October 26, 2020
How MSPs Can Address Security Gaps
With the managed IT services market expected to be worth roughly $258 billion by 2022 and more small and medium businesses (SMBs) turning to managed service providers (MSPs) to oversee and manage all of their IT needs, there will be an increased emphasis on hiring MSPs that offer cybersecurity services.
MSPs are meeting that need: Our recent State of the MSP Report found that 75% of MSPs currently have a managed security offering, but are more likely to offer it in partnership with a managed security services provider (MSSP) or another vendor (43%). In this article, we take a look at how MSPs can address gaps in their security offerings and provide peace of mind to their security-conscious clients.
MSPs and Cybersecurity
One of the more commonly cited benefits of outsourcing managed IT services is network security. In addition to helping SMBs stay on top of critical network and technological updates, MSPs can also work proactively with their clients to prevent cyberattacks and network failure due to ransomware. Contracted IT providers can monitor applications, hardware, and various employee endpoints.
Datto’s State of the Channel Ransomware Report noted several key statistics:
- In 2019, 85 percent of MSPs report ransomware as the most common malware threat to small to medium businesses (SMBs).
- One in five SMBs report that they have fallen victim to a ransomware attack. (On average, SMBs who don’t outsource their IT services report facing more ransomware attacks.)
- When it comes to ransomware attacks, MSPs say the cost of downtime is 23 times greater than the ransom amount requested. According to our research, the average ransom demand is $5,900 compared to the average cost of downtime coming in at a staggering $141,000.
How MSPs Can Manage Security Gaps
MSSPs are known for providing managed firewalls, intrusion detection, virtual private network, vulnerability scanning, and antiviral services. They typically offer 24/7 monitored services to clients. However, MSSPs often don’t offer the breadth of services that an MSP does. To adapt to meet SMBs’ security needs, MSPs should:
- Partner with an MSSP: This most economical way to increase cybersecurity offerings without having to invest heavily in tools and staff is to partner with an MSSP to expand offerings.
- Adopt an Improved Alert System: Prevent workflow congestion and delays in responding to critical incidents by investing in and adopting alerting engines and tools.
- Offer VPN: As more businesses are hiring remote workers, there is a need for increased security as employees are connecting to the network from unsecured sites. Setting up a VPN would provide clients with a secure and encrypted connection for all of its traffic.
- Offer Endpoint Protection: With more employees using various devices to access secure networks, the need for endpoint protection is critical. Not only should MSPs consider ways to separate endpoint devices from the main network, but they should also implement an antivirus endpoint protection solution.
- Consider the Big Picture: Over time, it's easy to create a tech stack of cybersecurity tools that not only overlap but also create gaps in coverage. Review your strategy in addition to the tools you use, and look at how you can consolidate and adopt a more holistic approach.
As the prevalence of cyberattacks on SMBs increases, MSPs should consider how to differentiate themselves in an environment where cybersecurity needs are on the rise.
To learn more about how to boost your clients’ cybersecurity approach, take a look at our Cybersecurity Made MSPeasy Toolkit.