Sophos released its inaugural "MSP Perspectives 2024" survey report, which found that the
biggest day-to-day challenge facing Managed Service Providers (MSP) is keeping
up with the latest cybersecurity solutions/technologies, cited by 39% of the
MSPs surveyed. Alongside this, MSPs indicated that hiring new cybersecurity
analysts to keep up with customer growth and keep pace with the latest
cyberthreats were also top challenges.
The survey
also reveals that MSPs perceive the shortage of in-house cybersecurity skills
to be the single biggest cybersecurity risk to both their own business and
their clients' organizations. MSPs also perceive stolen access data and
credentials and unpatched vulnerabilities to be amongst the biggest security
risks to their customers. The latest State of Ransomware 2024 report found that nearly a third
(29%) of ransomware attacks started with compromised credentials, showing the
prevalence of this entry vector.
"The speed of
innovation across the cybersecurity battleground means it's harder than ever
for MSPs to keep up with threats and the cyber controls designed to stop them.
When you couple this with a global skills shortage, which has made it
infinitely more difficult for many MSPs to attract and retain cybersecurity
analyst resources, its unsurprising that MSPs feel unable to keep pace with the
changing threat landscape," said Scott Barlow vice president of MSP at Sophos.
"This is all compounded by the need for 24x7 coverage as indicated in our 2023 Active Adversary report for Tech Leaders, which finds
that 91% of ransomware attacks now happen out of business hours."
In response to
this complex threat landscape, there is growing demand for managed detection
and response (MDR) services to provide always-on coverage. Currently 81% of
MSPs offer an MDR service, and almost all (97%) MSPs that do not currently
offer MDR plan to add it to their portfolio in the coming years.
Reflecting the
shortage of in-house cybersecurity skills, 66% of MSPs use a third-party vendor
to deliver the MDR service and a further 15% deliver jointly through their own
SOC and a third-party vendor. Topping the list of essential capabilities in a
third-party MDR provider is the ability to provide a 24/7 incident response
service.
MSPs are also
streamlining their cybersecurity partnerships, working with a small number of
vendors. The study revealed that over half (53%) of MSPs work with just one or
two cybersecurity vendors, rising to 83% that use between one and five.
Reflecting the effort and overhead of running multiple platforms, MSPs estimate
that they could cut their day-to-day management time by 48% if they could
manage all their cybersecurity tools from a single platform.
Other
interesting findings from the report include:
- 99%
of MSPs report an increase in demand for cyber insurance-related support,
with the most common requests including clients wanting to implement an
MDR service to improve their insurability (47%) or to receive help
completing their insurance application (45%).
- MSPs
want flexibility from their MDR provider, with 71% saying it is "essential
or very important" that the vendor can use telemetry from their existing
security tools for threat detection and response.
- MSPs
in the U.S. lead the way in MDR service provision with almost all (94%)
already offering MDR, compared to 70% in Germany, 62% in the U.K., and 58%
in Australia.
"While MSPs
have a huge job to do in protecting their customers against fast moving
adversaries, there's tremendous opportunity to grow their business and
profitability if they can find the right security set up. The data shows that
MSPs are strengthening their proposition and reducing overheads by amalgamating
the platforms they use and engaging with third-party MDR vendors to expand
their service offerings. As they look to build their security offering of the
future, they should prioritize vendors that can offer a complete portfolio of
industry-best, fully managed security services and solutions," continued
Barlow.