Channel Futures' 2023 MSP Outlook: Cybersecurity, Automation Will Be Paramount
Channel Futures' 2023 MSP predictions highlight cybersecurity, cloud computing and automation shifts.
December 30, 2022
![Crystal ball 2023 Crystal ball 2023](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blte243766d5c6c9496/65240aecd3a7fe65eb545b87/Crystal-Ball-2023.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Cybercrime will only increase and will affect anyone who is not properly prepared.
Partners will need to focus on the basics and not on the latest and greatest software that will supposedly fix all problems.
“No big surprise here, but we will have, more than ever before, ransomware attacks. People won’t apply security updates in a timely way or follow best practices. To use someone else’s words, ‘No one is too small to be hacked; they are just too small to make the local news.’ As a result, we will see higher premiums in cybersecurity insurance. I do believe that more companies will begin to see the need to implement and up their game to put protection in place (however, sadly too late for many).” —René Miller, CEO, Ener Systems
“Cybersecurity will see a bump in importance for all MSP customers, not just those in regulated or compliance-driven industries, because of… cybersecurity insurance. Cybersecurity applications are getting tougher to fill out, and claims are not necessarily being paid if reality does not match what is on the application. Everyone with a cybersecurity policy will see rate increases and more stringent qualifications, meaning cybersecurity will matter to almost all businesses than it has in the past. Smaller MSPs will face a decision with an increased need to carry a full cybersecurity practice, partner, or outsource themselves, with some deciding to get off the merry-go-round.” —Val King, CEO, Whitehat Virtual
“Cybersecurity, cybersecurity, cybersecurity. Nothing is a bigger threat to shutting down a business’ day-to-day operation and just gets worse everyday. Annual vulnerability assessments will also be a must (most insurance policies starting to require). And lastly, MDR and cybersecurity staff training/phishing simulation will be two of the most important next-gen components.” —Scott Hagizadegan, CEO, Shield IT Networks
“Security will be an even bigger concern than in 2022. With the market softening, crime will go on the rise, resulting in a significant increase in security needs. Sadly, companies that do not address security properly will likely not be around this time next year. I believe the media will oversensationalize the impact, resulting in those MSPs that are ready for the influx of business to enable much higher profits.” —Joe Ussia, CEO, Infinite IT Solutions
“Here’s what we’re seeing in our client base and in the industry in terms of security and privacy:
Continued increase of importance of cybersecurity and privacy of data. I expect to see an increase in the prevalence of privacy regulations across states and industries that will require organizations to spend time, effort, and money on strategies to secure and protect data.
Data governance: We’ll see more privacy and data-related security policies like the FTC Safeguards Rule; more businesses that are adjacent to traditionally regulated industries will be impacted by these requirements
Opportunities for security improvement for state and local government entities with the FEMA State and Local Cybersecurity Grant Program. There will be heavy spending in these areas, and the focus will likely be on closing the gap where possible on the worst outliers for cybersecurity.
Cyber liability insurance will continue to be more scrutinizing of business hygiene, and you’ll start to see alliances between brokers/underwriters and MSSPs/MDR/XDR platforms being formed and strengthened. I expect to see an increase in “proof” of hygiene for the best rates; think ‘safe driver discount’ where you install a sensor in your car that shows data to ‘prove’ you aren’t driving recklessly.”—David Markley, president, Stronghold Data
2023 is going to be a banner year for the more sophisticated and intelligent MSPs, especially if they target the midmarket, according to experts.
