The cybersecurity skills shortage has been a problem for years. Unfortunately, research shows that it’s worsening at a time when security threats are becoming more serious and complex.
According to cybersecurity nonprofit ISC2, the cybersecurity workforce gap was roughly 4.8 million in 2024, up 19% from 2023. Similarly, Boston Consulting Group (BCG) found that there’s a 28% vacancy rate for cybersecurity positions. Every day, concerns are growing about AI-driven cybersecurity and data security threats.
That said, the security skills gap is both a challenge and an opportunity for MSPs. On the one hand, they are uniquely positioned to provide security services for organizations that struggle to guard against evolving threats. On the other hand, they face the same skills shortages and budgetary pressures as their customers.
Here are some ways MSPs can address cyber and data security needs in a comprehensive, cost-efficient way. This can set them up for future success.
Growing Threats, Growing Demand: How to Guard Against Emerging Threat Vectors
According to BCG, the overall size of the cybersecurity market is roughly $200 billion per year. In addition, about 90% of that revenue will be generated by channel organizations, Canalys reported.
There are multiple drivers behind this growth in the AI era, including:
- Rising AI-driven Ransomware and Malware: AI-enhanced ransomware and malware is a new, high-stakes threat in the age of AI. AI-enhanced attacks are smarter, more sophisticated, and harder to prevent. According to one study, 87% of organizations experienced an AI-driven cyberattack in the last year.
- New AI-driven Phishing and Social Engineering Attacks: AI lets threat actors easily create more sophisticated social engineering and phishing attacks with fewer resources. In fact, one in five people click on AI-generated phishing emails, cybersecurity firm SoSafe reported. This shows that the risk is already significant.
- Accidental Data Exposures with AI: When information is incorrectly shared, migrated, or classified, LLMs and enterprise AI tools can easily overshare information without malicious intent. For example, the AvePoint 2024 AI and Information Management Report found that 45% of organizations experienced an unwanted data exposure event during AI adoption.
Scott Sacket
All of this takes place against the backdrop of a rapidly worsening security skills crisis. It exacerbates the risks of today’s security challenges.
The growing demand for cybersecurity solutions offers channel organizations a significant opportunity to expand. However, they still must address key challenges — like the cybersecurity skills shortage — to succeed.
Solve Security Challenges with Tech, Not Just People
Due to the skills shortage, MSPs can’t simply hire their way to improved security-centric revenue streams. So, technology steps in to fill the gap.
With new security workflow automation, MSPs can mitigate skills shortage impacts by maximizing their existing security staff and offerings in the following ways:
- Templatize to Eliminate Manual Work and Boost Returns: Do not rely on staff to manually update customer security settings, permissions, and other configurations across different customer environments. Instead, use new products and templates to automate this work by establishing a baseline that can be repeatedly applied by a technician. This eliminates time-intensive manual maintenance work and enables a single technician to onboard multiple customers at once.
- Easily Solve Drift with New, High-ROI Technology: New technology on the market automatically identifies “drift.” This allows technicians to resolve unsynchronized security issues with a few clicks of a mouse. This could otherwise take hours of manual labor to resolve. It’s an easy way to eliminate tedious technical work and achieve higher ROI. It’s expensive — and in many cases impossible — to hire teams of specialized technicians. Businesses can conserve man hours by using technology to configure and align security permissions across tenant environments.
Close the Gap, Enable Success
As cybersecurity and data security threats evolve, customers need solutions now. MSPs must step up to meet that need. Often, new tech can help them deliver much-needed support without hiring skilled labor that doesn’t yet exist.
True, the security skills gap won’t be solved overnight, but it’s possible to mitigate the effects with the right technology.
Scott Sacket is senior vice president of partner strategy at AvePoint.
Featured image: DALL-E
