The biggest challenge facing MSPs is keeping up with the latest cybersecurity solutions and technologies, according to a new report from Sophos. The company’s inaugural MSP Perspectives 2024 survey found that 39% of MSPs said they found it a struggle to keep up pace, while many MSPs also stated that finding and hiring new security specialists to keep up with customer demand was difficult, and that they found it a challenge to stay on top of how the landscape was changing on cyberthreats.
► Report highlights growing need for industry partnerships
► Demand for MDR growing but MSPs struggling to find enough skilled workers
A shortage of in-house cybersecurity skills is also a problem for MSPs. The worry here is that MSPs could be left vulnerable to loss of access and ID information, and that vulnerabilities will go unpatched, leaving both the MSPs and their customers at heightened risk. Sophos’s latest State of Ransomware 2024 report found that nearly a third (29%) of ransomware attacks started with compromised credentials.
There is also a need for 24x7 monitoring and protection, as indicated in the Sophos 2023 Active Adversary report for Tech Leaders, which found that 91% of ransomware attacks now happen out of business hours.”
In response, there is a growing need for managed detection and response (MDR) services. Currently 81% of MSPs offer an MDR service, and almost all (97%) MSPs that do not currently offer MDR plan to add it to their portfolio in the coming years.
Reflecting the shortage of in-house cybersecurity skills, 66% of MSPs use a third-party vendor to deliver the MDR service and a further 15% deliver jointly through their own SOC and a third-party vendor. Topping the list of essential capabilities in a third-party MDR provider is the ability to provide a 24/7 incident response service.
MSPs are also streamlining their cybersecurity partnerships, working with a small number of vendors. The study revealed that over half (53%) of MSPs work with just one or two cybersecurity vendors, rising to 83% that use between one and five. Reflecting the effort and overhead of running multiple platforms, MSPs estimate that they could cut their day-to-day management time by 48% if they could manage all their cybersecurity tools from a single platform.
Other interesting findings from the report include:
- 99% of MSPs report an increase in demand for cyber insurance-related support, with the most common requests including clients wanting to implement an MDR service to improve their insurability (47%) or to receive help completing their insurance application (45%).
- MSPs want flexibility from their MDR provider, with 71% saying it is ‘essential or very important’ that the vendor can use telemetry from their existing security tools for threat detection and response.
- MSPs in the US lead the way in MDR service provision with almost all (94%) already offering MDR, compared to 70% in Germany, 62% in the UK, and 58% in Australia.
Data for the MSP Perspectives 2024 report comes from a vendor-agnostic survey of 350 MSPs across the U.S. (200), U.K. (50), Germany (50) and Australia (50). The survey was commissioned by Sophos and conducted by research house Vanson Bourne in March 2024.
For more information about the software's range of cyber security protection solutions, please click on the button below to contact our team.