MSPs are increasingly being called upon by end-user clients -- particularly in vertical markets such as healthcare, retail and finance -- to help manage their compliance efforts. It's a big opportunity for MSPs, but it's not always an easy job or one that MSPs are equipped to handle.
Apptega’s 2024 State of Continuous Compliance report found the majority of MSPs struggling to maintain regulatory compliance for customers, with half of respondents still using spreadsheets to manually track, measure and report cybersecurity compliance.
Apptega's CEO Dave Colesante tells ChannelE2E there's a better way: A compliance automation platform.
"When asked what software they were using, a very high percentage of the partners, the people that are out there doing this, are still using spreadsheets like Excel for for that service," Colesante said. "And so it was more than we thought. But many of them are interested in using our platform and interested in trying a partner that can help them build a compliance-as-a-service framework," he said.
Compliance Services Offer MSPs ARR Opportunity
Many are doing so because they face extraordinary pressure to grow through adding annual recurring revenue (ARR) and cybersecurity and compliance services are a lucrative opportunity to do that, Colesante added. While MSPs recognize the benefits of continuous compliance and are interested in offering the service, nearly half receive less than 10% of their revenue from compliance services.
"Many of them also have pressure, because a lot of the folks that are out there have been kind of gobbled up by the private equity world which puts a premium on growth and on recurring revenue. We're seeing a very large percentage of those folks that that are interested in how to productize the services in conjunction with the security services that they're offering," he said.
Colesante said it's a major opportunity for MSPs and MSSPs, and that the data from the research backed up that assumption. Now, it's a matter of MSPs and MSSPs capitalizing on that opportunity. The survey found that while the majority (87%) of MSPs are open to delivering compliance services through a compliance automation platform, only about half of these providers are currently doing so.
But MSPs and MSSPs consider it a big opportunity. According to the survey results, three out of four respondents viewed compliance as a “high growth” business and 86% are interested in continuous compliance-as-a-service offering for their clients.
Colesante said that Apptega’s findings paint a clear picture: In a cutthroat environment where recurring revenue and margin growth is at a premium (and 70% of MSPs are targeting at least double-digit ARR/MRR growth), continuous compliance services represent a massively lucrative opportunity, but there is much work to be done to fill the knowledge, technology and resource gaps to fully capitalize on this opportunity.