Supply Chain Issues, Security Top of Mind for MSPs in Predictions for 2022
Three major areas of focus are front and center for partners: staffing, cybersecurity and supply chain issues.
December 24, 2021
![forward planning forward planning](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt48cc8c199af227d8/65243a018fd46fb33f004ca1/predictions8.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
“I’m concerned that supply chain issues will continue well into 2022.
“Staffing will still be very difficult for a variety of reasons. There is not enough trained talent out there. Wage inflation will continue due to short supply. Due to work from home, MSPs are now competing with companies all over America for employees.
“Sales will continue to be good as MSP clients will continue to try and meet the demands of their growing businesses.
“Blockchain and cryptocurrency is going to be a hot topic. The chain will revolutionize the world.”
— Luke Downing, President, Mode5
“Business for us is growing at 20%+ per year right now from the onset of COVID, but we do and have had a large footprint in work from home or working remotely since our founding, which has helped. We expect to see that growth continue.
“For Q3/Q4 of 2021 into the first half of 2022, we see and expect to continue to see hardware revenues held up by supply chain issues forcing a level of creativity to get solutions to ship. We expect to see a 30% reduction or at least delay in our hardware revenues due to supply chain issues in 2022.
“We expect the second half of 2022 to show more shipments/hardware revenue than the first half of the year.
“We expect to see growth in our cloud services and as-a-service business for those that have problems that have to be solved before hardware is available. We expect some of that to be short term until alternative solutions are available and some of that to be a permanent move to some form of hybrid cloud model.
“We expect to sell through our own reserve capacity of hosted hardware resources and are taking steps to make sure we are doing what we can to keep supply ahead of demand. We are seeing a large expansion of our NVIDIA vGPU/VDI business as companies are working through work from home on a more permanent basis and needing to deliver webcam/rich multimedia/training, etc., traffic to end users in a variety of scenarios. Fractional or permanent work from home being the most common use case.
“We expect to see continued expansion of architecture, engineering and construction firms, along with media and entertainment setting up remote solutions to deliver their graphics-intensive applications remotely across a variety of platforms to meet recruiting/retention and on-time project delivery needs.
“Security and compliance continues to be a driver, with more MSPs and end clients building out their capabilities to manage and stay in compliance with the frameworks of controls for their industry, be it FFIEC, HIPAA, HITECH, ISO 27001, CMMC, SSAE, NIST, etc. We see more growth coming from MSPs in this space and our more heavily regulated customers for some of our internally developed tools.
“Labor could become a constraint for us, but we have taken steps to introduce automation, cross training and other strategies to mitigate this as a potential risk that could cap some of our growth through 2022.
“We feel great about where we are; we think we have a good handle on the challenges that could make what we do more challenging over the next year plus, and we have some comfort in the steps we are taking to mitigate at least the risks we do see as we close out 2021 and move into 2022.”
— Val King, CEO, Whitehat Virtual Technologies
“Opportunities – Cybersecurity continues to drive our new offerings. Keeping the customer secure has moved to the top of our clients lists.
“Challenges – Supply chain issues will continue to cripple us – Desktops, laptop and more important switches.”
— Michael Goldstein, President, LAN Infotech
“Here are my “top 5” list of predictions for 2022:
1. Continued focus on security to include significant advances in work-from-home pricing and support model.
2. There will be a primary focus of IT teams on GRC (governance, risk and compliance) that will include technologies like AI-assisted products and services.
3. Ransomware will continue to evolve with the adoption of technologies like immutable storage, EDR, XDR and MDR. Along with this I am expecting to see a resurgence in technologies like application ring fencing.
4. Enhanced wireless internet connectivity through the continued implementation of Starlink and 5G will fuel cloud adoption and even spur the beginning of a shift from cellphones to data-aware wearables; these will be things like watches, virtual reality glasses, rings, smart collars and the like.
5. The automotive industry will see a host of new technology adoptions to include things like: automatic braking, vehicle-to-everything (C-V2X) and the continued adoption of electric vehicles. In general I would say that there are going to be significant advances or adoption of many green technologies.
