We’ve said this before, but human capital is a core strength of the managed services profession and has been for many years. We have also written extensively about the need for MSPs to have a well-considered security offering strategy. It is inexcusable for MSPs to enter 2020 without some form of managed security offering (or have an effective referral process for involving managed security providers to do the work).

Security Personnel Are Difficult to Find and Keep

A new ISACA study of cybersecurity professionals found that 69% of the respondents felt their security teams were understaffed. In addition to having understaffed cybersecurity teams, the study also went on to claim that cybersecurity budgets are expected to grow at a slightly decreased rate.

Taking these two statistics together provides clear evidence that customer cybersecurity environments are understaffed and being tasked to do more (or at least the same) with less budget. Human capital scarcity and decreases in the rate of growth allow for ample opportunities for outsourcing to MSPs.

The problem is when MSPs do not have a meaningful security offering, their value to a global market is greatly diminished. MSPs on the fence about entering the managed security market have significant choices to make. Deciding to become an MSSP should not be undertaken lightly.

However, no MSP should view managed security as a sector unlikely to pay off huge dividends. To the contrary, there are relatively few MSSPs operating effectively today; certainly not enough MSSPs to fulfill the demand by customers.

Managed security is not for everyone. There are legitimate reasons an MSP would choose not to enter the security market. There are, however, ample reasons for MSPs to consider managed security.