ESET: Security Resellers, MSPs Not Earning CIOs’ Trust

Security resellers and MSPs certainly have their work cut out for them in terms of earning IT decision makers’ trust, and therefore maintaining their business.

That’s according to new research by ESET, which asked more than 100 IT decision makers about their future plans around cybersecurity and their views toward their security partners.

Trust is the most important factor for CIOs when choosing IT partners to work with, but trust appears to be falling short, with only one-half of CIOs saying they trust their existing security reseller quite a lot or a great deal, while less than one-quarter said the same about providers they don’t currently work with.

David Mole, ESET‘s U.K. channel director, tells us the lack of trust could be due to a lack of communication and transparency.

ESET’s David Mole

“Keeping CIOs up to date on how active and proactive the reseller is being when it comes to quality assurance is an important component of keeping trust,” he said. “With cybersecurity, a breach is often not about if, but when. So it is an imperative that the reseller demonstrates how they are constantly reevaluating their security provision. This is where trust comes clearly into the equation.”

CIOs are subcontracting critical services to protect their businesses from increasing cyberthreats, Mole said. Businesses have increasing legal responsibility, and checks and balances to protect their customer data, with the very real possibility of extreme financial penalties if they don’t, he said.

According to research by FireEye, the vast majority of organizations plan to increase their cybersecurity budgets this year, with nearly 40% of U.S. organizations surveyed expecting budget increases of 10% or more.

CIOs rate trust in their channel partner as more important than having a high level of technical and engineering expertise, and cost, while their provider’s knowledge of new technologies is rated as significantly less important in influencing end-users’ choice of security supplier, according to ESET. Right at the bottom of the pile in terms of importance, however, are regular contact from account managers, a painless renewals process and peer recommendation.

When asked whom they trust most for guidance in selecting IT security products, potential new providers of IT products and services ranked as the least trusted source of guidance at an average of just 2.5. CIOs, however, are most likely to turn to peers at other organizations in a relevant sector ahead of any other source. Peers are placed way ahead of current VAR or MSP partners and security vendors.

Meanwhile, government entities are less trusted than one might expect, and there is further evidence of the lack of faith IT professionals have in their colleagues as the average level of trust placed in employees’ ability to follow IT security best practice is rated at just 2.86.

“I think the research throws up that there is certainly work to be done to bridge the trust gap,” Mole said. “It is also probable that many MSPs are working hard in the background but not communicating their good work. A good place to start can be as simple as customer satisfaction surveys that shed light on any trust gap and will go some way to helping the MSP understand what changes they need to make to bridge that trust gap.”

Channel partners need to demonstrate experience and understanding of the unique challenges faced by end users, emphasize the value that they can add, ensure that they are focused on adding real value for the long term and deliver on their promises, he said.