According to the U.S. National Cyber Security Alliance, 60 percent of small businesses shut down within six months of a data breach. So the stakes are incredibly high for small and medium-size businesses (SMBs) with limited security resources and expertise. While cyberattacks continue to dominate the news, these midmarket companies are looking to their trusted VARs and MSPs for help in bolstering their security posture.
As the threat landscape continues to evolve and change at a rapid pace, it’s important to pause and take inventory of key themes and trends. What are the top security issues for customers? What services and functionality matter most for your business? What threats should you be prepared to tackle in the next six to 12 months? What customer questions should you be prepared to answer in 2018 and beyond?
To shed some light on several top security trends and considerations in 2018, we recently surveyed more than 400 partners providing security services to SMB customers. Here’s what we found:
Ransomware is still the top security threat for channel customers, by a large margin.
Nearly 63 percent of partners believe ransomware is the top security concern for their customers in 2018, while phishing and spear phishing attacks came in a distant second. Although the security industry has seen cryptominers grow in prevalence in recent months, it’s evident that the devastating effects of ransomware are still a clear and present danger for channel companies and their customers. This isn’t surprising; after all, ransomware attacks have ravaged entire industries like healthcare, while cryptominers are just now beginning to gain steam. VARs and MSPs should be ready to field questions about ransomware from their customers and ensure their portfolios include everything from network and endpoint protection to multifactor authentication services.
Keeping customers educated can be a major challenge.
According to about half of VARs and MSPs, educating customers about new threats and defenses is their greatest challenge. As is often true in the security industry, managing people seems to be more difficult than managing technology.
We can learn two lessons from this finding. One, MSPs and VARs need to develop and/or take advantage of strategies and processes that focus specifically on proactive customer engagement and education. Two, when selecting vendors to work with, solution providers should consider how much educational and training support will be available. Ideally, all partners and vendors should be working together to educate customers on the latest security threats and best practices.
For profitability, monitoring and reporting capabilities are almost as important as automation.
A whopping 36 percent of service providers said that monitoring and reporting tools have the greatest impact on their bottom line, while 39 percent said that automated threat detection and response tools have the greatest impact. Security automation is certainly top of mind for MSPs, but reporting and monitoring features are a very close second in terms of business benefits. I expect we will see growth in both areas as more channel organizations make the transition to providing managed services to meet the needs of customers that aren’t capable or interested in overseeing security in-house.