The drivers of demand for Managed Security Service Providers (MSSPs) with deep expertise continue to strengthen, according to Geert Busse, Solution Architect Director, Westcon EMEA.
To say that end users see greater value in the MSSPs able to remove complexity from their IT security footprints is an understatement, and proof-points of the scale of the opportunity for channel firms to drive compelling security-focused managed services demand are clear as day in research undertaken by Westcon-Comstor, says Busse. The study shows that UK enterprise security leaders are planning to ramp up spending on cloud security in 2025 and want channel partners to help them maximise their ROI. “Demand for the services delivered by MSSPs is strong and growing, especially given the skill shortages within security and the challenges many end users, from enterprises to SMBs, face in accessing expertise,” stated Busse. “This represents a big opportunity.”
This is a major revenue opportunity for partners who establish themselves in this high growth area
He noted that as the cloud security market continues to evolve, Westcon-Comstor is seeing CNAPP (Cloud-Native Application Protection Platform) become the go-to solution for securing cloud workloads. “CNAPP offers a holistic approach to securing cloud infrastructure, bringing together various security functions and capabilities in a single, unified platform to provide comprehensive security across the entire software development lifecycle, from code to cloud,” explained Busse.
When Westcon-Comstor asked UK enterprise security leaders about the main drivers of CNAPP adoption they emphasised the need to consolidate capabilities into a single unified platform because it reduces the complexity and blind spots that come from using multiple cybersecurity vendors and tools. “Other factors include the need to seamlessly integrate security and compliance testing, and a desire to unify risk visibility across cloud environments and the application development lifecycle,” added Busse.
Westcon-Comstor’s market study also found that 84 per cent of security leaders in the UK intend to invest in CNAPP and other cloud security technologies over the next 12 months, with the big majority (95 per cent) saying they already engage with channel partners when procuring and deploying such solutions. “This is a major revenue opportunity for partners who establish themselves in this high growth area,” commented Busse.
Security Posture Management solutions that address cloud infrastructure and applications (evolving to Generative AI) emerged as the top priority area for investment among CISOs and enterprise security leaders. In the UK, there is also a strong desire to invest in Software Supply Chain Security, with 45 per cent of respondents highlighting this as an investment priority – higher than in any of the other country in the research.
Market shift
But what fascinates Busse most is the ‘shift left’ trend that’s seeing operational security responsibilities transition toward developers and cloud architects. “We found that 81 per cent of UK security leaders agree on the need to adopt a DevSecOps approach to align with this trend – that’s a higher proportion than anywhere else and is set against an international average of 75 per cent,” he added.
Training and enablement emerged as the most valued benefit from channel partners in the eyes of security leaders as they embrace CNAPP, especially in the UK where over half of respondents singled this out as their main requirement against an international average of 40 per cent – suggesting strong and ongoing demand for knowledge-building support to maximise cloud security capabilities.
Consultancy matters
“Just under a third highlighted cost-effective access to new solutions as the primary reason for engaging with channel partners, while 20 per cent said what they value from partners above all else is assistance when navigating the cloud security market and identifying the best solutions,” added Busse. “If enablement is what end users value the most, then a partner’s biggest asset is its own expertise and knowledge. On the flip side, a lack of technical expertise is a barrier to growth. As a distributor a big part of our role is to support partners in their own training and knowledge building.”
Demand for MSSPs is growing and a partner’s biggest asset is its own expertise and knowledge
Busse believes that Westcon-Comstor’s data-driven, programmatic approach to training and enablement is one of its key value add offerings. Indeed, the company hopes to embed a learning culture across the whole channel. “We’ve placed greater emphasis on knowledge sharing through initiatives such as Tech Xpert, our peer-to-peer community for technical security professionals working in the channel,” explained Busse.
Tech Xpert was launched across EMEA in 2022 to bring experts together in a tech-to-tech setting and recently expanded to APAC. Members become part of a community of like-minded technical professionals and gain access to exclusive training, insights, events, networking and points-based participation rewards. Meanwhile, Westcon-Comstor’s interactive platform for peer sharing between Tech Xpert members (called Tech ConneX) now has more than 4,000 users.
“This year we want to establish a new X2C (Everything to Cloud) cybersecurity go-to-market, driving partner and vendor growth across the four pillars of code to cloud, infrastructure to cloud, data to cloud and identity to cloud,” said Busse. “Gen-AI is also a huge focus area given its potential to transform how cybercriminals operate and the way organisations respond to threats.”