Partners Offering Managed Cybersecurity Ending Up In Court

Despite the huge growth in managed services, managed cybersecurity services “face an existential threat.”

That’s according to channel analyst Canalys, which said a surge in court cases involving channel partners following customer data breaches highlights the risk to MSPs providing managed cybersecurity.

“It demonstrates a disconnect between MSPs and customers regarding the duties of both parties, said Canalys principal analyst Robin Ody.

Canalys, which is owned by Channel Futures’ parent company, Informa, estimates that managed detection and response (MDR) services will grow 50% in 2024, to be worth $9 billion.

But the problem arises when MSPs leverage third parties to provide managed detection and response services to help customers stay more secure.

This is partly due to the increasing availability of third-party security operations center services, either from MSSPs or IT cybersecurity vendors. There are also external factors pushing customers to adopt more managed cybersecurity services. These include government regulation, supply chain compliance requirements and cyber-insurance demands.

Ody said that partners that offer cybersecurity managed services “need to be aware of exactly what they are getting” in terms of response and remediation capabilities from their third-party MDR providers. It is this disconnect that can lead to legal action following a breach, he said.

Canalys' Robin Ody

“This is why it is so important for channel partners to have one clear method of delivering cybersecurity services to customers,” said Ody. This “begins at the assessment or consulting phase and goes through to post-breach forensics. Channel partners are dealing with an immensely complex cyber landscape. In some cases, the technology and the threats are just the tip of the iceberg. Partners must understand their customers, regulators, insurers, legal firms, ISVs, third-party service providers and a whole raft of other actors in their ecosystems.”

MSSPs 'Must Be Explicit' About Their Services

As more and more partners offer managed cybersecurity services, it is vital that they are clear on the services they can deliver and which gaps are filled by any third parties, Ody added. These could be they help-desk operators, MSSPs, vendors or others.

“They must also know how to communicate this reality with their customers, all while maintaining compliance, not just for their customers but also for themselves," he said.

Ody said vendors and MSSPs must be “much more explicit” when outlining the services they offer.

“If their terms of service cover only monitoring and alerting a partner in case of breach or any cyber incident, but do not cover proactive response and/or remediation, they must be upfront about this. Too often today, partners are getting caught out and the consequences can be severe,” he said.