Top 10 Managed Security Services Offered by MSPs
MSPs in the small business market continue to expand their managed security services portfolios, according to Datto research. Still, the line between security-minded MSPs vs. pure-play MSSPs remains clear, according to ChannelE2E and MSSP Alert market analysis.
According to the Datto 2021 State of the MSP Report, the top 10 managed security services now offered by MSPs in the SMB sector include:
- Advanced endpoint security such as next-gen antivirus and endpoint detection and response (EDR): 84%
- Email security: 82%
- Data loss protection: 79%
- Security framework and compliance auditing: 78%
- Identity and access management (IAM) and single sign-on (SSO): 75%
- Anti-malware: 73%
- Password policy management: 72%
- Two-factor authentication (2FA): 68%
- Firewall: 66%
- Remote access technologies (VPN) and/or mobile device management: 63%
MSPs Partner With MSSPs, MDR Service Providers
In many cases, those MSPs are partnering to roll out managed security services. Key partner types of MSPs and strategic moves in the security sector, according to Datto’s findings, include:
- Co-managed security tools: 67%
- Partner with an MSSP: 61%
- Hire internal security talent: 51%
- Leverage contracted/consulting security experts: 49%
- Partner with an MDR (managed detection and response) service provider: 44%
- Educate internal talent pools: 35%
Admittedly, the Datto 2021 State of the MSP Report may have some built-in biases, since Datto’s partner ecosystem leans heavily on Datto’s own data protection, remote monitoring and management software.
MSSP Market: Top 10 Managed Cybersecurity Services
The MSP-SMB security market is somewhat different than the pure-play MSSP market, where cybersecurity service providers have bet their entire businesses on risk mitigation for enterprise, midmarket and emerging businesses.
In the MSSP sector, according to the MSSP Alert Top 250 Report from 2020, the 10 most popular managed security services offered include:
- Security information and event monitoring (SIEM) and response: 97%
- Vulnerability assessment and management services: 91%
- Endpoint Detection and Response (EDR): 89%
- Managed Detection and Response (MDR): 89%
- Incident Response Services: 83%
- Reporting for compliance use cases across log event and data sources: 82%
- Intrusion Detection and Prevention Systems (IPDS): 76%
- Threat Intelligence Services: 76%
- 24/7 Security Operations Center (SOC) for event monitoring and response services: 76%
- Unified Threat Management (UTM): 69%
Emerging Managed Security Services: What’s Next
Longer term, ChannelE2E and MSSP Alert are closely tracking emerging cybersecurity services that involve SaaS Application Security Monitoring and Cloud Security Posture Management. Here’s a closer look at those two emerging trends.
1. SaaS application security monitoring for Office 365, Salesforce, Google Workspace, and more. Emerging companies in the SaaS monitoring, management and/or security market include:
- Adaptive Shield ($4 million seed);
AppOmni ($40 million Series B);
- DoControl ($10 million Series A);
- Grip Security ($6 million seed);
- SaaS Alerts ($1.2 million early stage); and
- Torii ($10 million early stage).
Of the six companies listed above, Augmentt and SaaS Alerts are the two that are most directly engaging MSPs as partners.
2. Cloud Security Posture Management (CSPM): Here, software tools allow MSSPs to monitor whether customers properly configure public cloud services that run on Amazon Web Services, Microsoft Azure and/or Google Cloud Platform. Recent acquisitions and/or product launches in the CSPM market involve Deloitte, Palo Alto Networks, Sophos and Zscaler, among others.
MSPs: Late to the CSPM Opportunity
Many of the major security software companies are launching and/or building CSPM solutions for MSSPs. However, the traditional MSP software market is generally late to the CSPM market.