Managed Security Services

How MSPs can take on a more proactive, advisory role with small businesses

internet security and data protection concept

The pressure on small- to medium-sized businesses has increased exponentially over the past year. Between an influx of more ransomware-as-a-service players, aggressive malware strains, and growing incidents of business email compromise, SMBs feel the strain.

At least 1 in 3 SMBs surveyed by CyberRisk Alliance (CRA) and ArcticWolf were the victims of malware attacks. Twenty-nine percent were hit by phishing, and 18% said password-based attacks were to blame. Malware (64%) and ransomware (60%) also topped the list of threats that gave SMBs the most concern.

The concern was high enough to dampen respondents’ hopes for 2024. Fifty-seven percent have moderate to low confidence in their overall security posture. Meanwhile, 40% believe they are very or extremely likely to experience a cybersecurity attack in the next 12 months, while 35% see it as somewhat likely.

If MSPs can’t help prevent a breach, then they’ve failed as the organization’s third-party provider and risk getting the boot. Consider that 2 in 3 respondents said they were likely or highly likely to switch their service provider if not satisfied.

Managed service providers (MSPs) take note: The status quo hasn’t worked. Reading between the lines, there’s a huge opportunity for MSPs to take a more proactive advisory role in steering clients toward services that mitigate risk and reduce the sort of low-hanging fruit (like weak passwords and email phishing attempts) that allow attackers inside.

With the cyber landscape riddled with challenges and more SMBs getting hit, CRA found that a majority of SMBs are planning to spend more on cybersecurity services in the coming year. Many seek expertise, better training, and tools that integrate and make sense of their existing IT stacks. And, they’re looking aggressively at cybersecurity partnerships with MSPs that can help them develop practices and policies to serve them in the long-term.

How can MSPs better serve SMBs?

While both the SMBs and MSPs want to work toward better and more efficient cybersecurity, the partnership often buckles under the weight of mixed signals and expectations.

For example, while MSPs can consistently deliver assistance for foundational IT security such as monitoring passwords and phishing attempts, some lack the depth of security expertise required to actually hunt down threats, perform forensics, and mitigate potential impacts. The consequence of not having this kind of targeted function in place is that MSPs are often left juggling multiple responsibilities that keep them in constant firefighter mode, much to the chagrin of their SMB clients.

Here's where using a managed security operations provider (MSOP) could benefit the MSPs. Unlike an MSP, which tend to specialize in a handful of point solutions, MSOPs can devote 100% focus and 24x7 monitoring to hunting threats. This means MSPs can focus on the basics while letting the managed detection and response (MDR) or MSOP teams handle the in-depth security threats.

As one SMB respondent said: “we would prefer MDR as its response level is the best and most practical for our business model and would produce the best results for any risk we may have currently or in the immediate future.”

Ultimately, it’s vital for SMBs and MSPs to lay all their cards out on the table when establishing such a partnership. SMBs can be honest about their resource constraints, budget flexibility, and knowledge gaps, and MSPs can reciprocate by helping these businesses fill skills gaps, develop effective IR plans and training resources, and strategically address the operational challenges of the future.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds