Cybersecurity managed by MSPs the better option?

• Organizations are looking to managed service providers to help them – especially with managed cybersecurity.
  
• AI will have a transformative impact on MSPs, given the increasing volume and complexity of data, especially in cybersecurity.
• Unfortunately MSPs, much like the businesses they serve, are also experiencing skills shortages.

Managed service providers (MSPs) play an important role in helping organizations achieve their digital ambitions. Be it in their cloud adoption, managing their data, or even handling their managed cybersecurity, there are MSPs able to assist organizations of all sizes with tasks of all kinds.

While SMEs would find MSPs the best option when managing their digital journey, large enterprises are also known to rely on MSPs, especially in handling tech components that they don’t have the workforce or technical expertise to handle.

Tech companies have also realized the potential of MSPs. As such, most tech companies offer managed services too, such as managed cybersecurity. Some offer them through their MSP partners, while others have actually formed subsidiaries to reach out to businesses around the world.

Today, there are more than 150,000 MSP companies globally, according to the MSP Alliance. So how can businesses choose the right MSP to help them with their digitalization and other business needs?

For example, in cybersecurity, there are MSPs that offer not just managed cybersecurity for an organization, but its backup as well. Some, in addition, even manage a company’s cloud security.

To understand more about how MSPs have been impacting cybersecurity in Southeast Asia, Tech Wire Asia spoke to Scott Barlow, vice president of Global MSP and Cloud Alliances at Sophos. Barlow not only discussed the opportunities for MSPs in the region, but also the future of the industry and how AI can play a role in helping deliver managed cybersecurity.

TWA: How are MSPs in Southeast Asia transforming themselves to capture market opportunities and deal with the channel threat landscape?

MSPs in Southeast Asia are looking for ways to improve their profitability, so when we built the Sophos MSP program, we focused on three core areas: the first is to enable our partners and MSPs to increase their revenue; the second is to lower their cost; and the third is to improve their operational efficiency.

The Sophos MSP program allows our partners to deploy licenses on a monthly subscription where billing is purely consumption-based – no commitments, no minimums, and no set-up fees. So if there’s a fluctuation in the customer’s consumption, the billings will also fluctuate. This flexibility not only allows MSPs to better manage their finances and keep their operational costs minimal, but also gives them the confidence to sell more products and services, gain more customers, and consequently improve their profitability and business outcomes.

To deal with the increasing sophistication of channel threats, more MSPs are embracing managed detection response (MDR), which provides a 24×7 active threat-hunting service with 500 analysts and threat intelligence experts around the world focusing on providing security to MSPs and their customers. With MDR doing the cybersecurity heavy lifting, MSPs can streamline their operations by increasing the utilization of their technical staff to focus on other areas of the business.

TWA: What’s driving MSP growth in the region, especially with businesses taking a more cautious approach to their tech spending?

MSPs in the region are experiencing a significant shift, influenced by economic and security factors. Businesses are taking a more cautious approach, particularly in their fixed expenditures. This provides opportunities for MSPs to offer subscription-based, pay-for-only-what-you-use billing models. The adoption of a monthly or recurring revenue model by many MSPs helps drive profitability

For example, Smarter Computer, one of our MSP partners in Malaysia, shared that even customers in rural areas are being targeted by ransomware. Notably, SMBs are not too small to be targeted by cybercriminals, but are often too small to get media attention when they’re compromised. The threat landscape is driving MSP growth, and so is the move to services. Traditional resellers are increasingly looking to transition to services – not only to provide better services to their customers but also to offer solutions that customers can’t bear to operate without.

TWA: There have been cybersecurity incidents involving MSPs in the past. How can MSPs ensure businesses that their service is secured and safe? Should businesses also consider additional security measures?

MSPs are increasingly targeted by hackers and other bad actors because they essentially hold many ‘keys’ to multiple business environments. The best practice for any MSP is to champion and utilize the tools they are selling, such as managed detection and response.

The security of an MSP’s environment is as important as the security of the customer’s environment – if not even more so, because they have the keys to the customer’s environment. So we want to make sure that MSPs are protected first; and on their part, they should also be proactively implementing best practices, including continuously implementing health checks, both for their own and their customers’ environments.

It’s crucial for businesses to implement additional security measures. Our recent State of Ransomware study found that around 36% of security incidents resulted from vulnerabilities, suggesting potential lapses in system patching by either the MSPs or their customers. Other threats arise from compromised credentials and malicious emails or downloads.

Thus, emphasizing foundational security strategies — such as robust email security, endpoint protection with XDR and MDR, and comprehensive user security awareness training — is indispensable. Especially with AI becoming more prevalent, phishing attacks will become more sophisticated. Hence, equipping the end-user, the last line of defense, with the knowledge to identify bad intent such as malicious emails, websites, URLs, etc becomes even more important.

