SECURITY
How MSSPs can compete against SIs
MSSPs may be threatened by the solutions that systems integrators provide, but there are ways they can still compete as Merlin Gillespie, CTO at Cybanetix, explains.
Competing against a behemoth Systems Integrator (SI) may seem unthinkable to some, but the reality is that, akin to David and Goliath, managed security service providers (MSSPs) can outmanoeuvre their larger competitors. SIs are increasingly encroaching on MSSP turf, with many now offering security solutions and services such as management detection and response via a Security Operations Centre (SOC). What’s more, expectations are that cybersecurity services will be a core revenue generator for them resulting in a in CAGR of 6.8% to 2034, which means they will continue to build out their service offerings. Yet many MSSPs have failed to see the threat and continue to offer a cookie cutter approach. This sees a menu of services offered to clients with little differentiation or tuning over the lifetime of the contract even though this could span years. In an industry where threats can evolve rapidly, adopting such a fixed approach is no longer viable. Most SIs recognise this and will provide the ability to add on or ramp services up or down within the SLA, although such changes come with a hefty price tag. In contrast, MSSPs tend to lock-in their clients to give them recurring revenues and a stable client base but that often means the focus is not on improving the client’s security stature. Continual improvement For businesses that run their own SOC in-house, the focus is on continual
improvement as the organisation seeks to become more cyber mature in its posture. It’s not just about maintaining business operations but ensuring the organisation becomes more resilient and is then capable of fighting of tomorrow’s attacks. If MSSPs seek to emulate this approach, with a focus on continual improvement, without the punitive costing structures associated with the SI’s SLA, they can compete with these giants and prevent the erosion of market share. This can be achieved by implementing a continuous service improvement program that deepens the way in which the MSSP works with its clientele. When an MSSP onboards a new client, for instance, rather than focusing just on technology onboarding and SOC integration, the process should incorporate deployment planning workshops that identify the how best to tailor the service. This is not just about tuning the tooling, but a chance to identity options for advanced playbook automations or ways to extend detection, use case rules and alerting. Proving value Over time, the MSSP will usually seek to analyse the SOC data to identify gaps and weaknesses. But to pursue continuous improvement, such data should also be used to explore potential technical roadmaps and service enhancements that align with the risk profile of the client. If the service is aligned with the customer’s
Merlin Gillespie
cybanetix.com
“
SIs are increasingly encroaching on MSSP turf, with many now offering security solutions and services such as management detection and response via a Security Operations Centre.
”
44
Powered by FlippingBook