“I believe that 2022 will hold a whole new host of challenges and rewards for those service providers that are willing and able to stop and think about how they can participate in this work from home, digital everything/hack everything environment economy we are all part of.
— Lliam Holmes, CEO, MIS Solutions
“We at Approyo are always looking for the strongest staff and as such have changed our hiring practices based on the challenges of the pandemic.
“We now look around the globe for staff as opposed to only in the U.S. We have used this as a great opportunity to find incredible staff members in other reaches of the globe and to grow in new countries. We feel this trend will continue in 2022 and beyond.”
— Christopher Carter, CEO, Approyo
“The biggest issues we are seeing are getting clients to realize the importance of increasing their cybersecurity budget and getting equipment for projects. We have many projects on hold because we can’t get parts.”
— Anthony Polselli, President and CEO, Natural Networks
“The state of things now and how they might shift next year – systems, processes and services have been streamlined and will need to continue to create added value and additional management to our customer base to free them up to focus on more strategic value to their enterprise.
“Challenges – The normal challenges of developing the proper marketing strategy in terms of gathering new opportunities, but we are also a little concerned about the economy going forward.
“Opportunities – Big opportunities are continuing in digital transformation and a strong security practice. We have also seen a huge surge in opportunities in the mobility and IoT segment.
“Etc. – We are looking to conduct several M&A activities in 2022 to advance service delivery and our MSP business.”
— Robert House, CEO, Triton Networks
“There has never been a better time to be an MSP. Clients depend on our essential services to keep them secure and competitive. As the threat landscape accelerates with more people working from home permanently, our services will be more important in years to come. With that, expect some form of regulation.
“While our local, state and federal governments may not lead the way (with the exception of Louisiana that has established a floor for service delivery) expect the industry to self regulate. We already see E&O insurance requirements asking for table stakes, such as, MFA to ensure lower premiums. Security continues to drive business and also create challenges for the MSP community.
“Challenges – In addition to security challenges, our industry faces negative unemployment as a result of the post-pandemic economic surge. It is hard enough finding top talent, equally hard to retain employees. Being an employer of choice has the consequence of rising costs and shrinking margins. MSPs will need to sharpen their game when it comes to pricing and price increases to offset the added risks of cyberthreat and rising payroll.
“Opportunities – While security is a challenge, it is also an opportunity for MSPs. Labor shortages also create opportunities for MSPs to support medium-size businesses with internal IT as they face the same challenge. Lastly, as many companies continue to work remotely, cloud services not only provide secure access to work from anywhere, the cloud offers the flexibility and scalability that gives companies competitive advantage and profitable growth.
“All of these factors support my sentiment, there has never been a better time to be an MSP.”
– Dan Shapero, President & COO, TeamLogic
“The most significant opportunity for MSPs in 2022 is to provide a comprehensive, cost-effective security stack. The challenge will be assembling the talent to develop, maintain and mature a lean security stack that targets their clients’ needs.
“The best-of-class MSP will find a sweet spot with a uniform solution of integration-friendly products at a cost-effective price point.”
— Jean Prejean, President, Guardian Computer
“Challenges: supply chain and impact on project; complexity; and number of opportunities and new tools coming online.
“Opportunities: simplicity and focus.”
— Ian MacRae, President, E-N Computers
“Challenges:
Partners are still struggling to sell at the right pre per seat.
Total MSSP offerings are still not being sold/positioned in the proper way.
Scaling up and down the business is a big issue.”
— Greg VanDeWalker, SVP, Collabrance
“For the successful managed service provider, it is time to milk the cow. The trend toward outsourcing is the strongest it’s ever been, not just in our industry, but so many in business services. Payroll might’ve paved the way, but it’s now at the CFO and HR level as well, so the small business person is seeing the value of focusing on what they do well and outsourcing the rest. IT is definitely part of that trend and obviously growing stronger with cyber incidents hitting closer and closer to home. But this also means that the MSP has to shore up its own ship well beyond even what the clients need, and fast.
“For it to do anything else next year other than get stronger for the MSP who is making money and scaling would be very surprising. For the smaller, unprofitable MSP, because of the cyber challenges, it is going to get worse.
“Challenges:
Cybersecurity – figuring out the best and keeping the expectations of what the IT department is doing nominal if the client isn’t raising their cyber security profile.
