Making the Shift to a Converged MSSP

May 11, 2020
Adding IT and cybersecurity services may be the key differentiator that enables integrators to continue to earn new business

This article originally appeared in the May 2020 issue of Security Business magazine. When sharing, don’t forget to mention @SecBusinessMag!

I am a big believer in business pivots. In my opinion, a great entrepreneur can see an opportunity and quickly pivot the business in a new direction. Sometimes these moves are dramatic, and sometimes they are small, but to miss the moment can often mean missing a game-changing opportunity.

Right now, for many security integrators, cybersecurity may just be that pivot.

While cyber may seem outside a security integrator’s capability, I have personally seen a marked increase in the number of security integrators who now provide electronic security paired with traditional IT managed services and comprehensive cybersecurity. Some have built these organizations through M&A, and others via organic design – whichever way the company is built, being able to offer an entire suite of “security” is putting them in a unique and advantageous position in the market.

Since everything these days rides on the corporate network, a large majority of the security purchasing decisions among end-users has moved to the IT leader. Companies who provide a mix of electronic security, IT services and cybersecurity have a seat at the table with these IT decision makers and are well positioned to offer a suite of solutions from one provider. It also marks a key differentiator for the security integrator who delivers cybersecurity; in fact, the ability to explain, understand and offer cybersecurity may instill more of a trust factor amongst these decision makers, especially as they navigate the risks that IoT devices pose to their networks.

Some of these “hybrid” integrators have now moved beyond traditional installation and service, having developed well-rounded managed service packages that include managed electronic security and cybersecurity solutions. This design shapes the converged Managed Security Service Provider (MSSP) and truly changes the game.

Offering Options

Given the breadth of cybersecurity needs and solutions – which also varies by industry, compliance and sector – cybersecurity providers should be able to add unique value and differentiate. There are a variety of offerings available to be packaged or bundled as needed.

One area a traditional cybersecurity provider tends to focus in on is around assessments and technical testing. The goal of these services is to identify critical weaknesses and vulnerabilities that might be used by an attacker. A variety of services and tools are available to assist, here are a few:

Managed Risk Assessments: A good cybersecurity program includes regular assessments. Often an organization will utilize and map against a cybersecurity control framework to analyze where they stand and the strength of their cybersecurity posture. There are a number of these frameworks that can be used, such as NIST – one of the most widely used. Once an assessment is complete, an organization can more clearly understand gaps and begin to prioritize and remediate as needed.

Managed Vulnerability Scanning: By deploying these technology tools, an organization can scan networks, devices, websites and applications to identify weaknesses. Scan results may include surfacing out of date software, hardware and even IoT devices that still have default passwords. Once a report is generated, an organization will take these results and remediate any findings, beginning with the critical ones first, then working to medium and low. 

Managed Penetration Testing: Simplified, this is the art of hiring a good person to do what bad people do. These “ethical hackers” are trained (and often certified) individuals tasked with trying to break into networks and systems using a variety of tools and methodologies, which ultimately works to identify security holes and weaknesses. The results of the tests are produced in a detailed report outlining the findings – some of which may be shocking to the end-user, who may realize they have had a weakness or misconfigured security system devices for a long time.  

While penetration testing applies to just about anyone with a network, one segment of the market with a unique need for penetration testing services is software development. Beyond testing company networks and devices, these companies have developed SaaS-based web applications that should have penetration testing conducted on them. These Web Application Penetration Tests (WAPT) go beyond simply just trying to access the software platform from the internet, but also include testing the software from within the application from a variety of different user levels, ranging from regular users to super admins.

RMR Opportunity

Assessments and testing are just a small example of what may make up an organization’s cybersecurity offering. Many other opportunities exist to expand managed service coverage, such as phishing simulations, Dark Web monitoring, cybersecurity policy development, and detection and response.

No matter how it is assembled, having a cybersecurity offering means new and continued business. Doing so can generate RMR for providers, since these activities are typically not performed once, but on a scheduled cadence depending on the customers risk and compliance needs.

Like electronic security, most cybersecurity services are now managed and deployed by software platforms available in the market. By design, they enable a security integrator to easily go to market with cloud-based solutions. By using a software platform, an integrator does not have to invest heavily in new talent or manage a stock of disparate technology tools and can easily provide their customer a comprehensive cybersecurity program.

The direction a security integrator leader takes their business is their own decision to make. The question is, will you stay the course or make the pivot?

Rob Simopoulos is the Co-Founder of Defendify, the all-in-one cybersecurity platform that makes cybersecurity possible for Small Business. In his 20+ years in the security industry, he has received awards and recognition from many trusted industry experts and publications. Email him at [email protected].

About the Author

Rob Simopoulos

Rob Simopoulos is the Co-Founder of Defendify, the all-in-one cybersecurity platform that makes cybersecurity possible for Small Business. In his 20+ years in the security industry, he has received awards and recognition from many trusted industry experts and publications. Email him at [email protected].