Matthew Rhodes, Regional Director, MSSP and Consulting Partners
Managed Security Service Providers (MSSPs) find themselves faced with significant challenges post-pandemic. The mass shift to remote and hybrid working, rising data volumes, and a growing cybersecurity skills gap coupled with an increasingly hostile attack environment are all creating a spike in demand for their services.
In addition, MSSPs must also navigate data aggregation, disparate toolsets, and case management, plus custom client reporting on an unfathomable scale. Providers need to find effective ways to overcome these hurdles to deliver an optimal customer experience and stand out from the crowd. So how do MSSPs offer a seamless customer experience to become a vendor of choice?
The market is shifting
Firstly, and most importantly, MSSPs must recognize where the market is headed. By positioning as a first mover in terms of innovation, they can stay one step ahead of the competition and then provide premium customer service. The more the market moves away from hosting technology (on Prem) to SaaS models, the more service consumption evolves.
The MSSP then needs to diversify from traditional security services and hardware and innovate in order to rapidly scale. Moving to a SaaS-based service model can also unlock several benefits like ease of deployment by enabling services to be rolled out in days not weeks. And bringing all critical SOC-based platforms into a single architecture will serve to remove a lot of complexity, time, effort and investment.
Streamlining is key
Once cognizant of this shift, the MSSP should work to align its own offering through optimization strategies, achieved by streamlining internal processes and deploying technologies to do the heavy lifting.
There are two critical goals here. First, the MSSP should explore cost management to enable more effective use of resources. This focus needs to be centered around enhancing efficiency and reducing complexity, subsequently bolstering productivity and ensuring company headcounts go further. Secondly, any changes should also seek to enhance revenue opportunities. Here, the MSSP should consider how to either reach more customers with the same services or innovate their offerings to obtain a larger share of each customer’s wallet.
Reducing costs and optimizing efficiency.
To achieve these goals simultaneously, MSSPs should initially focus on reducing and rationalizing the technology stack. Up until this point, the differentiator has been to have a diverse portfolio, which has culminated in a technology stack of point solutions simply too large to manage effectively.
From stack fatigue to increased costs when training new starters to use multiple different tools, this leads to many adverse effects. In essence, it’s paramount that businesses and organizations optimize their toolsets. Streamlining in this way aides efficiency and facilitates productivity.
In a Ponemon Institute report, organizations average more than 45 different security tools, while those using more than 50 solutions ranked themselves 8% lower in their ability to detect attacks.
Add that to the 53% of SOC leaders who admit they don’t know how well their cyber tools are working, the 80% of software features that are rarely or never used, the 38% of IT teams who say they don’t know how to operationalise their tools – and the raft of studies that show teams are adding tools faster than they can use them.
Moving beyond SOC and SIEM into SOAR
MSSPs should look to continue innovating and actively step out of their comfort zones, embracing automation to deal with tedious tasks. For many, this will entail going beyond the traditional SOC and SIEM repertoire and venturing into cloud-native solutions such as Security Orchestration Automation and Response (SOAR).
Here, demand is spiking, with reports predicting the market will reach $3.19 billion by 2028 thanks to a compound annual growth rate of 15.58%.
Armed with SOAR, an MSSP will obtain the ability to enrich SOC data using automated playbooks, enabling tier 1 analysts to carry out value-add tasks such as threat hunting. By striking the right balance between people and technology, MSSPs have the opportunity to reduce burnout and staff turnover, this then in-turn diminishes alert fatigue and reduces the pressures on analysts to carry out laborious tasks, making them more productive while unlocking economies at scale and enhancing outcomes.
What’s in it for the customer? The benefits are exponential. Playbooks can be used to coordinate across technologies, ensuring that security teams and external users alike achieve centralized data visibility, providing greater insight and peace of mind for those anxious about outsourcing. By innovating and futureproofing in these ways, MSSPs will be best placed to function as more agile operators capable of differentiating, scaling and upselling to their existing customer base, all while protecting their own business from a worsening skills crisis.