Mergers and Acquisitions, Channel investors, MDR, XDR, IT management

Cybersecurity M&A Heats Up: What it Means for MSSPs and MSPs

Credit: Adobe Stock Images

M&A activity in the cybersecurity market is heating up recently with several deals. Since the end of April we’ve tracked five significant ones:

It raises the question, is there consolidation happening in the cybersecurity vendor channel? And if there is, what does that mean to MSPs and MSSPs?

First, there’s no secret that MSPs have been complaining about tool sprawl for cybersecurity and IT tools both. There are any number of vendors providing such point tools including those for email security, email security training, vulnerability management, endpoint security management, cloud security, SaaS security, compliance, and the list goes on.

Advanced Cybersecurity Tools

There are also many choices when it comes to advanced security tools such as MDR (managed detection and response) and XDR (eXtended detection and response). Some MSPs work with multiple vendors for this type of advanced security in order to assure better protection for their end customers.

When it comes to tool sprawl vs. platforms -- MSPs will always grapple with the big question that’s been around for decades – do you choose a single vendor for a platform of tools or do you choose a number of different best-in-class point solutions? 

But with the evolution to ecosystems, maybe MSPs and MSSPs don’t need to make that choice anymore.

MSP tools platform vendors such as ConnectWise and N-able have embraced the idea of providing a platform that other third-party tools vendors can plug into. This lets MSPs get a single platform, but lets them choose individual tools that they believe best fit the needs of their businesses and their customers’ businesses.

Cybersecurity Platforms for the Win

The same is true for some cybersecurity vendors. For instance, Stellar Cyber pitches itself as an Open XDR provider. What does “open” mean in this case? It means that Stellar Cyber is serving as a platform that works with other tools. By enabling the integration through the Stellar Cyber platform, the vendor does the integration work and the MSP or MSSP doesn’t need to do it. But they still get the benefits of it.

“Customers asked for a consolidated security stack to save time and money early in our history,” Stellar Cyber founder and CTO Aimei Wei told ChannelE2E. “Analysts looking across disparate tools and screens add latency to outcomes. This human latency is what downgrades the quality and speed of outcomes.”

By creating a platform that other vendors can plug into, Stellar Cyber streamlines that process for MSSPs.

“MSSPs tell us that unified systems not only streamline operations and reduce costs but also enhance the overall effectiveness of their threat detection and response capabilities. By tightly coupling key tools, SecOps teams can see both the forest and the trees – gaining deep insights form tools like EDRs while maintaining a comprehensive  view across all tools and data feeds… This is why we built our AI-driven Open XDR platform with a single license.”

The Cybersecurity Market is Growing

How do we make sense of an acceleration of M&A in cybersecurity on one hand but then on the other hand the rise of ecosystems and platforms? Is the industry contracting or growing? Canalys Chief Analyst Jay McBain says that the industry is growing.

“There are 6,500 vendors that will probably grow to 10,000 by 2030,” he told ChannelE2E.

“For example, the marketing platforms like Eloqua, Marketo and Hubspot didn’t reduce innovation, they grew it. There are 14,106  MarTech ISVs now in that space and growing by 1,000 per year.”

That’s the kind of growth available now to MSPs and MSSPs because of this new ecosystem evolution.

“What a platform really does is benefit a partner and customer with a rich set of horizontal functionality that can then be augmented by others companies to complete the 7-layer tech stack. Companies like Microsoft, Cisco, Palo Alto, and CrowdStrike can be trusted to vet the other players and lead to more demand for niche tools,” he said. “The ecosystems of the top IaaS and SaaS players continue to grow at a phenomenal pace and the same will happen in security benefitting all participants in the network.”

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.