Today’s security services landscape is changing rapidly, and more traditional products are being offered as part of a broader solution set.
To investigate how security solutions are being consumed, and how service producers are going to market with solutions, IDG Research, in partnership with N-able, surveyed 53 IT security service providers across Australia.
The research found service providers now have a good opportunity to go to market with integrated solutions, including advanced endpoint protection (EPP) which offer more than one single outcome.
The types of threats most often encountered are the persistent threats of phishing and malware continue to be prevalent as are password and ransomware attacks. The research showed an alignment between the most active threats and mitigation techniques adopted by customers.
Email filtering adoption was the standout exception by not being aligned with the number one observed threat of phishing attacks.
For most organisations a security breach will have some impact on operations, but for security service providers there is a high chance of loss of business. The survey asked respondents how a client security breach would impact their business, and the stakes are very high.
More than two-thirds of respondents believe a client security breach will result in loss of business and a similar rate think their company reputation will suffer as well. Only 22% of security service providers believe a customer breach will not impact their business.
Security service providers filling skills gaps
To discover which technologies and services are in demand, and how these are meeting customer requirements, the research looked at the range of customer solutions on offer.
Service providers are mostly offering anti-virus and firewall solutions, and, to keep up with phishing, more than half are offering e-mail filtering.
The growing demand for advanced EPP is seen among the respondents with around 40 per cent offering those services.
Good security skills are notoriously difficult to attract and retain, and services providers are well placed to offer on-going solutions which would be difficult to setup and manage in house.
When asked what some of the most important security solutions are to keep their customers protected, respondents see firewall solutions well ahead of the pack.
Attacks are growing in volume and sophistication and more automated solutions are required to mitigate their impact.
A managed service, recurring revenue model is by far the favoured way to package products and engage with customers.
Simply offering one type of solution per customer is not scalable and does not guarantee as much recurring revenue.
This is further demonstrated with the majority (60%) of service providers offering standardised “stacks” they can deploy across their client base.
Security-as-a-Service providers must find the right mix of solutions that offer customers access to the best technology without prohibitively long deployment times.
Integrated tech changes security solution landscape
As the research found with Security-as-a-Service, there is a strong desire to offer standardised packages that can be used across a client base.
Many security products are already available as-a-Service; however providers still need to do integration work to offer a solution to a customer.
More than 7 out of 10 service providers are building out their solutions on top of vendor’s products. This trend is significant for vendors looking to offer more features as part of a portfolio of services – the easier they are to integrate, the more likely they are to be included in a bundled service.
In one example of this integration, a high 83 per cent of respondents have cyber security solutions integrated with a remote monitoring and management service, indicating there is high demand from customers.
For service providers building integrated solutions the most sought after requirement is good partner and customer support.
This is followed by automation capability, which helps service providers deploy solutions at scale. Thirdly cost is a factor for service providers. If components are too expensive then the margin per customer diminishes.
IDG’s research is conclusive – most security service providers are building out their solutions on top of vendor’s products.
In a hotly contested skills market, services providers are well placed to offer on-going solutions which would be difficult to setup and manage in house.
Service providers are looking to offer more features as part of a portfolio of services and better customer support is the key decision making factor when selecting a vendor partner.
N-able offers an EDR (SentinelOne) solution which is a form of advanced EPP integrated with remote monitoring and management.