Cybercrime is on the rise, and the number and variety of security threats is continuously expanding. Cybercrime damage could cost as much as $6 trillion annually by 2021, per research from Cybersecurity Ventures.
All businesses, regardless of size, need IT security and data protection to help combat the heightened threat landscape. And yet, according to a recent study by Barracuda MSP and The 2112 Group, only 15 percent of MSPs surveyed said they sell security services, while 62 percent were considering adding security to their services portfolio.Many SMBs are relying on an MSP to provide security against data breaches and other threats, but only 15% of MSPs surveyed here provide security services. This is a dangerous gap in threat protection. Click To Tweet
At the same time, many small to midsize businesses (SMBs) are relying on their MSPs to provide the type of security needed to avoid a data breach because they don’t have the expertise or staffing to handle it themselves.
As many MSPs can attest, even if they don’t yet offer managed security services, there is a perception among their SMB customers that the MSP has everything covered when it comes to security and data protection. The fact is, some SMBs believe that simply by engaging with an MSP, all facets of their IT requirements will be met, yet this isn’t always the case. The gap between SMBs’ expectations and the reality of some MSPs’ services portfolio has resulted in some dangerous security vulnerabilities.'Not only is there a growing demand for security services; many of your customers already assume you have all their security and data protection needs covered.' ~ Neal Bradbury, Barracuda MSPClick To Tweet
There is a clear need for managed security services for these smaller companies as the fear of data breaches increases. Gartner expects worldwide cybersecurity spending to reach $96 billion in 2018, an 8-percent increase over last year.
This highlights the need for MSPs to offer a well-rounded security portfolio. Not only is the demand there; many of your customers already think you’re providing these services.
Clarify Security Responsibilities
As an MSP, what can you do to ensure your customers’ needs and expectations are being met when it comes to security?
To begin with, it’s important to have frequent discussions with your customers about what services are being provided to them and how these services map to the scope of their managed services agreements.
Additionally, MSPs should assess their customers’ requirements regularly to ensure each one is receiving the level of managed security and data protection services needed to keep their data and applications safe from cyberthreats such as ransomware, malware, and phishing.
Security deployments are often driven by fear of a data breach or the experience of already having one. But, when it comes to security services, internal customer dynamics are also a major driver. In our survey, the inability to staff security was the second most frequent purchase trigger for security services (behind fear of a security breach). The fact that security was too complex to handle in-house was the fourth most common purchase trigger.
Move Beyond Simple Security Solutions
To truly succeed in managed security services, MSPs will need to expand their offerings beyond simple services like firewall protection, data loss prevention, backup, and antivirus. Clients are looking for more sophisticated services like incident response, cloud access services, security policy management, and identity management.
Those more advanced services will require a greater degree of investment on the part of the MSP than firewall or back up and data recovery services. For those hoping to transition to a managed security services provider (MSSP), simply buying a suite of security tools isn’t enough. You’ll need the right staff to take charge of the security offerings, establish repeatable processes to ensure you are providing a reliable service to your clients, and a sufficient level of automation for sustainability.
For MSPs that can’t make that investment, there are plenty of opportunities to partner with existing MSSPs or other providers to bundle services. Just make sure that your clients are fully aware of what you are (and aren’t) providing when it comes to security. That conversation can uncover new opportunities with your customers.
Whether an MSP ultimately transitions to an MSSP, builds a separate practice, or partners with another firm to offer managed security services — all are valid paths to achieving the goal of protecting their customers. Companies are already looking to their MSPs for help when it comes to security. If MSPs can expand their services portfolio to meet those needs, everyone benefits.
Download this eBook and find out how to demonstrate the value of email security services to customers.
Neal Bradbury’s journey with Barracuda began in 2003 when he co-founded Intronis. Between 2003 and 2015, Neal served as Vice President of Systems Engineering before moving on to a succession of roles in operations and technical support. In 2015, as Vice President of Channel Development, he was part of the team that led the company to a successful acquisition by Barracuda. Today, Neal services as SVP, Barracuda MSP. Barracuda MSP is focused on enabling IT managed service providers to offer multi-layered security and data protection services to their customers through award-winning products and a purpose-built MSP platform.