Special report: What MSSPs need to be successful
Need of the hour: In a market that is changing faster than the hands of the clock, finding their niche and developing expertise in specific domains is what MSSPs need to build a profitable practice
The rising number of attacks and malicious practices by organised cybercriminal groups as well as state-sponsored attacks has been creating concerns among organisations. This has been recognised by MSSPs as an opportunity that they can capitalise on. Consequently, this market has become very competitive, and MSSPs must work to differentiate their offerings to leverage these opportunities. This starts with increasing awareness amongst businesses on the importance of all-rounded protection but surely doesn’t end there.
Investing in managed security services is definitely more cost-effective in the long run. In fact, working with an MSSP is now considered a security best practice for companies needing better defence against the latest cyber threats. Reason being, MSSPs give companies access to specialised, up-to-date technology, and teams of seasoned security experts who can respond in real-time to an attack, protecting valuable company data and intellectual property.
MSSPs can also help organisations stay ahead using security services that can be delivered from a security operation centre (SOCs) that deliver threat detection, threat intelligence, incident response, analytics and security device management. Such controls employed by MSSPs offer true protection for an organisation to stay ahead of the constant threats facing them.
What bodes well for the MSSPs is that in view of recent high profile security breaches and data losses, companies have started realising that neglecting their security infrastructure might come at a high cost.
Building a profitable business
Tony Bssat, category head of print for the Middle East, KSA and East Africa at HP adds that service quality is the key to success. That said, there are other factors that he emphasises are a must-have for building a successful managed services practice. “Providers need to shift their focus from traditional hardware selling and scale up the basic managed services model to expand the customers’ work environment by leveraging workflow automation, content management and print infrastructure optimisation for more efficient and secure workplaces.”
Agreeing to this sentiment, Shadi Khuffash, regional sales director, carriers and MSSPs at Fortinet adds that Fortinet helps create additional revenue streams, higher profit margins, and differentiation from the competition. “We do this by employing experienced professionals with backgrounds in MSSP operations, product development and training to manage its partner program. We also design our technologies to support multi-tenancy, centralised management, platform flexibility and high-performance networks,” explains Khuffash.
At the same time deploying certified experienced team and measuring the service success by customer feedback, are the key pillars in building a robust yet flexible business model.
Charting the right pricing model
Security requirements differ from company to company and the reality is that administering a modern security infrastructure can be a daunting task for businesses, which may lack the right skillsets or the resources to manage their security. Scaling and making managed security services more affordable for businesses of all sizes is the right move because it facilitates growth and keeps businesses and end-users safe. It is equally important to make sure that the pricing model is both simple, customisable and transparent, with no hidden fees.
Khuffash of Fortinet adds that as IT and security professionals struggle with internal resource shortages, complex technology, worries of data theft, and the increase of mobile devices in the workplace, an MSSP partnership has become an imperative for many organisations.
Adding another dimension to the discussion, KS Parag, managing director of FVC says that on the business front, every customer is looking for security services based on their specific need and pain areas, thus providing the precise level of customised service is the biggest business challenge, as off-the-shelf pre-packaged service may not be applicable to most of the customers.
“The pricing model may vary from pay per vulnerability (PPV), to pay per instance and related models, and while building the consumption model is not easy, it can certainly be developed jointly with partners and customers,” adds Parag.
Having said that, the ever-evolving security landscape continues to add to the complexities of this industry and this will inevitably be reflected in the price. The best route for a provider would be to have a fixed base price and then add the customisation for the customer to pay only for what he needs.
Talent is the solution
Industry experts agree that some of the most sought after skills are information security expertise and consultancy, penetration testing, communication skills, security operations centre management and solution marketing to develop the best managed security services.
But acquiring all the skills in demand does not bring any benefits. What needs to be done is to develop their niche and specialise in particular domains.
KS Parag, managing director of FVC
Agreeing to this sentiment, Parag of FVC adds that channel partners need to choose technologies based on their strengths and offer niche services around the same. “We have seen that partners that select one or two areas and develop their technical skillset are much more ahead of the game than others trying to cover all the domains. Customers are smarter these days and look for solution providers who are focused and best in their respective domains,” Parag explains.
Understanding customer needs and anticipating trends is key to building a successful model for enabling MSSPs to deliver value-added services to end-users. Channel partners being at the forefront, hold the most responsible position to understand and analyse their needs and offer a solution which is in line with their business goals.