Continuum, as expected, today unveiled a security business initiative for IT service providers and MSPs that support small business cusotmers. The push, announced at the Navigate 2017 conference, includes two key components: Profile & Protect and Detect & Respond.
The launch comes as thousands of MSPs face an inflection point: Build their own security operations centers (SOCs) or partner with third-parties for such expertise. "The idea of an MSP building a SOC out in the field is absurd," George said, pointing to talent and technology costs.
Instead, Continuum wants to be that SOC destination -- and more -- for MSPs, many of which simply can't find, hire and train security talent on their own.
"The line between MSP and MSSP has effectively disappeared," George told conference attendees. Small businesses, he asserted, assume MSPs are in a position to safeguard customer assets. But to safeguard those customer assets, MSPs will need a partner like Continuum, George asserts.
Continuum Past, Present, Future
The company already offers an integrated platform that spans RMM (remote monitoring and management), BDR (backup and disaster recovery), help desk and NOC (network operations center) services. The Continuum Security offerings appear to be a natural platform extension for the company. But the company will need to prove that it can deliver on its SOC vision and promise, attendees at Continuum Navigate 2017 tell ChannelE2E.
The Continuum Security strategy starts with Profile & Protect -- which allows IT service providers to "define their security offerings based on targeted profiles built for specific threat vectors, including Phishing & Ransomware, Insider Threat, External Threat and Top Exploits."
The strategy allows MSPs to "transform broad cybersecurity services into specific offerings, establish proper expectations and SLAs with clients, and maximize their margins in the security sector," the company claims.
Detect & Respond: A SOC for MSPs
Next up is Detect & Respond -- which leverages Continuum new 24x7 Security Operations Center (SOC). The SOC monitors for indicators of compromise, separates false positives from actual malicious events and drives remediation actions to prevent harm and reduce ‘dwell time’ from months to minutes, the company claims.
Among the key names to know: Fielder Hiss, VP of product, one of the driving forces behind the security push.
Strategic alliances also are critical to the strategy. For instance, the new Continuum Security offerings will "line up alongside the company’s existing security toolbox, which was also expanded to include DNS protection and end-user security training services from Webroot," the company says.
Continuum Security Profile & Protect and Detect & Respond will reach an early access period for select partners in Q4 2017, and general availability is expected in Q1 2018.
Can Continuum Deliver, Differentiate?
If Continuum Security and the associated SOC deliver the goods, the new offerings will effectively differentiate the company from head-on rivals like Autotask, ConnectWise, Kaseya and SolarWinds MSP.
Generally speaking, Autotask and ConnectWise partner with various ISVs on the security front but don't specifically own pure-play software security tools. Kaseya and SolarWinds MSP, by contrast, have some security tools in their software portfolios. But unlike Continuum, none of those companies have full-blown SOCs.
Still, there are third-party SOC providers and MSSPs that work closely with MSPs. The names to know include:
- Arctic Wolf Networks, which has extended its SOC as a service to MSPs and Splunk customers.
- ChannelSOC, which surfaced at the CompTIA ChannelCon 2017 conference in August 2017;
- CyberBit, which offers a SOC to MSSP partners like MNS Group;
- NetEnrich, which manages cybersecurity for a range of partners; and
- Trusted Metrics offers a home-grown Elastic SOC to partners.
The hallway buzz about Continuum Security is positive here at Navigate 2017. But the thought on everyone's mind is this: Can Continuum deliver on its Security and SOC promise? We'll begin to get answers when the services reach more testers and Q4 2017, and general availability in Q1 2018.
PS: We're meeting with George and Hiss later today. We'll poke around to learn how the company built its SOC and associated security products.