As the threat landscape continues to grow, regulatory requirements multiply, and CEOs and executive boards become more aware of the business impact of security incidents, most organizations are feeling an urgency to strengthen their cybersecurity efforts. This increased awareness is especially visible in small and midsized businesses (SMBs) that have traditionally underestimated the impact of cybersecurity threats to their organizations. Even so, SMBs are still failing to fully recognize and appreciate the risks, threats and vulnerabilities that are targeting their organizations.
It is well known that many SMBs lack advanced security expertise and do not have enough skilled resources on staff to keep up with the challenges of a quickly evolving threat landscape. And while many SMBs have some security tools in place, those tools rarely work together, often provide minimal protection, are not fully deployed or are outdated, which creates significant security gaps. These shortcomings paired with a rampant increase and sprawl of devices and cloud services are resulting in vulnerable, complex environments that SMBs are unable to protect.
Managed service providers (MSPs) are strategically positioned to help SMBs with their security needs and to take advantage of a quickly growing market. 451 Research’s Hosting, Cloud & Managed Services Market Monitor service forecasts managed security services revenue to expand at a compound annual growth rate (CAGR) of 16.9% over the next five years to reach more than $24bn annually by 2022.
However, managed security services are more than just a revenue opportunity for MSPs; they are a necessity to remain competitive and ensure the long-term growth and viability of the company. When it comes to security, the role of the MSP is shifting dramatically. To meet the demands of customers and increasingly complex regulatory requirements, MSPs must go beyond offering simple security services such as firewall management and spam filtering and expand into advanced security services to become the security experts that customers need.
To be successful, MSPs must deliver security services that are easy for SMBs to use but still provide enterprise-grade security efficacy. At the same time, MSPs must ensure that the security services they offer are integrated, scalable and easy to manage across an increasing number of sites and customers.
To better understand the dynamics and opportunities surrounding security services in the SMB space, 451 Research conducted two global custom surveys targeting SMBs with fewer than 1,000 employees and managed service providers. We asked the executives, directors and IT managers of 1,700 SMBs about the current state of cybersecurity in their organizations, the security initiatives they have planned, and the security services they consume to protect their organizations. We then asked 1,000 MSPs about the security services they deliver to the SMB market, as well as the pain points they are experiencing in delivering and selling security services.
This paper examines those responses to look at both the challenges and opportunities that managed service providers face with respect to delivering security services to SMBs.