It’s no secret that security vendors are very interested in managed service providers these days. The reasons why are no secret either. Global spending on security software, hardware, and services will climb at a 9.4% CAGR through 2023 to $151.2 billion, according to IDC, but managed security spending will rise at an even faster 13.9% over that same span.
“That’s where the money is,” said SonicWall President and CEO Bill Conner to ChannelPro last week at the RSA Conference in San Francisco. “More and more people are consuming services, and I don’t mean installation services. It’s true services.”
As a result, SonicWall is one of many security vendors scrambling to attract MSPs to their products and programs. Malwarebytes, for example, has just rolled out a new partner program with an MSP-specific track. Carbonite and Webroot plan to introduce a combined partner program later this year that will include MSP-friendly requirements and benefits, while Bitdefender unveiled a similar offering last June.
Look more closely at the plans many security vendors are hatching at present, though, and a somewhat newer objective comes into focus: recruiting managed security service providers, or MSSPs.
Definitions of “MSSP” vary, and some observers believe any MSP with a security offering qualifies for the label. But the companies that security vendors increasingly have in their sights are a rarer breed with in-house security operations centers and experienced analysts on staff. Many such firms provide threat monitoring and log analysis services on an outsourced, often white label, basis to multiple MSPs that lack security expertise of their own. Forging alliances with a few dozen of them can be a more efficient way to construct a managed security channel than building thousands of MSP relationships individually.
“Let them be the master MSP,” says Conner of MSSPs, “and let them roll up or serve the MSP.”
That thinking underlies SonicWall’s recent introduction of a unified, cross-product management console specifically for MSSPs, and it has other vendors eyeing the MSSP community as well.
Those include SSL certificate provider Sectigo, which recently introduced a product that combines certificate management with vulnerability scanning, malware detection, and other website-related security services. The company plans to promote the new offering to front-line MSPs via master MSPs.
“We’re building out a team to specifically work with MSSPs,” says Michael Fowler, the vendor’s president of channel partners.
Deep Instinct, a small but fast-growing provider of endpoint and other security solutions powered by “deep learning” technology, is targeting MSSPs too. The company has about 30 alliances with such companies in the U.S. at present, and wants more.
“The MSSP business is kind of a huge growth factor for us right now,” says Greig Patton, Deep Instinct’s chief revenue officer. “I would expect that we add a significant amount of MSSP, master MSP, players over the course of the year.”
Like SonicWall and Sectigo, the company plans to herd MSPs toward its MSSP partners. “What we’ve seen with the pure play MSPs [is] they don’t have enough cyber knowledge,” Patton says. “They’ve got to get under the umbrella of somebody who can handle that level of SOC and cyber capability, so we’re better off getting them paired with the right people that can help them execute.”
