MSPs face increased risks and opportunities to rethink cybersecurity

Managed service providers (MSPs) and their small-and medium-sized business (SMB) customers lack the tools and resources needed to sufficiently defend against rising cyberattacks and threats, according to Continuum.

Security shortcomings

The report found significant shortcomings in how MSPs offer cybersecurity, emphasizing the need for both MSPs and their SMB customers to reevaluate their cybersecurity strategies and identify effective solutions to bridge the widening IT skills gap.

Conducted by Vanson Bourne, the study surveyed 200 MSPs across the United States, and found that, in the past year, 74 percent of MSPs have suffered a cyberattack, with 83 percent reporting that their SMB customers have suffered one as well.

The research also identified how turbulence in the market has made MSPs question their confidence and capabilities, as two thirds worry that they wouldn’t be able to defend their customers during a cyberattack. Additionally, 80 percent of MSPs are running into barriers when selling cybersecurity solutions to their customers/prospects.

Cybersecurity skills gap and lack of resources

The cybersecurity skills gap continues to burden MSPs, with more than one in five reporting that their organization does not have the right technical skills, certifications and knowledge to adequately and proactively defend their own organization and their customers against attacks.

Inaccessibility to resources also poses as a significant problem, with 40 percent of MSPs saying that their organization struggles to obtain and retain the skills necessary to deliver and sell security services.

Possible consequences

As the rate of cyberattacks grows, MSPs could suffer severe consequences. 43 percent of MSPs claim that their organization would be held solely accountable if one of their customers experienced a cyberattack.

Additionally, 83 percent of MSPs say that their customers would take legal action against them in the event of a cyberattack, putting even more pressure on organizations to adapt and optimize their cybersecurity approach.

“With threats and attacks still on the rise, MSPs should be looking to spark more meaningful conversations around cybersecurity – both internally and with their customers,” says Brian Downey, vice president of security product, Continuum.

“From knowledge comes confidence, and this research clearly indicates that the confidence level of MSPs in adequately supporting SMB cybersecurity needs is not where it needs to be right now.

“Finding the top talent, implementing the right cybersecurity solutions, and facilitating training programs to bring IT staff up to speed should be top priorities for any MSP as they continue to seek out ways to proactively protect their customers and themselves.”

What can organizations do?

While this research highlights areas for improvement, it also offers valuable insight into new opportunities for MSPs and how to capture more revenue from their cybersecurity solutions. Shifting to a proactive approach, addressing the skills gap, and re-enforcing security training and education with customers could be keys to success identified by this research.

As a result, MSPs with the proper security strategy and solution are likely to reap the financial rewards, with previous research finding that SMBs are willing to spend 27 percent more for the right cybersecurity offering.