The managed cybersecurity services market is undergoing a significant shift, according to a new survey conducted by Osterman Research. As organizations struggle with too many alerts, too few security analysts, and increasingly complex security stacks, they are rapidly upgrading from Managed Security Service Providers (MSSPs) and legacy security tools such as SIEMs that aggregate alerts, to action-oriented MDR services.
Although detection remains a core capability, MDRs add automated response capabilities and access to cybersecurity professionals, enabling organizations to address alert overload, talent shortages and budget constraints.
“This study has found a significant change in how organizations plan to address today’s security challenges,” said Michael Sampson, senior analyst at Osterman Research. “The perfect storm of too many security tools creating too many alerts for overstretched security teams has created an urgent need for many organizations to move to more advanced managed security services.”
- Almost 60% of respondents experience false positive rates higher than 25%, wasting enormous amounts of analyst time. Only 14% report their false positives rates are below 10%.
- The number of security tools expected to be deployed in the next 12 months will grow over 80% driven by the increased use of disparate cloud applications.
- Almost 60% find it is not easy to recruit or retain security staff with the right skills.
- 79% of legacy MSSP users plan to upgrade to MDR services, while 12% have already done so.
- While 30% of respondents already use MDR services, another 42% plan to move to MDR in the next 12 months – an increase of 140%.
- Key reasons cited for adopting MDR includes augmenting existing security teams, automating response capabilities, improved threat detections, support for cloud services, and the need for 24/7 security operations.
The survey was conducted in April 2022 among 205 security and IT professionals from organizations of up to 2,500 employees in the United States across a range of industries including technology, financial services/banking, SaaS/software and professional services. Respondents currently use one or more MSSPs or MDR providers (69%) or are planning to do so in the next 12 months (25%) or in more than 12 months (6%).