The security landscape continues to become more and more challenging as the complexity and number of attacks grow. In fact, according to recent research, network attacks surged more than 20% in Q1 of 2021 alone. As organizations struggle with the sheer volume of security technologies and vendor selection, finding the right solution for the right problem can seem overwhelming. In some form or fashion, complexity seems to be the primary problem when working to obtain security efficacy. When that’s combined with the systemic shortage of security personnel, it’s somewhat of a perfect storm.
However, those very same market dynamics are also driving the need and hyper-growth of managed security service providers (MSSPs). Over the past two years, channel pros have recognized these opportunities and have been working to evolve toward managed security services models. And it’s easy to understand why: The rewards are high from a security efficacy and efficiency perspective, but also financially.
The shift from a managed service provider (MSP) to an MSSP can involve some potential pitfalls, however. Here are five tips to help you avoid them.
1. If you go big, you might go home. Be extremely judicious and prescriptive about what managed security services you plan to deliver. The variety of “security needs” is quite frankly mindboggling and it’s easy to get lost in that scope. Focus on an intentionally discrete set of managed security services out of the gate that your current customer base can benefit from. In addition, take a hard look into cash flow management and sales commission adjustments to best meet the needs of the business. Taking a slow approach will help you learn what you don’t know, apply that knowledge, and ensure a more successful offering to your clients.
2. Know the value. Security outcome sits at the intersection of people, process, and technology. Those three vectors need to be completely understood to convey value. Is your value in the choice of technologies? How they work together? The people using those technologies? How your team executes those services? It might be a combination of those, and other answers, but defining that clearly up front is critical. One advantage of partnering with an established MSSP, for instance, is the exposure they have to a variety of customers and situations, which can help them drive best practices (and work within the appropriate legal and privacy frameworks).
3. Security efficacy is not enough.While great security is clearly a must-have, you must deliver your services in a materially better cost-effective manner than competitors (or a customer’s own security department). Operational efficiency is at the crux of this business model. MSSPs need a better service at a better price point, all while still managing profitability. The journey is full of sinkholes that can sidetrack customers and redirect revenue. Areas to focus on are flexibility to buy, ease of management, and a single vendor to support your customer base. Look for vendors that understand revenue shifts cannot happen overnight when transitioning to the new model. For example, are they willing to help you buy products and services monthly without signing a lease or a contract? Similarly, reducing your vendor stack improves efficiency and efficacy in managing platforms for your customers.