“Opportunities:
Higher level strategic technology consulting. It is very hard for most MSPs to actually get there. If they are still stuck closing tickets as their main purpose in life, then it’s going to be hard to get to the point of a full dedicated process, people and time to prevent problems, so that there can be a business unit focused on consulting.
Cybersecurity is also an opportunity. Lots of unknowns and fears in this area. If you can drive value here, it could be promising for sure.
— Lauren Groff, CEO, Groff Networks
“We’ve been able to thrive through ’21, and fully expect it to actually increase in ’22. We are seeing a marked increase in opportunities in several verticals. Our new marketing programs are generating interest and we’re partnering with organizations to sponsor events and get more ‘out there.’
“The challenges are serious, but they’re challenges that are equally felt by our clients (i.e., product availability, etc). So we can present a compelling discussion with potential clients that we can help them navigate these waters most effectively.
“We’re finding potential clients much more open to having realistic discussions about cybersecurity than ever before. So we’re not hearing the “we’re not big enough” or “it doesn’t concern us” anywhere near as much.
“We’re pulling in opportunities weekly, both in the fully managed service as well as co-managed (CoMITs) opportunities through a variety of marketing efforts.
“As for next year, we’re going to be doubling down on our content-based marketing efforts (we recently posted our 400th video on LinkedIn), and will be adding two additional employees by the end of ’21.
“Content-based marketing is a key strategy for our marketing plans in ’22.”
— Bob Coppedge, CEO, Simplex-IT
“The attitude toward physical access to spaces is changing as workers are increasingly remote. Although the requirements for physical recoverability are vastly different today, the importance of remote access reliability and redundancy has moved to the top of the recoverability priorities. The ability to provide multiple access capabilities with secure and seamless interoperability has become a primary focus as the workforce transitions to a more permanent hybrid structure.
“Organizations will increasingly be tasked with ensuring business continuity in a new operating model to ensure that team members can effectively communicate and proactively collaborate. Although a much overused term, this is the new normal and will be a high priority in every conversation related to business continuity and recoverability.”
— Bob Lamendola, SVP, Technology and Head of Digital Services Center, Ricoh North America
“Among other threats posed by both intentional and unintentional acts in the cyber world, ransomware will increase as a threat in 2022. Threat actors use affiliates to carry out certain stages of the attack, such as the spearfishing campaigns, then employing other affiliates to deploy tools such as Cobalt Strike (a favorite tool utilized by threat actors). Attackers are weaponizing red-team tools to utilize in the later stages of their attack strategy. These types of tools and their leaked source code and suite of tools, including Cobalt Strike and Metasploit, are now being utilized by either threat actors or their affiliates to laterally move across the ecosystem and even deploy the ransomware payload.
“In what I call “crowdsourced” hacking, 2022 and beyond will see more splintering of ransomware groups and ransomware as a service (RaaS), as the splintered groups’ modus operandi morphs to allow for individual ransomware designers, infiltrators, payload deployers and payment collectors to continue to iterate and improve the product and execution of the attack. This splintered threat model allows cybercrime subject matter experts to emerge in all the areas necessary for a successful attack.
“The 2022 cybersecurity landscape will see more renaming and rebranding of ransomware groups; for example, the perceived rise and fall and rebranding of threat groups such as DarkSide and ReVIL into a newly minted group named Black Matter. Further in-fighting will occur as ransomware groups vie for power and credit, which could affect corporations, not unlike the 2021 situation where the Conti RaaS group published a Russian guide designed to instruct the affiliates in how to conduct attacks.
“Additionally, as law enforcement actions by the FBI and their intelligence community partners across the globe become more assertive with threat actors and increase the depth and breadth of their investigation and arrest, pressure and seizure of ransomware proceeds, ransomware groups will become more aggressive with victims, attempting to punish victims even further for either contacting law enforcement or employing the use of professional ransomware negotiators. The 2022 trends will also include an increase in regulations of cryptocurrency clearinghouses and marketplaces and unique utilization of law enforcement tools, such as the search warrants the FBI used in deleting web-shells after the Nobelium attack.
