Many managed service providers (MSPs) are struggling to keep up with changes in cybersecurity, according to a recent study by Sophos.
Thirty-nine percent of MSPs say keeping up with the latest cybersecurity technologies is their biggest daily challenge, the MSP Perspectives 2024 survey revealed.
Key Findings From the Survey
The biggest risk to their businesses and clients comes from a shortage of in-house cybersecurity skills while other notable risks include stolen access data and unpatched vulnerabilities.
A similar survey, the “State of Ransomware 2024” report, found nearly 29% of ransomware attacks began with compromised credentials.
“The speed of innovation across the cybersecurity battleground means it’s harder than ever for MSPs to keep up with threats and the cyber controls designed to stop them,” said Scott Barlow, vice president of MSP, Sophos. “When you couple this with a global skills shortage, which has made it infinitely more difficult for many MSPs to attract and retain cybersecurity analyst resources, it’s unsurprising that MSPs feel unable to keep pace with the changing threat landscape.”
Demand for Managed Detection and Response (MDR)
The complex threat landscape has led to an increased demand for managed detection and response (MDR) services. According to the report, 81% of MSPs currently offer MDR services and 97% of those not currently offering MDR plan to add it to their services.
More than half of MSPs (66%) say they use a third-party vendor for MDR services, with an additional 15% delivering these services jointly through their own security operations center (SOC) and a third-party vendor.
Streamlined Cybersecurity Partnerships
The survey of 350 MSPs found that MSPs are streamlining their cybersecurity partnerships, with over half (53%) working with just one or two cybersecurity vendors. This number increases to 83% for those using between one and five vendors.
MSPs estimate they could reduce their management time by 48% if they could manage all cybersecurity tools from a single platform, according to the study.
The report also notes that 99% of MSPs have seen an increase in demand for cyber insurance-related support. Common requests include implementing MDR services to improve insurability (47%) and assisting with insurance applications (45%).
One-third (34%) of MSPs report clients looking to add endpoint detection and response (EDR) to their security stacks to improve insurability. Outside Australia, insurance-driven demand for MDR is considerably greater than demand for EDR, reflecting the greater risk reduction a specialist 24/7 MDR service can deliver over a stretched in-house team.