Top MSP Challenges & Opportunities in Delivering Security Services
Acronis recently published landmark research that explores the critical issues managed service providers (MSPs) face with respect to cybersecurity attacks, remote work, SaaS tool management, and vendor sprawl.
Conducted by Vanson Bourne in conjunction with media partner ChannelPro Network, this research surveyed 400 MSPs across the globe to discover the biggest challenges and opportunities they’re encountering in providing cybersecurity, backup, and disaster recovery (DR) services to their clients.
Let’s explore some highlights from the report.
MSPS and their clients face significant cyber risks
According to the survey results, 97% of MSPs are concerned their organization could suffer a breach over the next 12 months that can compromise their clients’ IT systems. While this is a jaw-dropping number, MSPs have learned from their experiences as they and their clients have suffered a range of cyberattacks this past year.
Dependent on the attack type, as many as 43% of MSPs with less than 99 employees reported that they suffered from data loss or downtime due to some type of cyberattack within the past 12 months. Up to 44% of their clients also suffered data loss/downtime from the same types of attacks.
Business owners may believe that their company is too small to target, but this is a potentially catastrophic line of thinking. The survey discovered that many clients of smaller MSPs have also suffered from data loss or downtime because of a breach. For example, 50% of the clients of MSPs with one to four employees suffered from a malware attack, 56% were hit by brute force attacks, and a staggering 58% experienced a supply chain attack.
Several major factors contribute to this ever-increasingly cyberthreat landscape:
The rise of remote work
A global shift to remote-first work models has increased the challenges that service providers face in providing cybersecurity, backup, and DR services. Companies of all sizes rely on tools to support remote data access, collaboration, and bring-your-own-device practices — and all these tools need to be secured.
- 97% of MSPS surveyed believe it will be a challenge for their organization to deliver cost-effective protection to their clients going forward.
- 43% of MSPs state that they have a limited number of tools available for managing remote work environments.
- 39% are struggling to learn how to best protect the technology used by remote employees.
- 38% of MSPs report that supporting remote work has increased the cost of protecting their clients.
In fact, MSP respondents have seen an average cost increase of 19% for cybersecurity, backup and/or DR services over the past two years. This escalation is likely due in large part to the rise of remote work. Regardless, most MSPs, and even the smallest service providers, have struggled to communicate the need for this increase to their clients. Even with revenue increases, 17% of MSPs believe they will be extremely challenged to provide these services cost-effectively.
This is a challenging situation for MSPs. They must invest in the necessary solutions to keep their clients protected, otherwise they risk losing their trust and their clients or they must shoulder the burden of the increases themselves, reducing their own profit margin.
The risks of unprotected SaaS tools
MSPs report that their clients use an average of 14 SaaS tools, but only 58% of these tools are managed by service providers. Moreover, only 3% of MSPs believe they are protecting 100% of the SaaS tools used by their customers. Not managing all their clients’ SaaS tools can lead to blind spots on their clients’ networks, which the MSPs are unable to protect. Even in cases where an MSP is aware of the SaaS tools its client is using, the MSP can struggle to protect them or troubleshoot issues their client has with them if the MSP is not managing them.
While the situation for these service providers is troubling at the moment, it also presents a great opportunity for new revenue streams — so long as MSPs can communicate to their clients the value in having these unprotected services managed professionally. Some of the biggest obstacles MSPs currently face in increasing their management over clients’ SaaS tools are not a lack of internal expertise, but rather lie in their relationship with SMB decision-makers and a perceived lack of trust in the service provider’s abilities. Using tools and solutions with demonstrable security credentials can help to build this trust and improve relationships.
The use of multiple vendors
MSPs use an average of four vendor solutions to provide cybersecurity, backup, and DR services to their clients, and over 30% report using more than five vendor solutions. Unfortunately, the use of multiple solutions can result in an overlap in the services provided or may leave surfaces partially exposed, putting clients’ networks at risk. In addition, delivering multiple products requires IT professionals to be trained on each — a costly proposition. Bouncing back and forth between interfaces can also result in missed alerts and open dangerous security gaps.
A strong trend towards integration and consolidation of tools
To overcome all these challenges, 92% of MSPs have consolidated — or are planning to consolidate — the number of vendors they work with for cybersecurity, backup, and/or DR services. Additionally, 41% of MSPs indicate that the automation of backup and recovery tasks is a priority.
MSPs are strongly in agreement about the importance of automation and machine intelligence (MI):
- 87% indicate that automation is the future when it comes to cybersecurity.
- 85% indicate that artificial intelligence (AI), machine learning (ML), and MI are crucial to solving the data protection and recovery challenges their clients are facing.
- 88% agree that AI/ML/MI within their cybersecurity, backup, and DR solutions will help them compensate for skill shortages.
MSPs also agree that integration of these services results in a cost savings as high as $229k and an average reduction of five hours in the amount of time spent recovering from a breach or data loss incident in a client’s IT network. In addition to improving their clients’ protection levels, integration and consolidation can allow MSPs to realize an improved profit contribution without having to raise their prices or reduce the level of service they provide. This can contribute to the development of better long-term relationships with their clients.
How Acronis helps MSPs achieve their goals
The results from this research are clear — MSPs are facing significant challenges when it comes to providing comprehensive cybersecurity services, and there is consensus that consolidating vendors and integrating cybersecurity, backup and DR solutions can provide optimal security and significant savings. MSPs also have great potential for growth through expanded services and new revenue streams, so long as they can demonstrate the value they’re providing to customers.
Acronis provides MSPs with a unified data protection, cybersecurity, and protection management solution that eliminates the complexity and challenges associated with managing multiple vendors while improving security. Acronis Cyber Protect Cloud features a set of essential cyber protection capabilities included at no cost or on a pay-as-you-go basis. This enables MSPs to build services at little to no upfront expense, ensuring 100% coverage of clients’ systems, applications, and data.
With one license, one agent, one backend, one management console, one user interface, and one vendor support line, Acronis Cyber Protect Cloud ensures MSPs can fully protect their clients and eliminate the need to juggle multiple solutions. A single pane of glass provides the visibility and control needed to deliver comprehensive cyber protection — from creating local and cloud-based backups, to stopping zero-day malware attacks with advanced MI-based anti-malware and antivirus defenses that are VB100-certified.