Getting to grips with the cybersecurity question is fast becoming an obligation for ICT service providers, but meeting this challenge could be far easier than expected if a managed services approach is taken.
A sharp rise in cyber threats is on the cards according to a PWC survey of circa 3,800 security, technology and business leaders. The surge in security breaches will be catalysed by GenAI which has the capability to create advanced business email compromises at scale. So much so that over half of PWC’s survey respondents expect GenAI to cause ‘catastrophic cyber attacks’ in the coming year. This is just one reason why resellers and MSPs should put cybersecurity at the centre of their portfolios.
According to the observations of Britt Megahey (pictured above), founder and Managing Director, Barclay Communications, too many public and private sector organisations are ‘woefully under-protected’. “The channel has a vital role to play in changing this situation,” he stated. “Of course, cybersecurity is a revenue opportunity, but it’s also a responsibility. We provide the technology that keeps businesses running, and the job has to involve protecting that technology and its users from harm. If an employee falls for a phishing email and clicks a malicious link, what stops them from downloading ransomware? If they do download it, what’s stopping it from encrypting files? If it does encrypt files, where are the backups? These are the questions we ask our customers.”
We provide technology that keeps businesses running, and the job has to involve protecting that technology and its users from harm
Traditionally, the biggest obstacle faced by resellers and MSPs was convincing businesses to take cybersecurity seriously. “We have all encountered decision makers who insist that it couldn’t happen to them, or that anti-virus is all the protection they need,” added Megahey. “This attitude is changing, but it’s still prevalent and there is a gap in knowledge and understanding around the need for enhanced cybersecurity.
“Even customers that have an element of security in place – be it anti-virus on endpoint PCs or a managed firewall – still aren’t aware of the new and ever-evolving threats that are commonplace across the Internet. Hackers are getting more sophisticated when customers’ networks are, for the most part, remaining static.”
To keep pace with the dynamic requirement for cybersecurity solutions Barclay Communications follows a policy of constantly evaluating the market and the latest threats. “It helps that we have a technical team skilled at assessing new innovations and filtering out the noise,” commented Megahey. “Partnerships are also key. We choose suppliers carefully and their R&D and insights also helps to inform our decisions. We maintain close relationships with all of our partners.”
Megahey concedes that there is no 100 per cent bulletproof security posture, but he reiterated that it is possible to reduce the risk at every layer and make sure that no one is an easy target. “The opportunity comes from the risk,” he commented. “Businesses need more than one layer of protection. The key is understanding how to find what’s right for them and explaining that clearly and honestly.”
The success of this approach will likely depend on resellers and MSPs developing strategic partnerships with the right vendors and distributors. “This has been key to our growth, alongside the development of our own IT and cybersecurity offering,” added Megahey. “My advice is to ask suppliers what they can do for you.”
Jon Selway (pictured left), VP of EMEA Channel Sales, Aryaka, also believes that cybersecurity in general hasn’t been given enough attention by resellers and MSPs, and that the pendulum is starting to swing the right way. “Cybersecurity is inherently fraught with risk,” he stated. “No reseller wants to be blamed for a customer experiencing an attack after being promised they are secure. But as core product margins continue to be squeezed resellers are becoming more open to offering security services.”
Resellers should focus on comprehensive security solutions that offer high RoI, especially those from vendors that take responsibility for managing the service
He says that a margin squeeze is not the only motivator as more resellers are wanting to become long-term partners with their customers. That said, keeping ahead of the evolving threat landscape is one of the biggest challenges facing resellers, along with having the confidence, resources and expertise to sell solutions effectively. “The right vendor will take those challenges away by supporting the entire lifecycle of products, from sales and marketing to in-life management,” added Selway.
He noted that customers are currently facing risks from ransomware, phishing attacks and vulnerabilities in remote working set-ups. “AI-enhanced attacks are also growing, but security vendors are increasingly leveraging AI to accelerate threat detection and mitigation,” added Selway.
He is also witnessing growing demand for vendor-managed security services. “This enables customers to enjoy a hands-off approach to their security posture, safe in the knowledge that true security experts are keeping a vigilant eye over their operations,” stated Selway. “Zero-trust architectures are also proving popular, adding an extra level of assurance that all data is scrutinised as it enters or exits the network.”
Future of security
A surge in cloud services means that the future of cybersecurity will be software-defined and network-enabled to ensure scalability and secure access to cloud platforms. “It’s a complex arena therefore vendors must support partners and invest in their success – that’s a given,” said Selway. “Resellers should focus on comprehensive security solutions that offer high RoI, especially those from vendors that take responsibility for managing the service, enabling them to focus on lead generation, not resource-sapping in-life management.”
A common assumption around mitigating risk is that businesses just need to keep on top of software updates, so they overlook the biggest threat which is their staff
Despite managed security services being readily on hand for resellers, cybersecurity is still ‘settling’ into the channel, observed Anton Le Saux (pictured left), Head of IoT and Cyber, Zest4. “It takes time to get into the mindset,” he said. “The biggest challenge is a lack of understanding of the marketplace and not having the resources and technical support needed to manage solutions in-life. With a fully managed proposition we can negate these concerns and give partners the tools they need to succeed in cybersecurity.”
Le Saux pointed out that 91 per cent of all cyberattacks start with a phishing email that’s been opened by a staff member, and 81 per cent of hacking related breaches leverage stolen passwords. “A common assumption around mitigating risk is that businesses just need to keep on top of software updates, so they overlook the biggest threat which is their own staff,” commented Le Saux. “There’s an opportunity to train workforces to be vigilant and attentive. They need to know how to spot a phishing email.”
Le Saux also noted that 46 per cent of UK firms have experienced a cyberattack and that the average cost to a business is over £10,000 per attack. “We can stop that from happening with the right resources and solutions,” added Le Saux. “Moreover, channel partners can make margin selling cyber solutions. If resellers are cash strapped, lack resources and have time constraints they should look for services with no upfront commitment and are fully managed.”