“I have seen an increase in the use of need-to-know tactics and techniques used by threat actors, where we see them compartmentalizing certain parts of the attack to key internal actors and paying for smaller, either affiliated or unaffiliated groups to carry out initial aspects of the attack. These actions are in part because the FBI and other law enforcement organizations are increasing the pressure on these ransomware groups, and the use of affiliates and smaller groups to carry out certain aspects of the attack help to increase the number of subjects and IP addresses to investigate. In my opinion, this creates a false sense of security for the main threat actors that use of such affiliates allows for some level of shielding from law enforcement.
“In an effort to thwart the sinister actions of the cyber underworld, I see a trend in 2022 and beyond in the use of artificial intelligence and machine learning to make cyber defensive tools smarter and more intuitive.”
— James Turgal, Cyber Risk, Strategy & Board Relations, Optiv
“The impact of the ‘great resignation’ will be significant. Many companies and cybersecurity teams will struggle to execute on new projects as they spend more time onboarding and training new resources. At best, they will tread water and maintain their current cybersecurity maturity. I suspect many will see a decrease in their cybersecurity resiliency as new projects get put into production without proper security, and existing procedures get ignored since there just isn’t enough time in the day to complete all the items on your to-do list. Since existing resources are overtaxed just maintaining the status quo, successful attacks will rise.
“With the increase in U.S. government cybersecurity regulations and companies expanding their efforts with third-party risk management audits, confusion over conflicting compliance requirements will reign. This will be especially burdensome for global countries. Cybersecurity teams will have to spend even more time demonstrating compliance to multiple stakeholders taking critical time away from actually implementing stronger cybersecurity controls.
“On the positive side, the increased exposure of threats and attacks plus the high number of unfulfilled cybersecurity jobs have brought more people into the talent pipeline. Universities and educational companies will see an influx of students who wish to become cybersecurity professionals. There are also more and more alternatives to standard degrees to grow your cybersecurity skills. While it will take time for these fresh recruits to have an impact, it bodes well for the future of the profession.”
— Brian Wrozek, Chief Information Security Officer, Optiv
“The impact of the ‘great resignation’ will be significant. Many companies and cybersecurity teams will struggle to execute on new projects as they spend more time onboarding and training new resources. At best, they will tread water and maintain their current cybersecurity maturity. I suspect many will see a decrease in their cybersecurity resiliency as new projects get put into production without proper security, and existing procedures get ignored since there just isn’t enough time in the day to complete all the items on your to-do list. Since existing resources are overtaxed just maintaining the status quo, successful attacks will rise.
“With the increase in U.S. government cybersecurity regulations and companies expanding their efforts with third-party risk management audits, confusion over conflicting compliance requirements will reign. This will be especially burdensome for global countries. Cybersecurity teams will have to spend even more time demonstrating compliance to multiple stakeholders taking critical time away from actually implementing stronger cybersecurity controls.
“On the positive side, the increased exposure of threats and attacks plus the high number of unfulfilled cybersecurity jobs have brought more people into the talent pipeline. Universities and educational companies will see an influx of students who wish to become cybersecurity professionals. There are also more and more alternatives to standard degrees to grow your cybersecurity skills. While it will take time for these fresh recruits to have an impact, it bodes well for the future of the profession.”
— Brian Wrozek, Chief Information Security Officer, Optiv
It is officially almost 2022 (gulp). Before we un-deck the halls and throw bits of torn up paper and glitter into the air, we wanted to take a moment to look back at the previous 12 months, and then ahead to the next 12. What do MSPs expect during the upcoming year? What industry trends do they expect to see continue to grow or fade?
Given the events of the last couple of years, it’s safe to say we’re over things being “unprecedented.” It’s enough just keeping up with the day-to-day challenges in the channel.
With that in mind, we polled some MSPs on what they are expecting in the year ahead in terms of industry trends, challenges and opportunities. There were definite consistencies in the responses — supply chain issues, the state of cybersecurity and the talent shortage chief among them.
Scroll through our slideshow above for a peek into the future — from our partners’ perspectives.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Allison Francis or connect with her on LinkedIn. |
Read more about:
MSPsAbout the Author(s)
You May Also Like