Tarek Jundi, Managing Director, Middle East and North Africa, Intel Security, elaborates on the factors required to be a successful managed security service provider.
Over the last couple of years, between the spate of high profile cyber-attacks, the resulting focus on security and the uptake of cloud and IoT, today, enterprises in the Middle East have realised that the only way to truly safeguard against cyber threats is to deploy cloud-first, integrated security solutions that address the entire threat defense lifecycle.
While this makes perfect sense in principle, the reality is that few organisations, if any, have the resources and the technical know-how to deploy and manage a robust security solution across the enterprise network. To address this security gap, more and more organisations are turning to Managed Security Service Providers (MSSPs). In fact, according to a 2015 Infonetics research report titled ‘Cloud and CPE Managed Security Services’, the demand for managed security services is growing at double digit figures and is expected to reach close to $20 billion globally by 2019.
Global IT research firm Gartner, defines managed security services as remote monitoring or management of IT security functions delivered via shared services from remote security operations centres and not through personnel on-site. For inclusion within Gartner’s MSSP criteria, players must be able to remotely monitor and manage, through shared service delivery, firewalls, intrusion detection prevention devices from multiple vendors and have security operations centres in multiple locations, among other requirements.
So what are some of the key success factors that channel partners should consider when embarking on this MSSP journey?
Bridge the talent gap
Talent shortage in the Middle East and globally for that matter, particularly in the security space, is a topic of much discussion. In fact, by 2017, reports suggest that there will be a shortage of two million cybersecurity professionals skilled in analytics and forensics. The limited resource availability directly translates to weak security protection levels within an organisation and the net result is longer lead times for protection, detection and correction. While this is one of the main drivers for organisations choosing to partner with MSSPs, the onus now falls on the MSSP to bridge this talent gap.
Competing against security vendors for talent could be an effort in futility so channel partners that are serious about building an MSSP practice should have a clear strategy for hiring, training and retaining security personnel with a focus on nurturing in-house talent. Not only should personnel be technically savvy and be thorough in the various security products and solutions, but just as importantly, they need to have a deep understanding of the threat landscape in the region and possible attack vectors to allow them to spot potential threats to an organisation.
Partner with best-in-class
Over the last couple of years, we have seen the emergence of a staggering number of security vendors on the market, almost all claiming to be ‘best-in-class’. The good news for MSSPs is that they are spoiled for choice but the bad news is that many of these solutions overlap and providers often trade off product features for ease of integration and collaboration between the various products and solutions.
Rather than opting to integrate disparate point solutions, channel partners looking to build an MSSP practice will be well served to partner with a couple of key security vendors from the outset to develop a security service platform, from the ground up, that address the needs of the market and customers they are looking to serve.
Address the hybrid cloud
At present security service providers and end customers take joint responsibility of the business security integrity. Due to growing complexity of security solutions and the increasing need to focus on core competence, MSSPs are under pressure to take full management control of the business security environment. This is compounded with the growing adoption of cloud in the region.
With the increasing adoption of hybrid cloud in the Middle East (primarily because of security and privacy concerns) and increasing spending on public cloud solutions, MSSPs will soon need to take charge of monitoring end-user cloud application activity along with hybrid solutions and to that end, should integrate security in to all their applications and product offerings.
Become a trusted advisor
Too often, vendors and partners alike, use the term ‘trusted advisor’ when characterising their partnership with end customers. But what does being a trusted advisor really mean? It means, building a level of accountability and transparency with the customer that goes far beyond just providing tactical security services. MSSPs should be in constant communication with their customers, regularly sharing analytics, threat intelligence and incidence reports. By educating the customer on their security posture, MSSPs allow the customer to take more informed, ‘evidence-based’ decisions and in doing so, gain the customer’s trust.
For those channel partners that are looking to build a robust security practice and set themselves apart from the competition, becoming an MSSP offers them the opportunity to truly add value by managing the routine IT security operations for end-users and at the same time grow their own revenue and margins.