Why MSPs Must Evolve To Provide Real Cybersecurity
By Joshua Skeens, Cerdant, a Logically Company
Managed Service Providers (MSPs) have traditionally been the jack of all trades that many businesses need to keep operations running smoothly. Many businesses originally would engage an MSP to assist with support for desktops, servers, printers, networking, etc. The MSP in many cases became the sole IT person(s) for the business or was viewed as an extension of the current IT team. As IT, in general, has changed, so has the role of the MSP. MSPs are now helping businesses move to the cloud and or manage mobile devices for their employees. The traditional MSP looks much different today than it did even 10 years ago. Now MSPs find themselves in the crosshairs of facing constant questions from their clients about what type of cybersecurity they are providing. In light of this, MSPs must continue to evolve and expand into the cybersecurity space or face the potential of being left behind.
The issue that many MSPs face is that cybersecurity is not something that many traditional MSPs have provided in the past, outside of possibly installing a legacy, antivirus solution on client devices. Keeping up with client demand and hiring talented cybersecurity practitioners can be a daunting task for MSPs as the space continues to be highly competitive. So how do MSPs continue to evolve and find a way to add cybersecurity to their current offerings?
- If You Build It
If you are not getting asked about your current cybersecurity offerings yet, it is only a matter of time. The best time to start building that cybersecurity offering and practice is now. One option MSPs have is to invest in talent and create their own cybersecurity division. There will be an initial up-front investment to do this but the return on investment will be high once you start displaying your cybersecurity expertise back to your customers. In fact, 85% of companies plan to increase their cybersecurity budgets by up to 50% in 2022.
An approach that will pay dividends for an MSP is to make the cybersecurity practice separate from the normal day-to-day MSP offerings. This allows those employees to remain focused on the tasks at hand and become an expert in the areas that you need them to be. By doing this you can provide a better offering to your clients and peace of mind that you have a true, cybersecurity practice. Many MSPs today will have the same person who installs your printer, be the “security” person and that rarely ends well for the customer.
- Find A Partner
Are you ready to start offering cybersecurity solutions to your clients today and don’t want to wait to build a team? There are several great companies out there today that will allow you to resell their services and even label them as your own. The margin won’t be the same as if you provided the services yourself but, this option allows you to get off and running immediately toward building out your cybersecurity practice. This method allows you to focus on what your core business is from an operational perspective and leverage other vendors/partners to help service your clients under one umbrella.
- Jump Right In
Depending on the size of your current MSP and the long-term vision that you have for the growth of the organization, another option that you have to expand your service offerings into cybersecurity is through the acquisition of an MSSP (Managed Security Service Provider). MSSPs are traditionally very focused on servicing your same clients but only with cybersecurity offerings. They will have tight offerings around many of these and more –
- Endpoint Detection & Response - EDR
- Email Security
- Multi-Factor Authentication – MFA
- Firewall Management
- Patch Management
- Security Information & Event Management – SIEM
- Risk Assessments
- PenTest
- Vulnerability Scans
- Security Awareness Training & Phishing Tests
Building out a cybersecurity practice via acquisition is a much larger endeavor but it probably holds the largest upside as well. Through acquisition not only are you bringing on a business that can service your current customers in a manner that you couldn’t before you are now strategically acquiring an entire customer base to resell your services into; this is a win, win for you. The acquisition strategy is a very hot topic and trend right now with a record 286 transactions for $77.5 billion in aggregate disclosed value in 2021.
Businesses must continually evolve or face the potential that we might get left behind. MSPs need to continue to do what they have historically done which is change with the times and expand offerings. Cybersecurity will continue to be a hot-button topic for businesses for the foreseeable future, so it’s important to make sure that you are prepared to press the right button at the right time for your clients.
About The Author
By Joshua Skeens, Chief Operating Officer, Cerdant, a Logically Company