Spin it however you want, there is no getting away from the fact that most cybersecurity interventions limit the possibilities and innovation of IT. Just imagine a world with no cyber threats in its past, present or future – and how differently humankind might have harnessed technology without such anxieties and constraints.
Experts in cyber roles have the ultimate veto power on ambitious IT initiatives – pointing out the incalculable losses to revenue and reputation that will arise from failing to heed the warning that ‘security says no’. And while cybersecurity solution vendors and their channel sales/service partners have long profited from this gatekeeping role, they cannot much enjoy the ‘party pooper’ characterization that goes with it.
Today, MSSPs have a new opportunity to recast this role and pivot to an enabling rather than a blocking posture. How? With threat intelligence-driven services that inform the effective management of digital risk.
Enterprises need expert support with digital risk
Cyber skills are in short supply, but even more troubling is that businesses who manage to recruit qualified cyber professionals are often underwhelmed by their abilities. A recent UK government study of businesses cited comments such as “we have a lot of people with qualifications, but no clue what they are talking about.” The same study highlighted academic institutions’ difficulty keeping course content relevant to changing industry needs, and a lack of work placements that allow students to hone skills in the real world. It went on to describe how such skills gaps are exacerbated by the increasing number and diversity of security tooling in place at typical enterprise-scale organizations – going from 5 or 6 (10 years ago) to up to 50 today. If those same businesses manage to recruit an A-Player into their Cyber team the next challenge is retention. Unless staff are in an environment where they can grow and be at the cutting edge of industry issues, screen to screen combat with adversaries, they will most likely leave for a bigger pay cheque.
All this directly supports the business case for ‘outsourcing’ to an MSS partner. Unfortunately, this is only a partial solution to the wider issue of managing risk. To offer a truly compelling proposition in a crowded marketplace for managed security services, MSSPs must be able to provide a complete picture of applicable cyber risks via real-time threat intelligence (TI), in a way that is focused upon the unique circumstances of that organization and its sector. With Blueliv, for example, this in turn helps them detect and respond to complex attacks by adding context to incidents to better understand the nature and criticality of each threat.
Digital transformation appears to be bouncing off its Trough of Disillusionment
The popularity of TI is growing rapidly and projected to continue its aggressive adoption trajectory , but is still not used by the majority of organizations. This presents a significant opportunity for MSSPs to grow revenues in line with trend (20% CAGR) by adding TI to their service portfolios and making unopposed inroads into a relatively greenfield market.
In fact, the maturation of TI as a core element in cyber strategy is coming slightly behind another, larger explosive trend: digital transformation (DX). In other words, TI will be arriving at a crucial time to enable businesses to overcome inertia and realise their DX potential.
Make no mistake, there is much evidence of DX inertia. One industry commentator even likened the current state of DX as “hitting its Trough of Disillusionment.” This refers to the part of the famous Gartner Hype Cycle that immediately follows the ‘Peak of Inflated Expectations’. What’s exciting is that – if the signs are correct – we are due to begin the Slope of Enlightenment on our way to the Plateau of Productivity. Blueliv believes this requires DX enablers like TI.
MSSPs can become trusted advisors – not just service deliverers
From the MSSP’s perspective, the decision to add new services rests largely on the presence of market demand and the ease in which services can be delivered. TI makes a strong ROI business case, particularly when – such as with Blueliv – it is modular, scalable, readily integrates and is genuinely both comprehensive and intelligent in how it gathers and interprets threat data .
The other significant advantage is the platform it creates for MSSPs to complement automated service delivery with a consultative, trusted, high-value customer relationship. TI fundamentally creates more value; giving the MSSP license to recognize more margin. This can apply to the core TI service, easily and rapidly tailorable to each customer’s need, as well as through related premium and professional services that build resilience and additional revenue streams – such as incident response, compromise assessments and red-teaming.
TI is also the foundation of growing CXO and Board level relationships through helping customers and prospects understand the specific threats that are stalking their business, vertical and geography. A Boardroom risk conversation enables partners to become truly trusted and an integral part of the decision-making process. Delivery of a well-aimed TI briefing helps non-technical decision makers better understand their risk profile and in turn free up appropriate funding for prioritized projects, often projects that MSSPs can help to execute.
Instead of standing in the way of transformative progress, TI from Blueliv equips MSSPs with a new posture and perspective on the problem that puts them side-by-side with their customers as they confront digital risk using the best, and most relevant real-time insights available.