Enterprise Customers Turning in Droves to Managed Security Service Providers (MSSPs)
Big customers frustrated with the complexity and difficulty of securing their enterprise technology systems are turning to Managed Security Service Providers (MSSPs) in increasing numbers, a new study reveals.
The study of 101 customers with more than 500 employees, “Rethink Your Security Strategy,” was completed on behalf of Masergy Communications by Forrester in May. Results were made public this week during a webinar. The companies polled represent organizations from a variety of industries including financial services, manufacturing, technology and retail.
While half of survey respondents said they already engage an MSSP in some fashion, 28 percent said they are planning on doing so in the next 12 months. For comparison, two-thirds of those with ties to an MSSP say they have been engaged with an outside provider for less than 18 months. Thirty percent, meanwhile, say they have been engaged for only 6-12 months while 8 percent have been working with an MSSPs less than six months.
The numbers suggest a significant jump in demand for security services in the last two years. The reasons, of course, are obvious. More than one-third of survey participants, for instance, identified “improving [the] security of customer-facing services and applications” as a “critical priority.” Nearly 40 percent said “addressing existing threats and vulnerabilities” was also a critical priority. What is more, more than half of survey participants said the evolving nature of internal and external threats and the complexity of cyber security was a current challenge they face every day.
When it comes to what customers are turning to MSSPs for, the numbers are pretty clear: 57 percent are using an MSSP to provide 24×7 IT systems monitoring, 45 percent to provide threat detection and intelligence, and 41 percent to provide technology assessment and analysis.
“What we see is a little bit of an interesting gap between why an organization was planning on adopting an MSSP and the primary benefits or reasons that they are actually using one today,” said Forrester Principal Analyst Jeff Pollard during the webinar on Wednesday. Organizations not currently partnering with an MSSP, he said, were more interested in satisfying a capacity issue. In contrast, organizations currently using an MSSP are more likely to value analysis and optimization capabilities.
When asked about the benefits of engaging an outside MSSP, 57 percent of those who work with MSSPs said they gain a “better understanding of what to do next” in case of a threat. Fifty percent said working with an MSSP made their decisions “more accurate,” while 41 percent felt their MSSP helped them “respond faster” in the case of an event.
Furthermore, nearly 80 percent of MSSP customers said they were better able to comply with regulations and requirements while 72 percent said they felt their MSSP relationship helped them “improve differentiation in the market.”
“Seven out of 10 [customers] are improving customer experience and enhancing relationships,” the report also concluded.
While largely positive news for MSSPs, Pollard said MSSPs should note that customers want greater flexibility and agility than before. Customers want greater options and scalability and will increasingly look to avoid vendor or platform “lock in” as the threat landscape and security environment evolve.