“The key word for next year will be ‘sophistication.’ End users are seeking high-quality, sophisticated MSP/MSSP/technology consulting firms that can provide not just high-level services but true accountability. They are being pressured by talent shortages, shrinking budgets and increased cyber risk, and need partners who can truly fill this gap.” —Neil Medwed, vice president of corporate development and M&A, Meriplex
“Businesses that have a solid financial foundation, and customer base, especially in ‘vital’ markets, will continue to invest in what works and continue driving their business forward — despite the recessionary outlook. Similar to continuing to purchase stock in a down market, be consistent, and continue to spend on advertising/marketing, so you can maintain and even grow your lead in your market in ‘down’ times.” —David Markley, president, Stronghold Data
Automation will become increasingly important as time and resources become even more precious commodities. The more you can automate, the more teams can focus on meaningful initiatives that support customers and drive business/revenue.
“When looking at business intelligence, automation must be a consideration. This means increasing expectations of what MSPs’ tech investment should do to help meet business objectives (greater business outcomes as a result of investing in technology — no longer just looking at it as ‘utility’). We’ve been driving conversations about these topics with our clients, and they are starting to see these capabilities as more important as time goes on. Whether it be business intelligence, robotic process automation or other technology enablers for their business, this will be more expected and welcomed by business leaders.” —David Markley, president, Stronghold Data
“Automation is another area where we will see explosive growth within the SMB market. Large enterprises started investing heavily into robotic process automation (RPA) several years ago and are already realizing the benefits of their investments. Thanks to millions of dollars from private equity and venture capitalists, RPA software is now working downstream to the SMB market and will be a viable solution for smaller, operationally mature MSPs. This automation wave will certainly help with the labor shortage we are experiencing within the technology space by allowing MSPs to perform more work without hiring more people. However, the true benefits of automation are:
Increased quality control since automation requires everything to be done the same way every time, unlike a human that might miss a step.
Faster time to resolution since automation can run 200 tasks with the click of a mouse button.
Fewer escalations because engineers will be able to perform tasks above their technical ability. Once a senior engineer automates a complex process, lower-level engineers will be able to perform that same task with the same level of quality.
Security controls will obviously be an area of concern with this increase in automation; however, that same automation could be used to increase security. RPA can be leveraged to monitor for accounts with MFA temporarily disabled or execute employee terminations ensuring that a human does not miss a step that leaves an account open and the organization at risk.” —Myles Keough, CEO, Spade Technology
Clients in certain industries will be tightening their belts and overall processes in 2023, as well as working to consolidate. Indeed, it is predicted that this MSP industry consolidation will continue, but at a slower pace.
“MSPs will need to do a number of things here:
Find additional ways to automate services and be prepared to drive down sale prices to clients while maintaining margins.
Be ready to help clients plan with more details for the next three years. We develop road maps that allow the client to talk about IT strategy and tactics to keep their systems up and running securely.
Implement additional security measures to keep things safe and sound. Zero trust, for example — how to do it with the least amount of disruption for a client.
Continue third party Backup when clients move to the cloud.
MSPs will also need to find ways to help clients sort out, manage and easily archive their data.” — Paul Riedl, CEO, River Run Computers
“MSPs want to consolidate around fewer vendors, and Microsoft is the leader. Technologies such as Azure AD Join are maturing; Intune is being adopted as a replacement for GPOs. In addition to physical endpoint security, Intune will be used for managing the security of virtual endpoints (AVD desktops and Windows 365 Cloud PCs).” —Amol Dalvi, vice president of product, Nerdio
2023 looks like it’s going to be an even bigger year for M&A in the MSP space, according to providers. The MSPs that have leadership nearing retirement age can’t keep up, or don’t want to adopt new cloud-based technologies, for example, are ripe for acquisition.
“The more forward-thinking MSPs with solid recurring revenues are leveraging their businesses to acquire books of business and IT talent. IT leaders should know they have many avenues for success and not get overwhelmed with the fast-paced technology changes we are experiencing now. They should embrace vendors and experts who can help them and consider embracing M&A either by partnering, acquiring or selling their primary stake so they can continue to grow and find success.” —Will Ominsky, senior director, MSP sales, Nerdio
“There are going to probably be challenges regarding the economy and ongoing potential full-blown recession. But, that also breeds tremendous opportunity with new clients, expansion and continued growth for mergers/acquisitions.” —Robert House, CEO, Triton Networks
MSPs will start focusing more on compliance and governance (CMMC, ISO 27001, ISO 27701, CCPA, etc.) Managed compliance providers (MCPs) will become a thing of reality, it is speculated.
