Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 28 May, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Is There Room For New MSSPs To Enter The Cyber Security Market?

by The Gurus
August 21, 2019
in Featured, Security News
Is There Room For New MSSPs To Enter The Cyber Security Market?
Share on FacebookShare on Twitter

Written by Bernard Parsons, CEO and Co-Founder, Becrypt

While the MSSP model is far from new, and many well established MSSPs with comprehensive offerings exist, there seems to be no shortage of traditional Value-Added Resellers (VARs) still keen to transition to the model. There is still opportunity for these VARs, given the dynamic nature of the cyber security market.

So, when we talk about an MSSP, what exactly do we mean? Here is Gartner’s working definition of an MSSP, namely ‘an organisation that provides outsourced monitoring and management of security devices and systems.’ Being a generic definition, an MSSP offering may be fairly specialised and focus on specific components of a client’s infrastructure. Also, an MSSP need not offer all of the security services that have the potential to be outsourced.

Certain markets have their own unique requirements

Specialisation provides the opportunity for new entrants to identify gaps in the market that are aligned to existing or planned capabilities, but there is also evidence that existing MSSPs are streamlining their current operations, as a competitive and diverse market demands that suppliers demonstrate excellence of depth over breadth.

Gaps in the market continue to emerge given its dynamic nature. The adoption of new technology or business practices can significantly change an organisation’s security monitoring and management requirements. One example is where organisations identify where they can adopt network architectures based on the increasingly popular ‘Zero Trust’, model, reviewing the associated monitoring and management requirements is necessary to deliver the full value of such an approach.

As the capabilities or focus of cyber criminals evolves, so do the demands for new specialisms to detect and defend. Additionally, new market opportunities result from increased awareness of liability within certain sectors subject to new regulation or case law. Specialising within specific market verticals can help with analysing and appropriately acting on relevant trends and threat information.

A growing skills shortage

VARs need confidence that, not only are there gaps to enable market entry, but that the market will continue to grow. Analyst statistics abound that point to the projected continued rapid growth of the MSSP market, but perhaps the most important consideration is that the cyber skills shortage is significant, problematic and growing. A fundamental business driver for the MSSP model is leveraging economies of scale, applying MSSP expertise and resource across environments that are challenged to replicate them internally – a challenge that will be common for some time.

Reviewing the publicised exploits of existing MSSPs can suggest that the expertise required to play in this space is beyond anyone but those with access to the most sophisticated cyber analysts. However, as we are continuously reminded by the UK National Cyber Security Centre (NCSC), the vast majority of cyber incidents nationally result from organisations not getting the basics right. Whilst some organisations need an advanced SOC capability, others just need help with basic configuration and patch management. In reality, there is no clear divide between MSP and MSSP, as security controls become increasingly integrated into software and hardware platforms.

Becrypt – a case in point

Becrypt has first-hand experience of almost falling into an MSSP role, perhaps providing an example of relevance to candidate new market entrants. Becrypt is primarily a security software vendor, with a recent area of focus being the provision of a secure cloud-access platform, called Paradox, which supports end user device strategies focused on cloud and online services. As Paradox includes the security tools required for both protection and monitoring endpoints as integrated functionality, managing the platform means managing security.

As part of a process of launching Paradox and winning early customers, we stood the Paradox management platform up in the cloud (AWS), for customers who would rather have their resources focused on core business activities, as opposed to commodity IT. Having done that for an early adopter, we took on the role of providing ongoing management of the services, again allowing their IT resources to be more meaningfully deployed. As the environment we now manage grows, we have a strategic relationship that has been easier to develop through service-based engagement, which allows us to contribute to how the service offerings are expanded as security requirements evolve.

Having developed this model for market entry, we are now focused on transitioning to a partner model, and are on a journey with partners to explore how best the infrastructure and approach can be reused, potentially allowing new MSSP entrants to leverage an existing cloud infrastructure to minimise time and resource investments whilst shifting to a service-based subscription model.

As each customer is unique, so is each service, requiring careful consideration of service and role definition and delineation, as well as how these drive joint responsibilities and liabilities. A journey that should not be undertaken lightly, but one that is becoming increasingly difficult to ignore within the cyber security market.

FacebookTweetLinkedIn
ShareTweet
Previous Post

Demystifying Data Subject Access Requests.

Next Post

Five Steps To Defending Against And Recovering From A Cyber Attack.

Recent News

SnapDragon Monitoring scam advice

Tips to Protect Against Holiday and Airline Scams

May 25, 2023
Access Segmentation & Encryption Management from MyCena

New security model launched to eliminate 95% of cyber breaches

May 25, 2023
KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

KnowBe4 Helps Organisations Battle QR Code Phishing Attacks With New Tool

May 25, 2023
Purple Logo, capitalised letters: SALT.

Salt Security Uncovers API Security Flaws in Expo Framework, Issues have been Remediated

May 24, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information