By Michael O’Brien, Regional Vice President, Strategic Routes to Market
When managed security service providers (MSSP) evaluate a cybersecurity vendor, they usually start by reviewing the technology offerings. The vendor’s technologies often drive the MSSP’s business model and ability to respond to client needs. Technology is the core concern for many MSSPs. However, focusing solely on technology ignores the other two parts of a robust cybersecurity program. The people that use technology need processes that streamline their daily tasks.
What is an MSSP business?
An MSSP offers security device management and continuous monitoring using a collection of technologies that enable them to provide:
- Networking capabilities, like software-defined wide area networking (SD-WAN)
- Security operations center (SOC) services
- Security capabilities like next generation firewalls (NGFW) or web application firewalls (WAF)
- Security analytics
- Threat intelligence
- And more
Companies looking for a cost-effective way to enhance their security posture work with MSSPs to mitigate some or all of their cybersecurity risk, and overcome the cybersecurity skills gap.
The Importance of the MSSP Business-Vendor Relationship
While many MSSPs focus on cybersecurity technology capabilities, they should remember that their customers come to them for services. Too often, MSSPs view their vendor relationship as a transactional agreement focused on products. However, when they incorporate cybersecurity vendor experience they can build a relationship that enables long-term business success.
MSSPs should treat conversations with their sales engineers the same way they would treat potential employees during a job interview. The sales engineers should be able to understand and articulate the MSSP’s:
- Business objectives: how their technologies enable the MSSP to meet long and short term business goals
- Metrics their customers use: what the MSSP’s ideal customer needs to understand security posture and maturity
- Way the customer defines success: how customers determine whether the MSSP is helping them achieve their security goals
“To build successful short- and long-term business strategies, MSSPs need vendors who have best-in-class technologies supported by knowledgeable people and proven processes.”
Important Questions to Ask When Searching for A Vendor
To achieve a successful and profitable cybersecurity vendor relationship, MSSPs need to consider how vendors respond to important evaluation questions.
- How Does Your Service Produce Success?
Vendors should understand the services portion of the MSSP equation. For MSSP customers, security is one part of a larger business model. For MSSPs, security is the business model. A vendor should discuss its technologies in ways that align with MSSP business and revenue objectives. Some terms to look for include:
- Time-to-revenue: the average revenue per unit (ARPU) the MSSP needs to generate to turn a profit from a new offering
- Best practices: ability to bring a consistent set of security policies and practices to all customer cloud deployments
- Offer lifecycle: knowledge of the closed loop process that includes technology discussions, proof-of-concept and validation phase, trials with early adopters and pilot projects, and production
- How Do Your Services Compare to Competitors?
Ultimately, the vendor should help its customer achieve its business objectives.
MSSPs evaluating vendors should consider whether they provide the following support capabilities:
- Training and assistance: training from in-house expertise to help improve MSSP staff cybersecurity skills
- Mentorship programs: programs that help MSSPs find ways to improve their services portfolios
- Offer Development: Dedicated program and individuals which have an expertise in the design, deployment and management of MSSP services
- What Are Your Technology Standards?
Finally, MSSPs need to ensure vendors take the same approach to their technology standards that they do their people. A vendor that understands the MSSP business will provide technologies that are integrated and integratable. While an integrated solution incorporates multiple tightly-connected technologies that work together, an integratable solution fits seamlessly into the overarching business technology stack.
A vendor’s technology services should be:
- Flexible: delivering an offering in multiple ways across multiple platforms
- Scalable: combining different features, like converging networking and security, to ensure future growth
When a vendor provides well-defined technology standards, it proves its commitment to MSSPs. By reducing the operational overhead per customer, the MSSP is more profitable.
How Do You Keep Your Technologies Up-to-Date?
The cybersecurity vendor acts as the MSSP’s intermediary between attackers and customers. As part of the vendor’s threat intelligence services, the MSSP should have people engaging in research.
Cybersecurity vendors should have teams actively engaged in zero-day research that support their artificial intelligence (AI) and machine learning (ML) technologies. These supporting services should include research across:
- Files and endpoint
MSSPs use cybersecurity vendors as the foundation of their services and offerings. To build successful short- and long-term business strategies, MSSPs need vendors who have best-in-class technologies supported by knowledgable people and proven processes. MSSPs must have a true relationship with their vendor so that they can provide their customers with the best services possible.