How MSPs can Fill the Cybersecurity Skills Gap

Next year will continue a five-year skills gap trend for businesses confronting the growing complexity of cybersecurity threats. A report by Enterprise Strategy Group noted that 95% of cybersecurity employees interviewed say the skills shortage persists, worsened by heavy workloads and the overall labor shortage. Against this landscape, more enterprises, notably the small to medium-sized enterprise (SME) market, will be relying on MSPs for cybersecurity support and other services. 

While the cybersecurity skills gap is top-of-mind, SMEs will also continue their progress toward digitization and virtualization to support work-from-anywhere (WFA). MSPs and security solution providers will need a deeper understanding of this hybrid environment and modern technology to provide sufficient applications and operating systems to protect their organizations.

Co-Managed IT is the Future

In 2022 and beyond, MSPs will become a larger part of the changing dynamic of the IT workforce and profession. MSPs will continue to provide small and medium businesses with complete IT services. However, in 2022 MSPs will keep expanding into small and medium enterprises where they will collaborate and execute IT initiatives as IT moves from a one-team approach to a co-managed, in-source environment. Considering the IT labor shortage, myriad hybrid environments and cybersecurity threats, operational survival dictates a new team identity—internal IT and MSPs and solution providers working side-by-side.

Businesses both big and small around the world don’t have the means to deal with ever-growing IP complexity and cyberthreats. Publicly traded companies and SMEs are now inviting MSPs to join their IT teams to advance digitization and security objectives. MSPs will find themselves owning either the complete IT organization or providing key IT services and functions to a larger enterprise.

In addition to new operating models, the continuing labor shortage will spur MSP investment in automating more processes to conserve staff hours. However, while this “set it and forget it” approach pays off in the long term, MSPs and IT departments will not see the ROI overnight. They must expect these investments to cut costs after the heavy lifting.

Cybersecurity Evolves to Risk Management

In part due to the WFA environment, enterprises have had to shift from regarding cybersecurity defense at traditional perimeters (network, cloud, edge) to the new concept of a perimeter of one. Therefore, risk management practices like monitoring and analyzing threat trends for the business make sense. Given that the WFA employee or contractor is using multiple endpoint devices and applications, charting trends adds valuable risk intelligence. 

Risk management entails adding layers of security to protect the network from threats introduced at the WFA site. Over the next year, MSPs will be working with solution providers to introduce and/or enhance identity management, segmentation and data access controls to increase security. Notably, SMEs will be the main drivers and will benefit from MSPs offering security solutions and services that will make it more efficient to add security layers. 

Shared Risk Gets Real

MSPs and solution providers can offer great value in becoming part of an expanded enterprise IT team. However, with that comes more responsibility to mind their own security posture. The concept of shared risk applies not only to MSPs but solution providers and any external vendor in a supply chain. All these parties can introduce risk into an organization. This practice will gain more steam because customers will be asking their technology partners for proof that their cyber hygiene meets industry standards.

Future Business

MSPs have a promising future in alleviating the IT labor shortage. Those who have invested in offering packaged layered security bundles will be best positioned to gain security customers. According to a 2020 report on security trends by the Herjavec Group, 42% of organizations expect to increase their IT budgets for security. This gives MSPs an opportunity to partner with midmarket companies to help improve their overall security, especially if the company does not have, or cannot afford, their own specialized security staff and bring it in-house. So co-managed IT service offerings can be a greenfield for MSPs. 

Although cybersecurity will remain top-of-mind, some organizations might dial back on spending out of uncertainty. The scrutiny is getting real. To remain competitive, MSPs and their technology partners will need to adopt new practices, including standardized services and solutions to prove value and reduce risk. 

Additionally, in 2022 and beyond, deeper intelligence into the hybrid environment and the endless permutations of hybrid infrastructure will remain key to success.

Avatar photo

Mike Adler

Mike Adler is chief technical and product officer at N-able Inc.

mike-adler has 1 posts and counting.See all posts by mike-adler