Sophos, a provider of cutting-edge security solutions combatting cyber threats, unveiled its inaugural “MSP Perspectives 2024” survey report. The report highlights the primary day-to-day challenge for Managed Service Providers (MSPs) as keeping abreast of evolving cybersecurity technologies, cited by 39% of respondents. Additionally, MSPs expressed struggles in hiring cybersecurity analysts to match customer growth and tackle emerging cyber threats.
The survey underscores MSPs’ perception of the shortage of in-house cybersecurity expertise as the foremost risk to both their own operations and their clients’ organizations. Among other significant risks identified are stolen access credentials and unpatched vulnerabilities, with ransomware attacks often initiated through compromised credentials, accounting for nearly a third (29%).
Scott Barlow, Vice President of MSP at Sophos, emphasized the increasing difficulty for MSPs to contend with the rapidly evolving threat landscape amidst a global skills shortage. Barlow noted the necessity for round-the-clock coverage, given that a staggering 91% of ransomware attacks now occur outside standard business hours.
To address these challenges, there’s a burgeoning demand for managed detection and response (MDR) services, with 81% of MSPs currently offering such services. Moreover, an overwhelming majority (97%) of MSPs not currently providing MDR intend to incorporate it into their service offerings in the near future.
In light of the scarcity of internal cybersecurity skills, 66% of MSPs rely on third-party vendors for MDR services, with 15% adopting a collaborative approach between their own Security Operations Center (SOC) and external vendors. Key criteria for selecting third-party MDR providers include the capability to deliver 24/7 incident response services.
MSPs are also rationalizing their cybersecurity partnerships, with over half (53%) collaborating with just one or two vendors. Streamlining these partnerships could potentially reduce day-to-day management time by up to 48%, according to MSP estimates.
Additional insights from the report include:
– A notable increase in demand for cyber insurance-related support, with 99% of MSPs reporting heightened client interest.
– A preference for MDR providers offering flexibility, with 71% of MSPs emphasizing the importance of leveraging existing security tools for threat detection and response.
– Discrepancies in MDR service provision across regions, with U.S. MSPs leading the adoption at 94%, followed by Germany (70%), the U.K. (62%), and Australia (58%).
Barlow concluded by highlighting the significant business growth opportunities for MSPs in fortifying their security offerings and reducing overheads through platform consolidation and third-party MDR engagements.
The MSP Perspectives 2024 report drew insights from a vendor-agnostic survey of 350 MSPs across the U.S. (200), U.K. (50), Germany (50), and Australia (50), conducted by research firm Vanson Bourne in March 2024 and commissioned by Sophos.