Compliance Will Become Paramount

MSPs will start focusing more on compliance and governance (CMMC, ISO 27001, ISO 27701, CCPA, etc.) Managed compliance providers (MCPs) will become a thing of reality, it is speculated.

“MCPs will emerge to  enable our customers to ensure their infrastructure is safe, data is secured and privacy is protected.  Supply chain and insurance companies are pushing this downstream and MSPs are in the position to help. We’ve been tasked to complete the insurance questionnaires for insurance qualification, and Infinite IT has lept ahead to become ISO 27001 and ISO 27701 certified in order to minimize the time required to do the work while differentiating ourselves in the marketplace. We are now offering managed compliance as a service to our customers, which is in high demand. We predict that it will be our fastest growing service in 2023.” —Joe Ussia, CEO, Infinite IT Solutions

“In 2023 we will see cybersecurity compliance trickle down the market into smaller organizations — even organizations that are not regulated. Insurance companies are starting to raise the bar relative to the responses they want to see on their cybersecurity assessments.  Antivirus and multifactor authentication (MFA) are no longer enough.  Some insurance carriers now want to see endpoint detection and response (EDR), and security information and event management (SIEM) deployed throughout the organization’s technology infrastructure.  Not having these components in place can result in a 10 times increase in your insurance premiums, or in some cases they will drop you as a client altogether.  This is going to push SMBs to have a more mature security posture within their organization.  In 2023 we will see more SMBs adopt frameworks like the center for internet security, 18 critical security controls (CIS18) to meet these new cyber security requirements.” —Myles Keough, CEO, Spade Technology