A new report from cybersecurity vendor Barracuda has revealed that managed service providers (MSPs) face mounting pressure from customers who now expect technical mastery, strategic leadership, and continuous proof of value.
The MSP Customer Insight Report 2025, based on an international survey of 2,000 IT and business leaders across EMEA, APAC, and North America, finds that 73% of organisations already outsource cybersecurity to an MSP, with another 23% actively evaluating or considering such a move. In EMEA, this number rises to a striking 93%, underlining the growing demand for outsourced security expertise across the region.
Chief among customer concerns is the problem of security sprawl. Fifty-two percent of organisations surveyed say they turned to an MSP because the number of disparate security tools had become unmanageable, while 92% said they are willing to pay more for help integrating these tools into a coherent, unified platform.
Andrew Cocking, Sales Director, Channels, EMEA at Barracuda, believes this shift reflects deeper strategic expectations: “The findings highlight the important role MSPs play in protecting organisations that are grappling with both evolving cyber threats and expanding IT environments. This has considerable implications for MSPs’ own business models as they are now expected to help customers integrate complex security tools, deliver around-the-clock protection, and evolve their security posture as they scale,” he said.
High expectations, low loyalty
MSPs offering managed SOC and XDR services are increasingly seen as the gold standard, with customers preferring providers who can protect the entire attack surface—from endpoints and cloud services to email and identity.
Despite their growing reliance on MSPs, customers are increasingly selective—and willing to walk away if expectations aren't met. Forty-five percent of EMEA organisations say they would switch MSPs if they cannot see clear evidence of 24/7 support capabilities and security expertise, while 38% would leave if their provider raised prices without offering demonstrable added value.
Only 2% of respondents said they could not imagine switching to another MSP, indicating that loyalty in the security services space is highly conditional.
Crucially, customers also expect their MSPs to embody robust internal cybersecurity practices. Thirty-eight percent said they would consider switching if their MSP wasn’t transparent about its own security posture, while an equal percentage cited the inability to help remediate and recover from a breach as a deal-breaker.
AI and network security
Looking ahead, MSPs should prepare for demand in emerging areas such as artificial intelligence and next-gen networking. Thirty-nine percent of organisations expect to need help implementing AI and machine learning tools within the next two years, while zero-trust architectures and SASE (secure access service edge) solutions are also top-of-mind.
This shift is particularly pronounced among larger firms and breach victims. Organisations that experienced a security incident in the past year are not only more willing to pay extra for simplified security solutions, but also more likely to increase their outsourcing footprint to include functions like cloud security and incident response.
Barracuda’s findings suggest a new playbook is emerging for successful MSPs: integrate disjointed security tools, offer continuous protection, provide strategic guidance, and be transparent about internal security practices. MSPs that can do all of this—while proving their commercial viability and technical depth—stand to win long-term trust.
“MSPs that can be transparent about their own security and expertise and offer technical as well as strategic excellence will be well positioned for the future,” added Barracuda’s Cocking.