“MCPs will emerge to enable our customers to ensure their infrastructure is safe, data is secured and privacy is protected. Supply chain and insurance companies are pushing this downstream and MSPs are in the position to help. We’ve been tasked to complete the insurance questionnaires for insurance qualification, and Infinite IT has lept ahead to become ISO 27001 and ISO 27701 certified in order to minimize the time required to do the work while differentiating ourselves in the marketplace. We are now offering managed compliance as a service to our customers, which is in high demand. We predict that it will be our fastest growing service in 2023.” —Joe Ussia, CEO, Infinite IT Solutions
“In 2023 we will see cybersecurity compliance trickle down the market into smaller organizations — even organizations that are not regulated. Insurance companies are starting to raise the bar relative to the responses they want to see on their cybersecurity assessments. Antivirus and multifactor authentication (MFA) are no longer enough. Some insurance carriers now want to see endpoint detection and response (EDR), and security information and event management (SIEM) deployed throughout the organization’s technology infrastructure. Not having these components in place can result in a 10 times increase in your insurance premiums, or in some cases they will drop you as a client altogether. This is going to push SMBs to have a more mature security posture within their organization. In 2023 we will see more SMBs adopt frameworks like the center for internet security, 18 critical security controls (CIS18) to meet these new cyber security requirements.” —Myles Keough, CEO, Spade Technology
As the market puts financial strain on the MSP market, shops that are weaker will either falter or merge with stronger players to survive. This will help reduce competition and strengthen the position of MSPs in the market.
“Providers should emerge in 2023 looking much more professional to customers as they realize that we truly are a professional services firm, much like lawyers and accountants are. We will go from being the geeks in the closet out back to strategic partners enabling businesses to be more secure and grow their market share.” —Joe Ussia, CEO, Infinite IT Solutions
“Due to the incoming recession and the economic slowdown, I believe that now more than ever MSP should be focused on delivering on value more than anything. If clients or prospective buyers don’t see the value of your service offering, then most likely you will be replaced. Figuring this out requires you to look deep into your company culture, and evaluate every interaction with clients and buyers and identify where and how you can improve.” —Pedro Nunez, CEO, IT Management Solutions
Cloud computing is going to continue to rise to the top of the priority list because while it is an investment, it’s a flexible one that can change with the business.
“The cloud allows businesses to eliminate large IT investments and obtain an ROI over many years by moving to a more efficient pay-for-what-you-need monthly payment model.” —Will Ominsky, senior director, MSP sales, Nerdio
“Businesses are realizing that cloud is here to stay. A younger workforce will demand the latest tools and technology, which means companies can’t offer outdated technology. For example, IT can no longer have long update cycles where they could run older versions of Windows for years. This means they will need to invest in tools that let them update to new technology often. Otherwise, they risk losing business opportunities if they don’t adopt some new technology quickly enough. Technologies that will rise to the top – Intune for endpoint management, app testing tools like Rimo3, and single-pane-of-glass tools as app sprawl will get out of control.” —Amol Dalvi, vice president of product, Nerdio
“Cloud-native technologies such as containers and serverless models have become more popular across the public cloud in recent years, allowing for faster application development and deployment at scale. For enterprises looking to innovate quickly or overhaul their cloud infrastructure without major costs in 2023, cloud-native application development might be the answer to their modernization goals. New developments in edge computing and 5G are expected to further boost cloud-native adoption and innovation in the industry in the coming year, providing a bigger opportunity for organizations to quickly scale up their data in the cloud and gain access to new capabilities with their software.” —Sean Mahoney, vice president and general manager, Ensono Digital
There are a few crossovers and tie-ins here from other themes, but this is ultimately focused on how certain predictions will directly affect SMB shops and customers. As they look to grow and scale, there are practicalities that these shops must face.
