Lead Machine Pink 160x1200

Lead Machine Pink 160x1200

iTWire TV 705x108

Wednesday, 18 May 2022 10:13

Why MSPs must enhance their security offerings to remain relevant to their clients

By Luke Smith
Luke Smith, Regional Account Director, Barracuda MSP Luke Smith, Regional Account Director, Barracuda MSP

GUEST OPINION by Luke Smith, Regional Account Director, Barracuda MSP: Many Australian businesses rely on their MSP for help with IT security, yet many of them feel they are not getting the support they need.

The cyberthreat landscape is constantly evolving and businesses can struggle to keep up. For every threat patched or blocked, two more seem to pop up in its place.

In response, many MSPs offer preventive security services to protect the IT infrastructures of their clients. However, clients are finding that preventive measures are insufficient when faced with today’s sophisticated cyberthreats.

To provide the level of security required, a growing number of MSPs are beginning to investigate ways to add detection and response services to their offerings. The combination of preventive services with detection and response services delivers a proactive security measure that can help a client business stay one step ahead of cybercriminals.

Providing proactive security

MSPs have a range of options when looking to expand their portfolio to include around-the-clock threat detection and response services. Some have even gone to the extent of becoming Managed Security Service Providers (MSSPs).

The build-your-own option

To operate as an MSSP, an MSP will need to establish a Security Operations Centre (SOC), however this is something that can be quite challenging.

For starters, MSPs will need to invest in necessary tools such as a Security Information and Event Management (SIEM) platform that can capture the log feeds from various sources. Secondly, building a team of security analysts and technicians who is available 24/7/365 to monitor and triage incidents that the system has picked up.

This is not a cheap exercise. If a typical SOC analyst’s annual salary is approximately $100,000, to provide 24/7 SOC coverage, at least six of them will be required. That means there will be a yearly spend of $600,000 just for staffing. When you add the cost of on-going training and tools, the annual cost to run a SOC can reach $1 million a year.

The outsourcing option

Another option for MSPs is to outsource the 24/7/365 detection service to an established MSSP. This can help an MSP to expand its security service offering, however it must ensure it is still adding value on top of what the MSSP can offer.

The partnering option

A third alternative is for an MSP to partner with a trusted vendor with a managed SIEM or managed extended detection and response (XDR) services that is backed by a team of round-the-clock SOC experts.

Taking this path will allow an MSP to readily expand its security service offering without burdening its existing resources, investing in costly infrastructure, or staffing for 24/7 coverage. 

Taking a multilayered approach

Regardless of the chosen strategy, MSPs that are serious about providing security services must take a multilayered, integrated approach that encompasses all the potential threats to their clients’ networks.

To achieve this, they must offer proactive protection of the two biggest threat vectors: email and endpoints. Providing solid protection in these areas will mean creating a solution portfolio that combines preventive security solutions with a 24x7 threat monitoring capability.

This isn’t always an easy task, but forward-thinking solution providers can make it easier through strategic partnerships. By selecting best-of-breed partners, an MSP can broaden its offering and deliver effective security services to clients.

One element that will need to be in place is eXtended detection and response (XDR) technology. XDR collects and correlates data across multiple security layers to provide faster threat detection and better response times.

This helps to solve the problem of disparate and fragmented threat data generated by disconnected platforms within an enterprise. It is particularly important as more resources are shifted to the cloud and employees continue to work remotely.

Once in place, an XDR platform sifts through the ‘noise’ and pinpoints which incidents require attention. A typical SOC can receive millions of events each month, but between the XDR platform and the security expertise, these events are whittled down to the ones that matter.

While most attacks still originate via email, the traditional method of centrally managed security via firewalls and email filters is no longer sufficient. Managed endpoint protection is needed to ensure only trusted end users, devices and access points can access sensitive data and applications.

In addition, MSPs also need to leverage artificial intelligence and machine learning. These systems adapt to emerging threats while minimizing human error in detection.

The threat landscape is going to continue to evolve and organisations will be looking to their MSP for support. By either creating their own SOC, partnering with an established MSSP, or forging a link with a trusted vendor, an MSP will be well positioned to deliver what their clients require.

Read 534 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News