By Dr. Darren Williams, BlackFog
Trust is never more important than when times are tough. In a more challenging economic environment organizations need partners they can rely on to provide genuine strategic guidance to make the best use of their budgets and resources. The best MSPs are poised to prioritize the long-term success of their customers rather than quick transactional sales.
This is especially true regarding cybersecurity as the volume and cost of attacks continue to climb. MSPs and MSSPs provide a lifeline for companies struggling to keep their heads above the fast-moving currents of the cyber threat landscape.
Being prepared to deal with the fallout of a major security incident is a central part of the MSP role, but genuinely savvy partners should also be helping to keep their clients ahead of the curve and anticipating how to protect them from emerging threats. This means steering them toward the best strategies and solutions that will protect them in a fast-changing threat landscape.
Helping CISOs Break Out Of A Vicious Circle
A survey conducted by BlackFog with businesses in the U.S. and the U.K. delved into the biggest pain points for security leaders and found the most stressful issues tend to stem from a lack of time. CISOs are entrusted to keep the company safe from cyber threats and facilitate ‘business as usual’.
But they also need to fulfill the role of strategic leaders and innovators, continually improving the company’s security capabilities. This has become increasingly important in recent years as firms undertake large digital transformation projects such as cloud migration. CISOs must deliver evolving security strategies that can accommodate the increased risk exposure that comes with this digital expansion.
Yet we found many security heads and their teams are too caught up in the daily minutiae of managing security, leaving little time for planning and proactive action. This lack of time is generally exacerbated by inefficient processes and technology that create a burden of manual work. Without the time to properly investigate new solutions and establish new strategies, CISOs struggle to move away from this creating a vicious circle.
Partners can help to break this chain. Simply providing access to more skilled and experienced security professionals such as SOC teams is part of the solution. Most directly, MSPs can provide immediate support when a crisis rears its head. But they also can share knowledge and help to upskill their customers’ in-house teams.
Beyond this, they can provide a valuable external view of the company’s risk profile and security priorities, as well as the extra capacity needed to investigate and implement tools and processes that will fit the organization’s needs.
Creating A More Efficient Security Stack
By introducing more efficient, automated tools, CISOs can break free of the daily grind and spend more time building their knowledge and skills to keep ahead of incoming threats.
One of the first challenges is reducing bloated security stacks. We found enterprises have an average of 20 different security tools, with some having more than 50. This is often the result of more tactical decision making or bringing in new solutions to attempt to meet compliance needs.
While the tools might tick the right boxes, a lack of time and resources for training and system integration means much of the investment is wasted. Many tools will be poorly integrated, leading to blind spots, or else there may be redundancies as tools needlessly overlap the same functions.
Channel partners can help to identify where the stack can be optimized, either by cutting out redundant tools or bringing in other solutions and platforms that can facilitate better integration and automation.
Helping To Explore More Innovative Solutions
Along with helping CISOs optimize their stacks with best-of-breed solutions, channel partners also can help security leaders break out of their comfort zone and explore new approaches. This is important in a fast-changing threat landscape; opting for a solution because it’s well-known or from a long-established brand, is not always the safest bet when it comes to security. Threat actors are continually innovating their approaches and security teams need to do the same if they are to keep up.
Again, the channel has an important role to play here. Even if they did find the time to properly investigate new and innovative technology, we found security heads also often struggled with getting backing from the board. Many will naturally wish to stick to tried and tested approaches, especially when it comes to complex security technology outside of their field of expertise.
Partners can help security leaders to present solutions with the right proof points and verification to convince skeptical board members that it won’t be a risk. Independent validation from other early adopters is especially valuable, particularly if they’re in the same industry. References, case studies, and contacts for board members to directly reach out, to are all important assets in proving the worth of a new technology.
Reducing The Stress Of Security Leaders
CISOs and other security leads are under immense pressure today. When the worst happens and a major breach occurs, the buck stops with them. We found that roughly three-fifths of CISOs have been fired or resigned due to a significant security incident.
With this weight on their backs, CISOs need all the help they can get. MSPs that can step up to serve as trusted allies rather than simply salespeople will go a long way in lifting the burden.
MSPs naturally help by providing resources and solutions to meet the biggest security challenges that their clients simply can’t fulfill in-house. But those that can go beyond this, adding value with a more visionary approach and an eye to the future, have a powerful opportunity to work as true partners and trusted advisors on a longer-term basis.
About The Author
Dr. Darren Williams is the CEO and Founder of BlackFog.