A new wave of diversification is emerging, as resellers evolve into managed service providers, and particularly so in the cyber security industry.
The South African reseller channel has long been a playground for ambitious entrepreneurs. And while there are daily news reports of how many businesses have struggled to survive the past two years due to the pandemic, on the ground, I’m noticing a groundswell of new energy.
Technology has shown its worth over the past two years, with remote work demanding momentum for cloud, and data breaches and hackers ensuring more focus on cyber security.
The missing ingredient was budget – and to some extent COVID was a convenient excuse. More than one of us has borne the brunt of delayed purchasing decisions, longer sales cycles and errant decision-makers over the past two years.
As we emerge and start rebuilding, we can see that technology alone will only bring us to the point where we should have been in 2022, without the pandemic.
What’s emerging is a new wave of diversification. We’re seeing resellers evolving into managed service providers, and particularly so in the cyber security industry. Managed security service providers (MSSPs) are taking full advantage of the market by collaborating closely with technology vendors to provide almost-instant services which would not have been possible before.
With the cloud in their pockets and a market ripe for security, they’re looking for turnkey solutions that will meet squeezed margins from their customers and help them find growth again – maybe even grow quickly enough to be noticed and acquired.
Existing MSPs and MSSPs are looking for technologies that allow them to break the chains of stagnant margins.
And don’t be fooled, it’s not only the smaller players. Larger IT service providers, systems integrators and established IT firms need to reinvent their offerings. Overheads are forever crushing the bottom line and shareholders are more and more demanding of aggressive margin growth.
It’s stated the MSSP market will grow from $30.6 billion annually in 2020 to $46.4 billion in 2025. That’s exciting growth – and we are certainly seeing it starting to play out in the US. Now it’s whether it will come to our shores quickly enough.
One US example is a reseller that recently took on security services, but in a way that meant the least risk for it. The reseller didn’t have the resources to invest, or the dedicated staffing it takes to set up a security operations centre. Instead it built its managed security service offerings by relying on the vendor to provide specific solutions and help it on the journey.
Building services from managing firewalls, e-mail security, endpoint security, security assessments, through to wireless network security, compliance and extended detection and response, it flourished and was soon up to 550 customers.
The story doesn’t end there. As its considerable success built it very attractive margins, and a scalable model, it was soon noticed – and acquired by a managed service provider (MSP) in Northeast USA with wide-ranging services, particularly based on the value served in cyber security.
It is interesting to note the secret sauce was a white-labelled, end-to-end cyber security platform which delivered SOC-as-a-service and appealed across industry – something the acquiring MSP had yet to build or offer.
There’s a common theme emerging in this story. SMEs are looking for cost-effective ways of protecting themselves without costing the earth. Small to medium enterprises desperately need cyber defenses that are easy to install, manage and afford.
Existing MSPs and MSSPs are looking for technologies that allow them to break the chains of stagnant margins and allow margin growth again.
The perfect match is starting to happen between channel partners taking up services and offering them as easy conversions, while reaping better margins from their technology vendors. At the same time, they are saving their customers time and money, and providing real returns on investment in a short space of time.
Many businesses lack the resources and in-house expertise to adequately defend their network infrastructure against the myriad of threats in our cyber world.
ADT, for example, launched its ADT-IQ service based on an aiMSSP solution. An aiMSSP model provides SOC-as-a-service using artificial intelligence for much of the grunt work, saving time filtering logs and data. Through this white-labelled service, the platform lets ADT deliver affordable services to clients.
This example makes me wonder whether anyone could turn into an MSSP overnight – essentially insourcing the skills and resources from a larger vendor, white-labelling expertise and services, and finding an accelerated opportunity to market. It’s a no-name brand model, which has worked well in other industries for years.
There’s an added advantage that as the MSSP grows its customer base under this model, it grows its cyber security skills and expertise – something definitely in short supply on the continent.
I can’t see a downside – if the vendor is solid and provides a good safety net, providing strong skills transfer and reinvesting the spoils into further research and development, surely this collaborative approach will help bolster growth?
This article was first published in ITWeb: Channelling success: New growth in MSSP market | ITWeb
Mark van Vuuren is product director at Corr-Serve. With more than 28 years in the IT industry, his experience spans software development, software quality assurance and cyber security for international and local organisations providing solutions to the public and private sectors. More recently, Van Vuuren has focused on helping organisations mature their security posture from development through to operations. He holds a BCom in Economics and Financial Accounting.