Changing Mindset to switch from Reseller to Managed Security Service Provider

Cybersecurity incidents are impacting small- to medium- size businesses (SMBs) more and more. According to a survey conducted by the 2112 Group, whether a channel partner calls itself a value added reseller (VAR) or managed service provider (MSP), managed services represent a significant and strategic piece of their overall operations, value proposition and revenue and profitability. The average channel partner earns up to 30% of its revenue from recurring revenue. Life as a VAR has been great, but it’s time to consider changing to the managed security service provider (MSSP) model. Adding services to software sales has turned large profits for years. It’s time to get on the fast track.

Read on this article to learn how you can, as a VAR, most effectively protect SMBs and your business, creating loyalty and higher margins.

Topics covered include:

  • Cybersecurity risks to SMBs.
  • The business boom for MSSPs.
  • Turning risk into opportunity.
  • Capitalizing on the opportunity to change from VAR to MSSP.
  • And more.
Changing Your Mindset from VAR to MSSP
Changing Your Mindset from VAR to MSSP

Cybersecurity incidents are impacting small- to medium- size businesses (SMBs) more and more. Learn how you, as a VAR, can most effectively protect SMBs and your business, creating loyalty and higher margins.

Business is Booming for MSSPs
According to a survey conducted by the 2112 Group, whether a channel partner calls itself a value added reseller (VAR) or managed service provider (MSP), managed services represent a significant and strategic piece of their overall operations, value proposition, and revenue and profitability. The average channel partner earns up to 30 percent of its revenue from recurring revenue. Life as a VAR has been great, but it’s time to consider changing to the managed security service provider (MSSP) model. Adding services to software sales has turned large profits for years. It’s time to get on the fast track.

Capitalizing on the Opportunity – from VAR to MSSP
Successful cybersecurity requires not only bleeding-edge technology, but expert staff and mature processes. Simply reselling a portfolio of software solutions, trying to staff and train your own cybersecurity staff, and spending months or years developing standard operating procedures is futile. Start thinking recurring revenue rather than break/fix 1 to ensure your business’ survival. Thinking like an MSSP means that you should start focusing on the long-term relationship with your customer rather than how you can be there for them when technical issues arise in the short term.

Make changing your mindset from VAR to MSSP easier by partnering with the right cybersecurity solution provider that encompasses platform, people, and process. A good partner will make the change immediate and without incurring overhead costs.

When considering your cybersecurity solution, use the defense-in-depth strategy, which is the coordinated use of multiple security countermeasures. The strategy is based on the principle that it is more difficult for an enemy to defeat a complex and multi-layered defense system than to penetrate a single barrier.

Advanced targeted attacks are easily bypassing traditional firewalls and signature-based prevention mechanisms. All organizations should now assume that they are in a state of continuous compromise.

Gartner, Designing an Adaptive Security Architecture for Protection from Advanced Attacks

Cybersecurity Risk to SMBs
If you haven’t already approached small businesses, you should start. Couple software with services and you will quickly have a steady stream of revenue. Just how big is cybersecurity risk to small businesses? According to a recent Verizon Data Breach Investigation Report, 61% of breaches targeted SMBs, up from the previous year’s 53%. These cyber attacks cost small businesses anywhere between $84,000 and $148,000. And 60% of small businesses go out of business within six months of such an attack. “The percentage of revenue that SMBs devote to IT continues to grow, and that means great upside for MSSPs,” says Kaseya CEO Fred Voccola.

Turning Risk into Opportunity
SMBs are slowly waking up to the fact that traditional perimeter-focused defenses, such as firewalls and signature-based endpoint protection like anti-virus, are not enough to protect against modern cyber threats.

Experts say that managed security services will be a $40 billion space by 2022.5 As SMBs face the fact that they need cybersecurity solutions they can’t afford to build or manage themselves, MSSPs will be in position to save the day. As such, managed security services offer MSSPs an effective means to both protect revenue by further entrenching their services into customer environments and expand revenue by adding in-demand cybersecurity capabilities without overhead or risk. Voccola said about managed security services, “It’s the highest-margin managed services offering today.”

As the trusted IT advisor to businesses, MSSPs are in the perfect position, more than any cybersecurity solution vendor, to communicate the value of and deliver effective cybersecurity to SMBs. MSSPs must use this opportunity to consult with their SMB customers. A successful cybersecurity strategy must start with executive buy-in and context for leadership to understand what is at risk, and what a practical solution looks like.

Cybersecurity Maturity Model by Netsurion
Cybersecurity Maturity Model by Netsurion

Using tools like a Cybersecurity Maturity Model, organizations that gain perspective about where they are today, where they need to be as soon as possible, and where they’d like to be soon after.

The timing is right… right now. But how can your customer professionally ramp up and deliver powerful cybersecurity solutions that are practical and affordable by SMB standards, without taking on high technology and staffing costs?

Platform
With so many disparate cybersecurity solutions in the marketplace, technology selection is crucial. Start with the basics… if you don’t log it, then it doesn’t exist. Meaning, a platform that can log all security-related events across the entire network, aggregate them, correlate them, and cut through the noise is absolutely critical. This solution is called Security Information and Event Management (SIEM).

Cybersecurity technology landscape
Cybersecurity technology landscape

SIEM platforms have evolved from Centralized Log Management (CLM) tools years ago, and are currently considered the foundation and framework of any effective cybersecurity strategy. Today’s SIEM platforms go beyond comprehensive log management, analytics, alerts, and compliance to introduce behavior analysis, security orchestration, and automation – further cementing the placement as the key technology component.

The trouble with SIEM has historically been price (expensive software licensing and hardware dependencies) and practicality (heavy staffing for continual analysis and system tuning).

However, co-managed SIEM has effectively solved these barriers for SMBs by cloud-hosting the SIEM technology, streamlining deployment, integrating expert security analysts and procedures, and providing subscription-based pricing.

People
Staffing may be the biggest barrier to cybersecurity. With a current estimated 350,000 open cybersecurity positions in the U.S., and a predicted global shortfall of 3.5 million cybersecurity jobs by 2021, the industry clearly has a massive problem regarding supply and demand.

As VARs enter the cybersecurity market as MSSPs, it is critical to partner with a cybersecurity vendor that doesn’t deliver technology alone, but has a substantial managed service operation of their own. In a comanaged scenario, your cybersecurity vendor will help you deploy, administer, and tune the SIEM platform while also providing a 24/7 Security Operations Center (SOC). This SOC should therefore not only be staffed with security, threat research, and incident response analysts, the SOC will also be the platform specialists that can collaborate with engineering on product enhancements and routine optimization of the deployment.

Process
Standard operating procedures are built upon years of experience by experts in cybersecurity. The last key piece is to ensure your cybersecurity partner can provide evidence that their processes surrounding onboarding, reporting, analysis, and incident response are comprehensively defined and practiced. Your SOC team should have ISO-certification and a clearly documented Runbook.

Example Runbook for cybersecurity staff procedures
Example Runbook for cybersecurity staff procedures

Co-managed SIEM is the Clear Path
The bottom line is that VARs are facing an opportunity depending on their reaction at this crossroads, as SMBs are being increasingly impacted by cybersecurity. VARs that transform effectively into MSSPs are able to protect revenue and grow profit margin. Meanwhile, cybersecurity solution providers are looking to MSSPs to drive powerful threat protection and compliance into the SMB market. Together, in a co-managed SIEM security model, each group succeeds.

This whitepaper is Offered Free by: Netsurion EventTracker