10 Cybersecurity Challenges MSSPs Are Likely to Face
In this fifth installment in our threat protection series, vendors talk obstacles and solutions.
![Cybersecurity challenges Cybersecurity challenges](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blte9674c27f227cb59/65242aadd41e332f6e69b8e7/Cybersecurity-Challenges.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Jon Peppler, vice president of worldwide channels for Bitglass (Bitglass approaches threat prevention from the perspective of secure access service edge. The company uses policy-driven remediation to prevent data leakage or the entrance of malware):
“Moving away from inertia is difficult. Channel partners sell what they have already sold successfully in the past. For example, when workers moved from office to WFH ,a lot of VPN was sold to tighten security. But this is suboptimal as it is not a good user experience since everything routes through hardware back at one location. There are also capacity planning challenges, with customers having purchased hardware that is no longer needed once people start returning to workplaces. Finally, there is no granularity. Instead, it is block-or-allow only, and it opens the network to a lot of risk as everything is reachable.”
One solution:
“Understand VPN versus zero-trust network access, and whether the ZTNA has access to a single application, or whether it allows for granularity, CASB and data loss protection.”
David Nuti, head of channel and alliances for North America at Open Systems (Open Systems offers managed detection and response as well as SASE. Thus, its threat protection resides on endpoints, alongside remote users and sites, and on clouds and cloud applications):
“Cybersecurity is complex. Protection from threats requires several security technologies working in unison. Channel partners may not have the breadth and depth of technologies needed to protect a business. In addition to technologies, channel partners need experience maintaining threat protection services and the infrastructure to provide 24×7 expert support to augment the customer’s security team. Partners also need to provide visibility into the solution, and the ability to develop new services and automate more processes when required.”
One solution:
“Become knowledgeable enough to speak with your customers about their threat protection plans and concerns so that you can search for solutions.”
Kurt Mueffelmann, global chief operating officer and U.S. president at Nucleus Cyber (this vendor focuses on insider threats by evaluating data and user attributes to authorize access to content and what users can do with it):
“Many big technology vendors have a ‘one size fits all’ approach. They offer a lot of features but do not necessarily go deep enough to offer the level of protection needed, especially when it comes to securing sensitive data such as IP, financials, and regulated personal and health care information. The biggest challenge will be educating customers about when and why a third-party solution may be needed to close security gaps, when they have heavily invested in a solution that they believe does everything out of the box.”
One solution:
“Eliminate single points of failure. Putting all your customers’ security eggs in one basket to monitor and police security creates a significant weakness. Don’t put your trust in a single piece of software. … Multiple tools give you the broadest picture of issues and offer the most effective protection.”
Tina Gravel, senior vice president of channels and alliances for Appgate (the vendor treats threat protection from the premise that everyone and everything on the network poses a threat and cannot be trusted until it has been verified):
“The marketplace is exceptionally noisy right now and many vendors are using the same language to describe their solutions. This is especially true when it comes to the domain of zero trust. Many vendors have jumped on the bandwagon, though few actually have the technology and proven expertise in place to deliver these types of solutions. Consequently, customers will be relying more heavily on their channel partners to help them separate the players from the posers. Because we are still living in a time of extreme uncertainty, channel partners should focus on marketing and selling solutions that can provide short-term, high impact results. Channel partners will also be challenged by the fact that clients are looking to consolidate their technology stack and will be reluctant to add more complexity.”
One solution:
“I think taking responsibility for your own personal research and education around these topics is the only way to truly understand the market and how it has evolved. By doing that, a partner can really distinguish themselves in a crowded market.”
Marcus Conroy, vice president of sales VMRay (VMRay provides automated malware analysis and detection platforms to protect applications and data):
“While most customers will be keen to improve their security posture, channel partners will face many familiar challenges when selling threat protection to new and existing customers. Most notably, of course, will be requisitioning of budget during this time of great uncertainty, as well as a general reluctance to add new and unfamiliar tools to their technology stack and the concern that new technologies might introduce unnecessary complexity to their operations or user’s experience.”
