What the rise of managed security services means for vendors

by Mark Sinclair, ANZ Country Manager, WatchGuard Technologies

Historically, death and taxes were cited as the only things certain in life. As the twenty-first century unfolds, it’s arguable a third item should be added to the list: cyber-security threats.

In today’s hyper-connected world, they’re becoming ever more frequent. Recent research revealed an extraordinary 4.5 billion data records were compromised globally during the first six months of 2018, courtesy of 945 data breaches.

Australian organisations and individuals are far from immune. Rather, our country is a hotbed for hackers: one study placed us fifth on the list globally for data breaches during the same period.

Incidents which hit the headlines in 2018 included a malware attack on human resources platform PageUp which resulted in the compromise of thousands of individuals’ records and an attack on the Australian National University by Chinese hackers. The early months of 2019 saw Bunnings and the federal Department of Parliamentary Services experience significant security breaches.

The relentless rise in threat levels has been a catalyst for extraordinary growth in the managed security services market. Rather than attempting to mount defences from inhouse, a growing number of enterprises are choosing to outsource their network security service requirements to these often better equipped third parties.

Frost and Sullivan’s Australia and New Zealand Managed Security Services Market Forecast to 2021 identifies a number of factors which are collectively driving demand. They include a shortage of cyber-security professionals with strong expertise (Aust Cyber predicts Australia will need around 11,000 additional cyber-security professionals over the next decade to meet rising demand for high tech protection), the evolution of more advanced threats and the introduction of stringent compliance regimes in Australia and abroad.

The agility and flexibility offered by the cloud-based model and its facility to shift security spending from the capital expenditure to the operational expenditure budget can enhance the attractiveness of an outsourced solution.

New opportunities

The outsourcing trend represents a boon for valued added service providers seeking to expand their repertoires. These organisations are becoming important customers for security solutions and vendors must adjust their offerings and value propositions accordingly.

Here are some trends security vendors should be aware of, in order to compete effectively in this evolving market.

Automation matters

Traditionally, managed security providers (MSPs) were responsible for monitoring and logging incidents on client sites while inhouse service desk personnel and security staff handled the response and remediation detail. This is changing, as businesses increasingly seek to outsource their security detail entire and MSPs turn to tools and technologies which can make the task simpler and their efforts more effective. Security solutions which incorporate automated incident response capabilities, machine learning, artificial intelligence and community threat intelligence have a clear edge over those which require a higher level of manual intervention.

Marrying managed IT and security

Businesses looking to outsource their IT security function are typically seeking simplicity and surety. Maintaining relationships with a string of niche service providers is rarely compatible with this aim and MSPs which can offer one-stop-shop service hold considerable appeal. So, in turn, do security vendors whose products can be tightly integrated with other third party solutions to create a packaged and efficient managed services portfolio which can address the gamut of customer needs.

Complementary new services

As the MSP market continues to evolve, providers are on the lookout for new ways to expand their offerings and deliver additional value to customers. As a result, we’re seeing the emergence of a host of new security solutions and services. They include conducting investigations and cyber-security scoring and rating. Cyber-security insurance and risk assessment are also becoming big business, as companies twig to the financial risks associated with data breaches and cyber-attacks and look for ways to mitigate them.

Meanwhile, the rapidly growing appetite for cloud computing across the corporate sphere is prompting MSPs to offer customers as-a-service security solutions. Security applications which support this model are likely to enjoy increasing favour with this important new market.

The new normal: an MSP-driven cyber-security market

Budgetary constraints and the ongoing cyber-security skills shortage mean demand for managed security services is unlikely to abate any time soon. Vendors and channel partners which are prepared to evolve their own product and service offerings to accommodate this new normal will be well positioned to capitalise on what’s becoming an important revenue stream.