Managed Security Services Looking Better by the Day

With endless reports of security breaches and the fact that security is top of mind for businesses of all sizes, it’s no surprise that a recent SolarWinds MSP report – “The Path to MSSP” – found that the managed security market is in for big change in the coming year. That’s good news for managed service providers (MSPs), but better news for managed security service providers (MSSPs).

How big?

The lion’s share of survey respondents, or 80 percent of businesses in the U.S. and U.K, said they’ll change how they deal with their IT security. That figure includes those companies switching from their current service provider or those switching from using internal resources to outsourcing, as well as companies turning to an MSP for security for the first time.

“Every day brings news of a new security hole that needs to be patched, a massive data breach, or a new strain of ransomware that businesses need to watch out for,” said Tim Brown, vice president, security architecture for SolarWinds. “Understandably, this creates nervousness among enterprises and SMEs, and greater scrutiny of the IT security measures in place.”

Looking at the report numbers more in depth, the report researches found:

• Sixty percent of respondents manage their own security in-house, but 82 percent of those plan to outsource over the next 12 months because the current form of management is too expensive.
• Twenty-four percent of businesses are moving security functions externally because they need to improve IT security performance.
• Ten percent currently outsource IT security management and plan to bring it back in-house.
• Nine percent of companies will switch IT security management providers because they’re not happy with the service provided.
• Eight percent of companies that outsource IT security will look for a lower-cost provider.

Report researchers view almost all of these categories as opportunities for IT service providers, or more specifically, MSSPs.

“IT service providers need to remember that more opportunity inherently means more competition. Providers need to be able to prove their knowledge, capabilities and available resources to take full advantage,” Brown said.

A whopping 70 percent of survey respondents said that they’d look more favorably on an MSSP than MSP for outsourced security management. That’s a good reason for MSPs to consider building out a more specialized security practice. But what’s in a title?

According to the report, true MSSP status depends on delivering a conclusive portfolio of security services in a reliable, expert and organized manner. SolarWinds MSP groups these into four categories of security services — infrastructure; identity and access management (IAM); data security; and risk and vulnerability management. Each is offered in line with the following pillars of security services delivery — knowledge, organizational ability, technology, tools and resources.

The “Path to MSSP” report involved 400 SMEs and enterprises in the U.S. and U.K., and specifically explored the opportunity for MSPs in security, and what it means to be a managed security service provider (MSSP). Sappio Research conducted the survey on behalf of SolarWinds MSP.