MSSP Partners: What Endpoint Security Needs in the Channel
Goal-setting, technical competence and cultural fit will determine endpoint security MSSP partner program success.
July 29, 2019
By Derek Handova
When considering MSSP partners, endpoint security, cybersecurity and other technology companies must be very careful. Taking on MSSP partners in their channel programs is a big commitment. They first need to verify a lot of capabilities including dedication, motivation, resources, and technical bona fides such as security operations centers (SOCs).
“People do not take the time to make sure MSSPs are ready to be channel partners,” said Jason Eberhardt, head of global cloud and MSP at Bitdefender, a global cybersecurity solution provider. “MSPs and MSSPs are truly the future of the industry. One of the main things we like to know before determining if an MSSP is ready to be a channel partner centers around if they have a dedicated SOC, SOC analysts, and training in threat hunting and analytics.”
But building a SOC is costly and time consuming. So instead, many organizations choose other security monitoring options like an MSSP, according to Gartner.
Historically, pure-play MSSPs such as British Telecom and Cipher have managed existing customer assets regardless of manufacturer, so there is less reliance on strategic partnerships — like MSSP partner programs.
McAfee’s Ken McCray
“MSSPs have various capabilities and go-to-market strategies, some of which align to security manufacturers like McAfee,” said Ken McCray, head of channel sales and operations for the Americas at McAfee. “Several of the larger MSSPs focus on security outcomes to solve complex business problems, so they tend to develop close and strategic channel partner relationships with security manufacturers.”
For example, even though telecom carriers like AT&T have become more involved in endpoint security with its acquisition of AlienVault, a provider of end-to-end business protection solutions, AT&T Cybersecurity says it’s poised to help the channel with its MSSP partner program.
MSSP Partners’ Goals and the Channel Relationship
Another important determination endpoint security, cybersecurity and other tech companies need to make for their potential MSSP partners takes the form of the MSSP partners’ goals and if a channel relationship will enable them to achieve their objectives. Depending on the project and the prerequisite capabilities, an MSSP partner program relationship could help them.
“However, an MSP could ultimately be a better fit for the tech company,” said Angus Robertson, CRO at Axcient, a provider of backup and disaster recovery software.
Axcient’s Angus Robertson
“MSPs come with a breadth of skill sets, and they are masters of efficiency,” Robertson said. “Many MSPs are an ‘almost MSSP,’ meaning that they have a comprehensive understanding on how to beef up their clients’ security offerings across networking, OSes, software, education and backup.”
Indeed, the managed security services market has become increasingly segmented between MSSPs who look to provide technology and customization services to enterprises and those that want to stick to a strict service delivery model, according to endpoint security experts.
“MSSPs primarily interested in buyers who need customization around technology will appeal to the more mature enterprises embracing digital transformation initiatives,” said Jim Souders, CEO at Adaptiva, a provider of endpoint management and security solutions. “These digital projects are big-budget activities, and the MSSPs who pursue those opportunities stand to reach higher revenue projections than their competitors.”
MSSP Partners, and Technical and Competence Fit
When it comes to onboarding MSSP partners into an MSSP partner program, an endpoint security, cybersecurity or other technology company must ensure a technical and competence fit between them and in-house engineering resources. Security companies must strive to understand if the MSSPs’ development practices are …
… similar, which can only be determined with a skills assessment and a gap analysis, according to cybersecurity analytics experts.
“Technical-and-competence fit need to be formalized in a mutually developed relationship management plan that has financial and results-oriented deliverables,” said Eric Warner, senior vice president, global sales at Elysium Analytics, a next-generation cybersecurity provider. “In today’s world, you must understand whether the MSSP has the chops to transition to newer technologies that are embodied in what Gartner calls the ‘modern SOC,’ where they need to seamlessly move their clients to a machine learning environment.”
If MSSP partners aren’t strategic in their approach or rely too heavily on single-source technology solutions, they will have gaps in their technical and competence fit, and limit the potential for a true MSSP partner program relationship, experts say.
Kaspersky’s Matt Courchesne
“It comes down to strategy and focus on a full, multilayered approach, and the MSSP partners’ willingness to invest in training to build an ecosystem that provides a full security solution for their customers,” said Matthew Courchesne, head of SMB and channel for Kaspersky USA. “It’s important that MSSP partners have a willingness and ability to train, certify and educate their teams in addition to understanding that no single security provider has all the answers. Intelligence and education need to come from multiple sources.”
Endpoint Security MSSP Partner Program Cultural Fit
MSSPs participate in an indirect channel that moves quickly, which means successful MSSPs must keep up with the velocity of the channel – their MSSP partner program – through great response times. Good MSSP reflexes and reaction times are examples of MSSP partner program cultural fit for endpoint security companies.
“Another cultural-fit trait is proactive engagement – don’t wait for an email or call – reach out,” said Howard Huerta, vice president of enablement programs at Avant, the master agent and IT channel sales enablement company. “Being able to have a positive, collaborative environment where the MSSP and the organization work on opportunities hand in hand will greatly improve the success rate. An MSSP who doesn’t keep up the pace, doesn’t proactively engage, or works with customers without their channel partner’s collaboration, will not succeed.”
Other must-have MSSP partner program attributes include a deep focus on customer problem solving, ethics and professionalism, according to other channel experts.
“Does the MSSP partner follow through on their commitments, show up on time and have realistic expectations of people, processes and technology?” asks A.N. Ananth, CSO of Netsurion and co-creator of its SIEM platform, EventTracker, “The answers to these questions help us determine which MSSP partners are interested in a quality relationship and the best solutions over the long term.”
MSSP Partners, Endpoint Security and the Future
In a world where everything has moved to the cloud and gone wireless, the MSSP customer base has started to look for pay-by-the-drink business models.
“MSSPs are being forced in those same directions,” said Zane West, director of product management at Proficio, a provider of next-generation cybersecurity services such as managed detection and response. “So an important element of how an MSSP will partner with both their security vendor and their client is flexible business models targeted at consumptive or utility-based pricing.”
And in the future, endpoint security, cybersecurity and other tech companies will only want to work with MSSP partners who have a vision. So MSSPs should know the direction they want to go within the industry, in general, and their MSSP partner program, in particular.
“MSSP partners who are serious should show that they understand security,” said Matt McCarthy, director, North American partner management at Barracuda MSP, a provider of security and data protection solutions for MSPs. “And show how the solutions and technologies will work together to make their business successful.”
Read more about:
MSPsYou May Also Like