Solution Providers See Growth Opportunities in Security Services

It is critical for solution providers not only to be current with the services they are offering but also to know where the IT market is going to service their customers for the long term.

Therefore, it's no surprise that while solution providers have been able to keep pace and offer mobile device management solutions, cloud computer environments, virtualization services and other emerging IT needs, they realize there are enormous opportunities for growth with customers concerned about security awareness, according to a recent CompTIA  study and solution providers I have spoken with.

In fact, a study of nearly 300 U.S.-based IT companies revealed that 63 percent expect their revenue from security services to grow during the next 12 months, according to CompTIA’s “Trends in Information Security” report. One in five companies anticipate “significant” growth, the study states.

These security threats can come in all shapes and sizes. Industry experts are predicting that 2015 will be a record year as it relates to IT security breaches, outpacing 2014. Solution providers need to be on the ready.

“Almost all breaches we are seeing publicly or infections we've detected at clients have been through social engineering,” noted Raffi Jamgotchain, president and CEO of Triada Networks. “IT has gotten better at defending the network edge but attackers are using other ways to penetrate rather than trying to break into networks directly.”

Jamgotchain said people are their own worst enemy.

“Humans are the easiest target. Social engineering is defined as any act that influences a person to take an action that may or may not be in their best interest. Within social engineering, the primary vector is unsolicited email or spam. Spam can be as simple as enticing someone to buy something online or may be an attempt to phish or fool the end user from entering credentials, open a fake link or an attachment such as a fake invoice. Unfortunately, spam filters aren't 100 percent effective and a few will sneak through. To round out the social engineering angle, we see fake phone calls from support companies as well coming through as well. Most small businesses are not seeing in person social engineering (i.e. people dressed as maintenance workers) but that does happen in larger firms,” he said.

However, while Jamgotchain’s claims are accurate, CompTIA’s study also suggests that many solution providers aren’t as prepared to handle these emerging security threats. Those that aren’t are missing out on a huge opportunity and will need to evaluate their business model and even structure to adapt.

“Some channel companies will need to change sales structures, retrain staff or bring on new hires,” said Seth Robinson, senior director, Technology Analysis, CompTIA, in a prepared statement. “Others will have to educate themselves on how all the pieces of a complete security solution fit together to provide customers with the best services.”

Approximately 75 percent of IT companies said they have security services as part of the portfolio, with most firms offering security as an integrated part of other solutions, according to CompTIA.

"While network security, business continuity and email security are all foundation pieces of channel companies’ security offerings, compliance management, risk management, cloud security, identity and access management, mobile security and security information and event management could all easily become components in a new security baseline,” Robinson said.

The point is, while you don’t have to be a security specialist to be a solution provider, you do need to have security solutions as part of your services portfolio to some extent. If you don’t, your customers will go elsewhere.

Knock 'em alive!