By Matthew Rhodes, regional director for MSSPs, Logpoint
Managed Security Service Providers (MSSPs) find themselves faced with significant challenges post-pandemic. The mass shift to remote and hybrid working, rising data volumes, a growing cybersecurity skills gap and an increasingly hostile attack environment are creating a spike in demand for their services. MSSPs also have to navigate data aggregation, disparate toolsets, case management and custom client reporting on an unfathomable scale, and providers need to find effective ways to overcome these hurdles to deliver an optimal customer experience and stand out from the crowd. So how do MSSPs offer a seamless customer experience to become a vendor of choice?
Most importantly, they must recognise where the market is headed. By positioning as a first mover in terms of innovation, they can stay one step ahead of the competition and then provide a premium customer service. The way services are consumed is changing as the market is moving away from hosting technology on the customer’s behalf toward a SaaS model. So the MSSP needs to diversify from traditional security services and hardware, and innovate in order to rapidly scale. Moving to a SaaS-based service model can also unlock several benefits like ease of deployment by enabling services to be rolled out in days not weeks. And bringing all critical SOC-based platforms into a single architecture will serve to remove a lot of complexity, time, effort and investment.
Once cognisant of this shift, the MSSP should work to align its own offering through optimisation strategies, achievable by streamlining internal processes and deploying technologies to do the heavy lifting.
There are two critical goals here. First, the MSSP should explore cost management to enable more effective use of resources. This focus needs to be centred around enhancing efficiency and reducing complexity to bolster productivity and make company headcounts go further.
Second, any changes should also seek to enhance revenue opportunities. Here, the MSSP should consider how to either reach more customers with the same services or innovate their offerings to obtain a larger share of each customer’s wallet.
To achieve these goals simultaneously, MSSPs should initially focus on reducing and rationalising the technology stack. Up until this point, the differentiator has been to have a diverse portfolio, which has culminated in a technology stack of point solutions simply too large to manage effectively.
From stack fatigue to increased costs in training new starters in using tens of different tools, this can lead to many adverse effects. So firms need to optimise their toolsets. Streamlining in this way will allow firms to use their staff’s skillsets more productively.
Moving beyond SOC and SIEM into SOAR
MSSPs should look to continue innovating and actively step out of their comfort zones, embracing automation to deal with tedious tasks. For many, this will entail going beyond the traditional SOC and SIEM and venturing into cloud-native solutions such as Security Orchestration Automation and Response (SOAR). Here, demand is spiking, with reports predicting the market will reach $3.19 billion by 2028 thanks to a compound annual growth rate of 15.58%.
Armed with SOAR, an MSSP will obtain the ability to enrich SOC data using automated playbooks, enabling tier 1 analysts to carry out value-add tasks such as threat hunting.
By striking the right balance between people and technology, MSSPs have the opportunity to reduce burnout and staff turnover. Alert fatigue is diminished, reducing the pressures on analysts to carry out laborious tasks, making them more productive while unlocking economies at scale and enhancing outcomes.
For the customer, the benefits are also clear. Playbooks can be used to coordinate across technologies, ensuring that security teams and external users alike achieve centralised data visibility, providing greater insight and peace of mind for those anxious about outsourcing.
By innovating and futureproofing in these ways, MSSPs will be well placed to emerge from the pandemic as more agile operators capable of differentiating, scaling and upselling to their existing customer base, all while protecting their own business from a worsening skills crisis.