Here’s some sobering, contrarian news for manage security services providers: a newly released study suggests CIO have cut back on the outsourcing of IT security. Market research firm Ovum this week reported that 18 percent of the more than 500 CIOs it surveyed outsource IT security, compared with 22 percent when Ovum queried IT managers in 2007. What’s more, only 7 percent said they were planning to outsource IT security within the next two years. Here are more details.
“There has been a reduction in outsourcing of the three central pillars that broadly related to IT management -- namely security, IT systems management and content management,” noted Rhonda Ascierto, senior analyst at Ovum. “Of these, security is leading the way.”
Ascierto said the drop in security outsourcing activity isn’t necessarily an indictment of service providers in the space. And in MSPmentor's opinion, smaller businesses continue to outsource more and more IT services -- particularly managed security and managed storage.
Back at Ovum, Ascierto added: “This doesn't translate into poor performance of outsourcers in this area -- it’s quite feasible that a number of CIOs chose to cease outsourcing security during the downturn as a way to gain more control and flexibility over their IT operations at a time when their businesses faced considerable change and uncertainty.”
That said, individual MSSPs (managed security service providers) seem to be holding their own. FishNet Security, an IT security solutions provider, earlier this month reported a 47 percent increase in first quarter revenue compared with last year. The company cited the creation of “additional consulting and managed services offerings” as a factor behind its sales momentum.
FishNet Security said its customers included retail operations with Payment Card Industry Data Security Standard compliance issues and healthcare providers with Heath Insurance Portability and Accountability Act concerns.
Alert Logic, which offers cloud-based security and compliance solutions, also reported Q1 revenue growth: a 33 percent increase over the year-earlier period. The company cited revenue growth across a range of industries including energy, technology, healthcare and retail.
Reality CheckHow to reconcile? While the overall sentiment among customers may be towards keeping things in-house, there are always niches looking for external providers. Small business lacking in-house IT security pros provide one example. Customers may also call on experts to tackle particular compliance challenges such as PCI DSS.
But even MSSPs who are doing well at the moment may have to work all the harder in the coming months to justify their role and remind customers of the value they provide.