One solution:
“Educate your sales team to communicate the benefits of threat protection in both financial and operational terms (i.e., the cost of not having adequate controls in place).”
Bill Dantz, director of channels at Clumio (Clumio offers data protection for public and private clouds, and SaaS):
“As partners educate their customers on next-generation data protection, the challenges they will encounter will be getting customers to move away from traditional data protection solutions to cloud-native solutions that take advantage of what the cloud has to offer.”
One solution:
“Continue being the trusted adviser. Customers are transforming their businesses and leveraging public cloud as the foundation. The public cloud offers a plethora of services. These services are oftentimes confusing. Customers are learning about these offerings and trying to figure out how to leverage them in the most cost-effective way. Better educating yourself on these offerings will carry the trusted relationship with customers into the cloud as well.”
Faraz Siraj, vice president of channel sales at Code42 (Code42 addresses insider risks and threats from a positive-intent perspective):
“The biggest challenge will be overcoming the comparison to conventional data loss protection solutions, which ultimately comes down to educating customers. There’s always hesitation when adopting a new solution. … Once the benefits of less-obtrusive and more accurate monitoring are evident, customers will be much more easily convinced to reconsider, and change, their security solutions.”
One solution:
“Get to know the product. It sounds simple, but I can’t stress it enough. The best way to get customers on board is to know the ins and outs of the product. Test it as a standalone solution, integrate it with other products, like SIEMs and SOARs. It’s so important to be able to show the benefits of a product within a variety of scenarios.”
Jabari Norton, vice president of worldwide partners at alliances at Sumo Logic (the vendor views threat protection through a security information and event management lens; it focuses on early detection and response, and user training for spotting phishing attempts and social engineering):
“[Partners] will most likely experience cost pressure, which is always top of mind for organizations everywhere. In order to meet the cost demands on their clients, [partners] will also be pressured to offer solutions that allow customers to automate their internal systems and SOC workflows.”
One solution:
“I would recommend that they focus on leveraging cloud platforms and SaaS-based technologies for increased flexibility across any of their clients.”
Jim Lippie, CEO of SaaS Alerts (SaaS Alerts’ platform monitors SaaS applications and alerts MSPs to unusual user behavior on Office 365, Google Workspace, Dropbox and more):
“Tool fatigue and figuring out how to package, price and position.”
One solution:
“Create a matrix with all the potential threats a customer could face.”
Corey Munson, vice president of sales and marketing for PC Matic (PC Matic delivers threat protection through zero-trust endpoint security):
“Fear of increasing costs related to cybersecurity.”
One solution:
“Improve your ability to illustrate the changing threat landscape. Costs are increasing because the threats are more serious.”
Corey Munson, vice president of sales and marketing for PC Matic (PC Matic delivers threat protection through zero-trust endpoint security):
“Fear of increasing costs related to cybersecurity.”
One solution:
“Improve your ability to illustrate the changing threat landscape. Costs are increasing because the threats are more serious.”
The last year has been no picnic for managed security service providers. Between customers’ sudden shifts to remote work and hackers’ ensuing, increasingly sophisticated breach attempts (and successes), MSSPs have encountered extensive cybersecurity challenges.
As all those threats became more pervasive, vendors developed some new platforms. Rather than covering each product, Channel Futures chose to compile a series on threat protection with input from those cybersecurity providers. Over the past couple months, we’ve explored topics including:
Now, we look at some of the cybersecurity challenges sources expect channel partners will encounter as they implement or tighten threat protection for clients. And for each challenge, these experts offer one solution. (A number of these folks gave us more than one solution, which will lay the foundation for the final slideshow in this series. For now, we wanted to keep the advice-focused.)
Click through the slideshow above for sources’ observations and advice on cybersecurity challenges.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Kelly Teal or connect with her on LinkedIn. |
Read more about:
MSPsAbout the Author(s)
You May Also Like