Big data. Predictive analytics. Cognitive computing. IoT. These are all examples of opportunities created by next-gen technology, but which took a good bit of time – in some cases, years – for channel partners to really figure out how to monetize and incorporate into their service offerings.
While basic managed security services like remote firewalls, patching and antivirus protection aren’t new to the channel, they’ve historically been included in a typical managed service provider’s (MSP) offerings. Over the last couple of years, however, drastically reduced costs associated with enterprise-grade security offerings combined with a significant uptick in cyberattacks in the SMB space have turned managed security from an add-on into big business.
We sat down with Jason Graf, director of managed security services at MSSP Sword and Shield; Mike LaPeters, VP of global channel sales at security solution provider AlienVault; and Mark Dallmeier, CMO/CSO of IT security consultancy Terra Verde to get their take on the cold, hard financial facts that point to managed security being the Next Big Thing in the channel
Click through the gallery below to see the data and to read our experts’ take on the statistics.
The governance, risk and compliance (GRC) global market will reach $38 billion by 2021.
The growth will be driven mostly by mandated cybersecurity requirements, either from regulatory agencies or customers. Because of the high cost of breaches, financial institutions are beginning to make information security a condition for loans and lines of credit, as well. SMBs that don’t bite the bullet to invest in heightened security solutions now will face a heavy price to pay later.
“A lot of those end customers don’t have seven figures to write a check and light up their own cybersecurity operations center or to recruit, retain, train and develop a niche – or focused – cybersecurity or risk and compliance team. A lot of organizations are looking for third-party companies to build, manage and operate those teams or environments for them off payroll.”
— Mark Dallmeier
The cybersecurity battle is moving from data protection to detection and response.By now it's clear that with enough determination and/or luck, bad actors are going to breach your system one way or another. MSSPs today realize their defenses have to go beyond preventive measures like firewalls and antivirus. Instead, solutions should focus on detection, response, and remediation. Soon, it's likely that many solutions will heavily integrate predictive capabilities to warn of attacks before they happen.
"The big trend now is managed detection and response in 2018. It’s next-gen antivirus that's really getting a much better capability ... One, it’s on the endpoint, which is generally the target. [Two], it's highly focused on behavioral analysis, not just signature-based analysis."
— Jason Graf
— Mark Dallmeier
SMBs are a big target, and the cost of a breach can easily cripple or kill small businesses.
In 2016, more than 60 percent of breach victims were SMBs. Half of SMBs hit with a cyberattack closed up shop within six months of the attack. Small and midsize businesses can no longer afford to pretend their organizations are too insignificant for cybercriminals to bother with. It's likely they'll be hit. When they are, they'd better have the recovery and remediation capabilities to keep it business as usual.
“The conversation has moved from ‘that will never happen to me’ to ‘it happened to my friend or to us already.' They’re telling us they don’t have a clue what they’re doing.”
— Jason Graf