TWA: How important a role do MSPs play when it comes to driving the next phase of cybersecurity?

MSPs will play a critical role in helping drive the next phase of cybersecurity evolution. Particularly for small and mid-sized enterprises (SMEs) with limited resources or no dedicated IT departments, MSPs become their key support for robust, managed cybersecurity protection.

These providers are not only tasked with safeguarding the digital environments of a diverse range of customers – from SMEs to mid-market enterprises and MNCs – but will also drive the integration and adoption of next-generation cybersecurity products and services into a centralized console. This comprehensive approach is not limited to just conventional endpoints, network, or email security, but will extend to newer areas like mobile and remote security.

Also, in today’s hybrid workspace, mobile security and device encryption solutions have emerged as crucial to safeguarding remote workers. MSPs are entrusted to ensure the comprehensive security of their customers’ environments, adapting to the ever-evolving challenges posed by a dynamic cyber landscape.

TWA: How are MSPs helping businesses deal with the skills shortage in cybersecurity? Are MSPs also experiencing a skills shortage?

Yes, MSPs, much like the businesses they serve, are also experiencing skills shortages. The current pipeline for talented security analysts is alarmingly small, a fact supported by statistics from organizations like CompTIA. This is where MDR comes in as a game changer.

I’m often asked about whether MSPs should become managed security service providers (MSSPs). While they prioritize security, it’s crucial to distinguish between an MSSP and an MSP that sells security. MSPs looking to add more security offerings to their stack should consider MDR as an optimal choice. It lets them concentrate on their business’ core functions, rather than diverting resources to complex tasks like active threat hunting, which demands specialized expertise.

The value proposition of MDR, both for MSPs and their end customers, is significantly high, especially when measured against its cost. Rather than venturing into the complex and resource-intensive process of establishing an internal security operations center, the strategic integration of MDR becomes the smart and cost-effective choice.

TWA: How will AI benefit MSPs, especially with more processes being automated for companies?

AI will have a transformative impact on MSPs, given the increasing volume and complexity of data. In an environment saturated with alerts, discerning critical threats from the mundane can be overwhelming. AI lets security providers manage “alert fatigue.”

Using AI, we can streamline the process of sifting through an astounding 31 to 32 billion alerts daily. AI can quickly identify a singular active threat that requires attention. MDR, powered by AI, help identify which among the millions of alerts warrants immediate response, ensuring that genuine threats don’t get lost in the shuffle.

The application of AI extends beyond threat detection. For MSPs, AI presents avenues for strategic growth and enhanced customer service. Tools powered by AI can help MSPs in customer acquisition. Looking at the DNA of their existing customer base lets them identify potential new leads.

Additionally, the burgeoning realm of AI-driven support, such as chatbots, offers MSPs the opportunity to enhance customer interactions. AI doesn’t just bolster an MSP’s security, it also reshapes its operational and customer experience and engagement strategy.

TWA: Lastly, what does the future look like for MSPs in Southeast Asia?

I’m excited about the future of MSPs in Southeast Asia. At our end, we have a dedicated team of security experts to help partners improve and expand their service offerings. MSPs in the region are strongly driven to deliver more value to customers through a comprehensive services model. A key aspect of this evolution is having a fully integrated cybersecurity services offering, which is fast becoming a differentiator and a blueprint for business success.

As MSPs pivot to this model, their offerings span from remote monitoring of customer environments to ensuring their software and hardware are patched and up to date. This ensures that their customers are secured in every aspect – encompassing not only the networks, endpoints, and the cloud, but also extending to all digital touchpoints and data assets – basically everything with which a customer interacts. That ensured managed cybersecurity at all the points along the line.

The operational model is also experiencing a shift, with MSPs offering fully integrated cybersecurity services on a monthly subscription basis, largely facilitated through cloud services, ensuring heightened operational efficiency.

Diving deeper into operational optimization, what I mean by ‘utilization’ is the customer-to-employee ratio. As shared by Lee Eng Hai, CEO of Smarter Computer Sdn Bhd, a Malaysia-based MSP with 20 employees catering to 150 customers, they average serving seven customers per employee.

Yet, we’ve seen examples where this ratio is significantly higher, at around 50 customers per employee. So, by focusing on improving the “utilization” metric, say increasing the ratio from seven to 10 customers per employee, MSPs can significantly enhance their profitability without incurring additional costs.

This involves balancing the intake of more clients, hence increased revenue, without proportionately increasing the workforce. Monitoring and optimizing this ratio can be a pivotal strategy for MSPs, providing them with a tangible metric to assess and improve future profitability and success.

---

---

---

---