Sergey Nivens - Fotolia

Cybersecurity services: MSPs look to expand portfolios

MSPs are pushing beyond traditional services such as patch and firewall management as they look to stand out from other companies offering managed IT security services.

When Matt Tirman considers the depth, breadth and frequency of cyberattacks and the challenges managed service providers confront as they strive to provide cybersecurity services to their customers, there's one word he doesn't like uttered within his earshot. 

"This is not the space to hear the word 'commoditized,'" said Tirman, CEO of Redhawk Network Security, an MSP based in Bend, Ore., that specializes in network security management for clients in the financial, healthcare, government, utilities and Indian gaming industries.

As MSPs face 2016 with the prospect of greater cybersecurity threats, Tirman weighed in on the desire of many MSPs to expand their services from offering commoditized managed firewall or patch management services to providing a greater variety of offerings such as identity and access management (IAM), multifactor authentication and single sign-on technology as well as consulting services to clients.

Matt Tirman, CEO, Redhawk Network Security Matt Tirman

All indications are that as the security market changes, MSPs are focusing on new go-to-market strategies. Redhawk is no exception. Tirman said his company is moving away from reselling products in favor of providing professional services such as security assessment, risk and compliance assessments, and remediation.

"We wrap our services with a proprietary technology portal that allows clients access to our risk assessment and compliance tools," Tirman said. "From a troubleshooting standpoint, clients have access to our engineering project team as well."

For Redhawk, offering more IT security services is one way to continue its competitive strategy in a changing market.

"MSPs that evolve, add value and truly partner with their clients are the MSPs that will grow and do very well," Tirman said.

Managed IT security: Services poised for growth

Kaseya Ltd.'s recently published MSP Global Pricing Survey, which polled owners and operators from nearly 400 MSPs, reflects the narrative that security services are ready for explosive growth. The study found that over a quarter of all respondents identified "heightened security risk" as the number one IT problem or service MSPs expect their clients to face in 2016. 

Customers' security needs present MSPs with a variety of opportunities, especially if they provide more security offerings to customers willing to spend more to protect their data.

The report from Kaseya also revealed that there is room for growth in specific cybersecurity services, noting that while almost 90% of respondents offer patching and updates, 72% of MSPs offer desktop security, 64% offer audits and discovery, and 34% provide IAM.

Oliver Pinson-Roxburgh, EMEA systems engineering manager, Trustwave HoldingsOliver Pinson-Roxburgh

There are other areas MSPs can assist their customers with. At Trustwave Holdings, an information security company and MSP with headquarters in Chicago, Oliver Pinson-Roxburgh, systems engineering manager, EMEA, said organizations are still trying to do rudimentary security tasks well. Log management provides one example.

"Often we see customers mismanaging their logs. Either they are not logging the correct information, they don't have context around the log data or the people they have in-house have no idea how to use the solution they have purchased," Pinson-Roxburgh said.

Phishing is another issue. 

"We are seeing a trend continuing around social engineering and many pure cloud email providers without built-in security fail to block the attacks, so many of these attacks lead to the installation of malware and, more specifically, ransomware," Pinson-Roxburgh said. "We have seen an increased amount of spam with JavaScript techniques to compromise the target machine."

With so many security challenges, MSPs are obliged to find a whole host of cybersecurity services.

Very few MSPs offer true cybersecurity services.
Gary Mullenchief sales and marketing officer, Vijilan Security

"Security is multifaceted; it's not a one solution type of issue," said Miguel Lopez, senior vice president at Kaseya, a provider of cloud-based IT management software used by MSPs. "People go to websites, open up emails, and bring smartphones and tablets onto the network. You get intrusion from so many different areas that we know that antivirus and antimalware alone [don't] cut it."

As MSPs think ahead, they'll remember that 2015 had its fair share of high-profile data breaches. Who can forget that as many as 330,000 taxpayer records were compromised at the IRS? The hacking of 22 million personal records at the Office of Personal Management and the theft of the personal information of 80 million individuals when computer systems were hacked at Anthem Inc., a health insurance company, are events that weighed heavily on the minds of customers and raise the stakes for managed IT security services providers. 

