The number of channel partners delivering cybersecurity managed services is growing rapidly, often leveraging third parties to provide managed detection and response services to help customers stay more secure. The number of partners offering cybersecurity services is increasing and this is increasing the threat to customers, writes Canalys Analyst Robin Ody.
Canalys estimates that managed detection and response (MDR) services will grow 50% in 2024 to be worth US$9 billion. This is partly due to the increasing availability of third-party security operations center services, either from managed security services providers (MSSPs) or IT cybersecurity vendors. There are also external factors pushing customers to adopt more cybersecurity services, such as government regulation, supply chain compliance requirements and cyber-insurance demands.
But partners that offer cybersecurity managed services also need to be aware of exactly what they are getting in terms of response and remediation capabilities from their third-party MDR providers. A significant growth in the number of court cases involving channel partners and end customers in cases where cyber-breaches have occurred shows there is a disconnect between MSPs and customers regarding the duties of both parties.
This is why it is so important for channel partners to have one clear method of delivering cybersecurity services to customers, which begins at the assessment or consulting phase and goes through to post-breach forensics. Channel partners are dealing with an immensely complex cyber-landscape. In some cases, the technology and the threats are just the tip of the iceberg. Partners must understand their customers, regulators, insurers, legal firms, ISVs, third-party service providers and a whole raft of other actors in their ecosystems.
As more and more partners offer cybersecurity managed services, it is vital that they are clear on the services they can deliver and which gaps are filled by any third parties, be they helpdesk operators, MSSPs, vendors or others. They must also know how to communicate this reality with their customers, all while maintaining compliance, not just for their customers but also for themselves.
This is why vendors and MSSPs must be much more explicit when outlining the services they offer. If their terms of service cover only monitoring and alerting a partner in case of breach or any cyber-incident, but do not cover proactive response and/or remediation, they must be upfront about this. Too often today, partners are getting caught out and the consequences can be severe.
This will be discussed in the “MSP Reality Check” Expert Hub at the upcoming Canalys Forums 2024, with a panel of vendors and top channel partners.