The march toward managed security services involves some challenging math. No doubt, the industry is growing. But the managed security supply chain -- spanning software companies, MSSPs, MSPs, end-customers and more -- also faces some cost challenges.
That reality surfaced two years ago during ConnectWise IT Nation 2018, when the company and its MSP partner ecosystem attempted to sort through potential managed security pricing models. In breakout sessions that year, ConnectWise co-founder Arnie Bellini made it clear that he was seeking ways to drive down security costs -- so that MSPs could lock down their own networks more effectively, protect customer environments, and generate healthy profit margins.
Fast forward to February 2019. Private equity firm Thoma Bravo acquired ConnectWise. Then at IT Nation 2019 in October, ConnectWise acquired Continuum. Among the potential perks: Continuum had built a Security Operations Center (SOC) practice that had traction with some MSPs. And under CEO Jason Magee, ConnectWise vowed to bolster its security posture and stature -- both internally and across the MSP market.
Over the past year, ConnectWise has made progress on the security front. But I suspect the company also discovered a hidden challenge with the acquired Continuum SOC.
Now, to be clear, the rest of this blog is filled with my speculation. I don't know the following as factual. --jp
My thesis goes like this: Continuum's SOC largely leveraged third-party cybersecurity software. Paying for that third-party software, naturally, was a cost center for Continuum. No doubt, Continuum and new owner ConnectWise pursued more efficiencies through automation. Smart. But the SOC's dependence on third-party security software meant that ConnectWise didn't fully control it's long-term pricing and R&D fate.
The challenge: As the ConnectWise SOC grew, so too would ConnectWise's costs for running third-party subscription software. Somehow, ConnectWise needed to free itself of those third-party costs to better support a multi-tier model that extends from ConnectWise to MSPs to end-customers. The potential solution: Acquire and inject more of ConnectWise's own intellectual property into the SOC, or perhaps leverage open source in some dramatic way.
Next Move: Coming Soon?
Fast forward to present year. The ConnectWise IT Nation 2020 Virtual conference is set to start on November 10. And ConnectWise may be set to acquire both Perch Security and Stratozen, rumors suggest. Perch offers co-managed threat detection and response for MSPs. Stratozen is a master MSSP that offers SOC as a Service, co-managed SIEM, and SIEM as a Service to more than 1,000 organizations.
If the alleged acquisitions surface, some MSPs may think this is ConnectWise's attempt to have partners consume and sell more stuff. Sure, that's part of it. But the bigger picture involves ConnectWise's effort to drive down the cost of delivering cybersecurity from itself to MSPs to end-customers, ChannelE2E believes.
This isn't a new journey. Both ConnectWise and Fishtech Group invested in Perch Security's Series A round in 2018. Fast forward to present day. Perhaps both ConnectWise and Perch faced an inflection point. Maybe Perch was in the market for more funding. And perhaps ConnectWise knew it needed more of its own security IP in-house, rather than paying third-party software firms for SOC software capabilities.
Service Providers or Security Software -- Or Both?
In some ways, both Perch Security and Stratogen are managed security service providers. In other ways, they're software companies. The big question: Can their intellectual property, under ConnectWise's potential ownership, help MSPs to drive down the cost of delivering cybersecurity from Tampa to MSPs to end-customers?
We may get the answer during ConnectWise IT Nation Connect 2020 virtual edition, starting on November 10. In the meantime, here endeth my speculation.