Miguel Lopez, senior vice president, Kaseya Ltd.Miguel Lopez

Helped by media coverage of these and other security breaches, MSPs don't have to impress upon their customers the severity of not investing in security software and services, but they do have to look for the most effective approach to show customers that their security offerings can lower a customer's security risk at an acceptable price point.

In this environment, Gary Mullen, chief sales and marketing officer, at Vijilan Security LLC, said MSPs must select partners that can help them provide security solutions that address the market's needs. 

"Very few MSPs offer true cybersecurity services. They may offer firewall management, but that is far from understanding, detecting and remediating cyberthreats," Mullen said. "At small and medium size businesses, customers are increasingly asking their MSP and service provider partners to take security off of their plate. 24/7 security services are a must when considering how to beef up the existing portfolio."

Vijilan is a company based in Fort Lauderdale, Fla., that provides managed IT security services used by MSPs to deliver security monitoring, detection and response services. According to Mullen, one option for MSPs is to build a 24/7 security operations center, but that's a challenge for small and midsize MSPs.  

"The truth is, the creation of such a service delivery mechanism is beyond the capability of all but the largest MSP organizations today," Mullen said.

However, customers are demanding a 24-hours-a-day, seven-days-a-week security offering, which means MSPs should consider outsourcing. Mullen said such a model removes the need for capital outlay and 24/7 resources; gives MSPs access to years of intelligence built into the service; and allows them to immediately address the market, achieving revenue quickly. 

Gary Mullen, chief sales and marketing officer, Vijilan Security LLCGary Mullen

As MSPs deepen their partnerships with vendors, Lopez said it's important that an MSP's IT security team is trained not only on what the technology does, but on how the technology fits into the bigger security picture.

"You want someone, especially in the security realm, to understand the vendor's security products, but also understand the fundamentals around what the vendor is trying to do," Lopez said. "A lot of people just get training on the product, for example, and don't really understand what they are trying to deliver."

Expanding cybersecurity services offerings

At EiQ Networks, a company that provides hybrid software as a service (SaaS) security offerings, Kim Ann King, vice president of marketing, said MSPs are looking to provide the best value to their customers and are evaluating tools and services that help them with:

  • 24/7/365 security monitoring.
  • Incident notification and remediation guidance.
  • Proactive security controls assessment.
  • Compliance controls assessment and reporting.
  • The ability to analyze; prioritize; and track vulnerability remediation based on risk and impact, in order to reduce customers' attack surface.

To expand its offering to its MSP channel partners, EiQ is looking at partnering with other vendors who offer complementary security technology.

Kim Ann King, vice president of marketing, EiQ NetworksKim Ann King

"We see a huge market opportunity in bundling other services from brands known for best-of-breed technology, such as Qualys." King said.

She noted that EiQ recently partnered with Qualys Inc., a provider of cloud-based security and compliance offerings. Under the agreement, EiQ will integrate Qualys' Vulnerability Management into its hybrid SaaS SOCVue security offering for midmarket organizations.

Tirman, whose company recently signed on as an EiQ channel partner, said he's looking at forging other alliances in the channel.

"We are looking for relationships with larger MSPs and larger security providers," Tirman said. "It's a symbiotic relationship in terms of: We may have the PCI qualified security assessor on staff to work a job, but they may not. We might have the right mix of talent to staff a job, and when it comes down to business, it might be more profitable for them to sub out the job to us."

As Tirman thinks about his company's next moves, the one thing he thinks is a forgone conclusion is that MSPs like RedHawk are going to have to keep adding to their skills, their vendor alliances and their technology if they want to compete in the years ahead.

"MSPs that want to do patch management and do what they've been doing for the past 10 years, they will die off, or they'll lose market share," Tirman said. "The great part about being in an industry like this is it's a great meritocracy."

Next Steps

Read about growth in the managed security services provider market

Learn more about the MSPAlliance's MSP/Cloud Verify certification initiative

Find out why MSPs face increasing demands to provide security services

Dig Deeper on Managed network security services