“I believe 2023 will be a challenging year for smaller MSPs. Already facing headwinds from the M&A movement in the space, and the reduction of benefits to smaller MSPs from vendors like Microsoft, small MSPs will be challenged by a difficult economic year for small business in general with the recession. MSPs need to prepare for loss of customers from the possible recession and/or M&A. Small MSPs and small businesses may struggle while the larger businesses continue to grab market share.” —James Lapointe, president, Colden Company
“Security, particularly for the SMB market, will still be chaos, with a disconnect between need/risk, perception, solutions, and willingness to pay for additional security services.” —Allen Falcon, CEO, Cumulus Global
“Specific to security, companies will continue to educate employees while ensuring their training and networks are up to date. As businesses saw in 2022, attacks and breaches won’t be limited to large organizations and enterprises. In the year ahead, many SMBs will feel the effects of cyberthreats. To combat this growing threat, more businesses will purchase cybersecurity insurance. More companies will deploy employee education to ensure their eligibility and that their teams are focused on security.” —Lauren Wickstead, CMO, TPx
These are predictions that fall a bit outside our main themes, but are unique and facinating all the same.
“Economic headwinds will delay major hardware refreshes, further extending the age of data center systems and creating pressure to meet modernization objectives.
Cloud spending will come under greater scrutiny, particularly for non-strategic workloads, driving an increase in workload repatriation.
At least one major systems vendor will be acquired.
The Broadcom/VMware acquisition implications will start to be felt as enterprises and MSPs re-evaluate their virtualization strategies.
Multivendor service contracts that preserve budget dollars and extend the useful life of infrastructure will be an increasingly common approach for IT leaders and service providers to adopt.” —Brian Reagan, CMO, CDS
“This might be a bit more regional-specific Down Under, but there is a definite trend/theme emerging for next year, really a couple. A major one will be cybersecurity. Whilst this topic has been done to death, it feels very different this time.
Some local backstory:
Australia has been under increasing threat from state-based actors, particularly China since they started slamming us with sanctions in 2020. The governments are hesitant to throw too much spotlight on the actuals here, but they have been heavily pushing businesses more and more to strengthen security, and started talks of regulation back in 2020. Attacks on Australian businesses have since skyrocketed.
This year we have had major data breaches of personal information, including one of our largest telcos, and largest private health insurer, and possibly more. In turn, this is starting to scare … people as almost every adult has been impacted by one of these major breaches. As a result, we were apparently ranked worst in the world last quarter on breaches, with an average of 22 hacks a minute.
Next year there is likely to be legislation passed that will actually make company directors liable for cyber negligence, in which they could face charges similar to the way industrial manslaughter works.
With all this said, we are seeing a major shift in business leaders and owners in relation to their security stance. In the past they were satisfied with simply feeling secure. Now there is a growing trend toward wanting assurance that their business is in fact secure. This is being pushed primarily by the ever-increasing compliance requirements of insurers, and more recently, client tenders and supply agreements.” —Ray Sweeney, chief commercial officer, Sensible Business Solutions
These are predictions that fall a bit outside our main themes, but are unique and facinating all the same.
“Economic headwinds will delay major hardware refreshes, further extending the age of data center systems and creating pressure to meet modernization objectives.
Cloud spending will come under greater scrutiny, particularly for non-strategic workloads, driving an increase in workload repatriation.
At least one major systems vendor will be acquired.
The Broadcom/VMware acquisition implications will start to be felt as enterprises and MSPs re-evaluate their virtualization strategies.
