The report “Security in the IT Channel” employed a survey of 400 executives to explore how the changing threat landscape is impacting the business of managed service providers.

Aldrin Brown, Editor-in-Chief

April 19, 2016

3 Min Read
CompTIA Talent Shortage Hampers MSP Cybersecurity Offerings
Channel companies are responding to a changing cybersecurity landscape that has prompted a shift in IT security practices.

A shortage of information security analysts for enterprise cybersecurity is forcing most channel companies to partner with other firms or train existing employees in order to gain access to those skills.

That was among the findings in “Security in the IT Channel,” a report released today by CompTIA, the Computing Information Technology Industry Association, based on a survey of 400 channel executives.

The changing cybersecurity landscape is causing businesses to become more proactive, and security analysts use data from networks, applications and devices to determine typical – or baseline – behavior, then compare those models to spot anomalies and anticipate threats.

“Cloud computing has created cloud architects, big data has created data scientists, and security also has its own new role that illustrates the shifting landscape,” the report states.

Job postings for information security analysts soared 175 percent from 2012 to 2015, going from 39,920 to 109,819, according to the study.

About 46 percent of small- and medium-sized channel companies reported minor to major gaps in the security skills they need to serve customers, while large firms (50 or more employees) reported a skills gap of 38 percent.

About 58 percent of those firms said they want to bring in more knowledge of current security technologies and threats, while 47 percent want more skills in dealing with end users. Roughly 46 percent are seeking more expertise in regulatory matters.

The scarcity of available talent spans numerous cybersecurity jobs, from the analysts to more traditional skills, like firewall configuration.

As a result, just 42 percent of channel companies made recent hires to narrow the gap, while 57 percent secured partnerships with other channel firms. Nearly 7 in 10 companies (68 percent) trained existing employees in the new skills.

“As with several rapidly growing areas in technology, security is a field where companies are starting to run into a supply and demand problem with qualified workers,” the report states. “Especially with accelerating interest in protecting digital assets and reputation, businesses are searching for the skills they need across the broad range of security topics.”

The report cites Gartner research showing that overall enterprise security spending is projected to hit $100.3 billion in 2019, up from $75.4 billion last year.

A changing cybersecurity landscape has prompted a shift in IT security practices.

Concepts like perimeter security have largely vanished in favor of new approaches that include Data Loss Prevention (DLP), Identity Access Management (IAM), and Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS).

Managed service providers are responding to the need for increasingly complex cybersecurity defenses with a wide range of offerings.

“With comprehensive security moving beyond simple product installation and turning into an ongoing process, the channel firms stepping into this space are typically either managed service providers with a primary focus on security or companies that adopt security as their sole line of business and label themselves managed security service providers,” the researchers wrote.

But given the talent shortage and growing complexity and variety of the security services in demand, evidence suggests some MSPs could have difficulty delivering all of the offerings they’re promising.

“A modern security approach does require a broad mix of products and services, and channel firms should be sure that they can support this mix beyond simply stating that items are available for purchase,” the report states.

Researchers also suggested service providers emphasize their own security offerings and reduce reliance on selling security-related technology products, which are often marketed on the strength of vendor brand reputations.


Send tips and news to [email protected].

Read more about:


About the Author(s)

Aldrin Brown

Editor-in-Chief, Penton

Veteran journalist Aldrin Brown comes to Penton Technology from Empire Digital Strategies, a business-to-business consulting firm that he founded that provides e-commerce, content and social media solutions to businesses, nonprofits and other organizations seeking to create or grow their digital presence.

Previously, Brown served as the Desert Bureau Chief for City News Service in Southern California and Regional Editor for Patch, AOL's network of local news sites. At Patch, he managed a staff of journalists and more than 30 hyper-local and business news and information websites throughout California. In addition to his work in technology and business, Brown was the city editor for The Sun, a daily newspaper based in San Bernardino, CA; the college sports editor at The Tennessean, Nashville, TN; and an investigative reporter at the Orange County Register, Santa Ana, CA.


Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like