Back to top

Security skills deficit creates clear channel opportunity say experts

All MSPs should offer security-centric services.

Urgent cybersecurity concerns and escalating costs are creating a strong demand for managed services. According to Kaseya’s MSP Benchmarking Survey, nearly two thirds of respondents said clients were approaching them to discuss cybersecurity issues.

“A lot of IT support customers don’t have the budget to do cybersecurity properly – that is the harsh reality,” said Mark Riddell, founder and managing director, of growing MSP, M3 Networks, while participating in The Ultimate Cybersecurity Trends Webinar, hosted by IT Europa, last week.

“Smaller customers will quite often have to spend more on cybersecurity than they do on IT. Cybersecurity technicians are more expensive than your usual technicians… There is a skills shortage in this area, so it’s very difficult to hire,” he added.

Gartner’s 2021 Cybersecurity Challenge highlighted two issues facing end user organisations – firstly the rapid shift to digital services, particularly over the last 18 months has created a situation where existing security infrastructure is struggling to keep up with cybersecurity threats and secondly, the demand for cybersecurity skills far outweighs availability.

Although the current situation represents a massive opportunity for the managed service providers, some MSPs may find the investment required to evolve into fully-fledge managed security service providers (MSSPs) prohibitive.

“It requires a huge investment to become an MSSP. All MSPs should be security centric – they don’t have to be MSSPs,” said Matt Solomon, vice president, business development, Kaseya, during the webinar.

“A MSP and a MSSP are essentially two different businesses,” he added.

If developing MSSP services are not a viable option; some MSPs may consider partnering with specialist cybersecurity service providers. This option is “a win, win, win,” said Riddell.

There is still a major opportunity for MSPs to offer a range of solid security-centric services, such as security awareness training. “Having a platform that can provide cybersecurity training, that can scale [and] that doesn’t require a lot of training, or bandwidth from the MSP will help them help their customers,” commented Amelia Paro, channel success manager, ID Agent, during the webinar.

 “That will cover everything from compliance mandates to cybersecurity insurance rights,” she added.

Security awareness training may be basic; however, it is effective. In benchmark phishing email simulations, the average open rate in end user organisations can be as high as 30%. With training this number can be reduced to around 4%.

“It is a significant opportunity for an MSP to be at the forefront of changing the culture of an organisation to be security centric,” said Solomon.

Register and watch the full webinar here: