of alerts.

Flexible pricing and billing

For traditional resellers, the idea of recurring revenues is one of the great attractions as well as one of the biggest barriers to becoming an MSSP. Consumption-based billing is a major shift from customer billing models but should be a win-win for MSSPs and their customers. The best way to avoid complexity is for vendors to offer flexible pricing models, which could include fixed-term contracts paid upfront or monthly, pay-as-you-go setups, or pre-pay points, all with the ability to scale up and down instantly to meet changing requirements.

Another aspect to think about is the human touch. Humans are still the weakest link with most breaches starting with a simple click on a malicious link or document. This means that education remains a critical component of an effectively managed security programme. Without an understanding of how attacks happen and a commitment to behaviours and processes that reduce their likelihood, businesses are left exposed.

Managing IT security can feel like a mountain to climb – that just keeps getting higher. And now, as employees slowly head back to the office, cloud deployment using automation can eliminate many of the on-site headaches involved in setting up and managing customer sites. Having been through the era of Unified Threat Management (UTM) solutions, we’re seeing the emergence of a new Unified Security Platform, that lives in the cloud and gives centralised access to end-to-end security services from the network to the endpoint. It’s these new USPs that will enable and empower a new generation of MSSPs.

Jonathan Whitley is vice president for Northern Europe at WatchGuard Technologies