Multivendor service contracts that preserve budget dollars and extend the useful life of infrastructure will be an increasingly common approach for IT leaders and service providers to adopt.” —Brian Reagan, CMO, CDS
“This might be a bit more regional-specific Down Under, but there is a definite trend/theme emerging for next year, really a couple. A major one will be cybersecurity. Whilst this topic has been done to death, it feels very different this time.
Some local backstory:
Australia has been under increasing threat from state-based actors, particularly China since they started slamming us with sanctions in 2020. The governments are hesitant to throw too much spotlight on the actuals here, but they have been heavily pushing businesses more and more to strengthen security, and started talks of regulation back in 2020. Attacks on Australian businesses have since skyrocketed.
This year we have had major data breaches of personal information, including one of our largest telcos, and largest private health insurer, and possibly more. In turn, this is starting to scare … people as almost every adult has been impacted by one of these major breaches. As a result, we were apparently ranked worst in the world last quarter on breaches, with an average of 22 hacks a minute.
Next year there is likely to be legislation passed that will actually make company directors liable for cyber negligence, in which they could face charges similar to the way industrial manslaughter works.
With all this said, we are seeing a major shift in business leaders and owners in relation to their security stance. In the past they were satisfied with simply feeling secure. Now there is a growing trend toward wanting assurance that their business is in fact secure. This is being pushed primarily by the ever-increasing compliance requirements of insurers, and more recently, client tenders and supply agreements.” —Ray Sweeney, chief commercial officer, Sensible Business Solutions
It’s that time of year again. It is time to look back on the past year, and gaze hopefully (albeit fruitlessly) into our crystal balls. Of course that’s silly — it’s impossible to predict what will happen six months, a year from now. However, our MSP 501 community has made some pretty well-educated guesses. For this edition, we bring you 2023 MSP predictions.
The Significance of Cybersecurity
No surprises here: Cybersecurity will be all the more important, and a vital focus. Insurance companies and businesses are becoming more aware of the importance of cybersecurity. This is particularly true regarding the supply chain, where partners and vendors can pose significant risks. As a result, businesses are taking steps to improve their own security posture, and also requiring the same from their partners and vendors.
According to Raum Sandoval, CISO, Entara, implementing additional security measures and solutions can be a complex and time-consuming process. This is where governance, risk, and compliance (GRC) comes in. By focusing on GRC, businesses will be able to identify their most pressing risks and develop a plan for addressing them in an orderly and systematic way. To support this process, we are likely to see an increase in the use of virtual chief information security officer (vCISO) services to help businesses navigate this shift effectively.
Automation, My Dear Watson
Automation will also be increasingly important for providers and customers alike, particularly smaller shops. According to Javid Khan, CTO, IT By Design, 2023 will be all about automation and innovation. This will be driven by customers who will push their IT providers to prepare for the ever-looming recession with more creative, cost-effective technology.
“Automation will be key for reducing the time required to resolve service tickets and fulfill the more mundane daily tasks,” says Khan. “The automation will garner extra time for tech teams to focus on higher priority projects or additional revenue-generating special projects, boosting profitability.”
With all that in mind, we invite you to pore over Channel Futures’ 2023 MSP predictions. See the slideshow above to get started.
We polled the following MSP execs:
Ray Sweeney, Sensible Business Solutions
Brian Reagan, CDS
Lauren Wickstead, TPx
Allen Falcon, Cumulus Global
James Lapointe, Colden Co.
Sean Mahoney, Ensono Digital
Pedro Nunez, IT Management Solutions
Robert House, Triton Networks
Will Ominsky, Nerdio
Amol Dalvi, Nerdio
Paul Riedl, River Run Computers
Myles Keough, Spade Technology
David Markley, Stronghold Data
Neil Medwed, Meriplex
Joe Ussia, Infinite IT Solutions
Scott Hagizadegan, Shield IT Networks
Val King, Whitehat Virtual
René Miller, Ener Systems
Javid Khan, IT By Design
Raum Sandoval, Entara
About the Author(s)
You May Also Like