Study Shows Cybersecurity skills gap continues to burden MSPs
A new research reveals that managed service providers (MSPs) worldwide are facing severe cybersecurity threats largely because they lack the expertise knowledge to adequately and proactively defend their own organization and their customers against attacks. This in turn is posing problem not only to their own business, but also their customers, primarily those from the SMB segment, as they lack the tools and resources needed to sufficiently defend against rising cyberattacks and threats.
The report, entitled “Under Attack: The State of MSP Cybersecurity in 2019,” found significant shortcomings in how MSPs offer cybersecurity, emphasizing the need for both MSPs and their SMB customers to reevaluate their cybersecurity strategies and identify effective solutions to bridge the widening IT skills gap.
Commissioned by Continuum and conducted by Vanson Bourne, the study found that 74% of MSPs have suffered a cyber attack, with 83% reporting that their SMB customers have suffered one as well. The research also identified how turbulence in the market has made MSPs question their confidence and capabilities, as two thirds worry that they wouldn’t be able to defend their customers during a cyber attack. Additionally, 80% of MSPs are running into barriers when selling cybersecurity solutions to their customers/prospects.
The cybersecurity skills gap continues to burden MSPs, with more than one in five reporting that their organization does not have the right technical skills, certifications and knowledge to adequately and proactively defend their own organization and their customers against attacks. Inaccessibility to resources also poses as a significant problem, with 40% of MSPs saying that their organization struggles to obtain and retain the skills necessary to deliver and sell security services.
As the rate of cyberattacks grows, MSPs could suffer severe consequences. 43% of MSPs claim that their organization would be held solely accountable if one of their customers experienced a cyber attack. Additionally, 83% of MSPs say that their customers would take legal action against them in the event of a cyber attack, putting even more pressure on organizations to adapt and optimize their cybersecurity approach.
“With threats and attacks still on the rise, MSPs should be looking to spark more meaningful conversations around cybersecurity—both internally and with their customers,” says Brian Downey, vice president of security product, Continuum.
“From knowledge comes confidence, and this research clearly indicates that the confidence level of MSPs in adequately supporting SMB cybersecurity needs is not where it needs to be right now. Finding the top talent, implementing the right cybersecurity solutions, and facilitating training programs to bring IT staff up to speed should be top priorities for any MSP as they continue to seek out ways to proactively protect their customers and themselves,” he added.
While this research highlights areas for improvement, it also offers valuable insight into new opportunities for MSPs and how to capture more revenue from their cybersecurity solutions. Shifting to a proactive approach, addressing the skills gap, and re-enforcing security training and education with customers could be keys to success identified by this research. As a result, MSPs with the proper security strategy and solution are likely to reap the financial rewards, with previous research finding that SMBs are willing to spend 27% more for the right cybersecurity offering.