Cybersecurity skills shortage biggest challenge to MSPs – Report

BRANDPOWER reports that companies depend on Managed Service Providers (MSPs) to manage their IT infrastructure, enabling them to focus on their core business functions.

Cybersecurity skills shortage biggest challenge to MSPs - Report

Cybersecurity skills shortage biggest challenge to msps - reportA report sponsored by a global Information Technology (IT) security company, Sophos says that the biggest challenge faced by Managed Service Providers (MSPs) is the shortage of skilled cybersecurity experts.

According to the company, this is revealed in its inaugural MSP Perspectives 2024 survey that was released on Wednesday.

The Vice-President of MSP at Sophos, Scott Barlow, said that the shortage of skilled experts was a challenge to MSPs to keep up with the latest cybersecurity solutions and technologies.

The MSP Perspectives 2024 shares the outcomes of an independent survey of 350 MSPs in the U.S., UK, Germany and Australia, conducted in March 2024, and provides fresh insights into the reality of MSP operations today.

BRANDPOWER reports that companies depend on Managed Service Providers (MSPs) to manage their IT infrastructure, enabling them to focus on their core business functions.

The managed service providers offer a range of solutions and support services, including network, application, security, and payroll services.

Businesses and organisations hire managed service providers for their flexibility and ability to eliminate repetitive tasks.

Some MSPs in Nigeria include Signal Alliance, Oracle Nigeria, System Specs, CWG Plc, InfoWorld Technologies Ltd., among others.

He said that in the survey report, 39 per cent of the MSPs surveyed cited shortage of skilled experts as challenges.

Barlow said that alongside this, MSPs indicated that hiring new cybersecurity analysts to keep up with customer growth and keep pace with the latest cyberthreats are also top challenges.

He said that the survey also showed that MSPs perceive the shortage of in-house cybersecurity skills to be the single biggest cybersecurity risk to both their own business and their clients’ organisations.

’’MSPs also perceive stolen access data and credentials and unpatched vulnerabilities to be amongst the biggest security risks to their customers.

’’The latest State of Ransomware Report 2024 found that nearly a third – 29 per cent – of ransomware attacks started with compromised credentials, showing the prevalence of this entry vector.

“The speed of innovation across the cybersecurity battleground means it’s harder than ever for MSPs to keep up with threats and the cyber controls designed to stop them.

‘’Coupling this with a global skills shortage, which has made it infinitely more difficult for many MSPs to attract and retain cybersecurity analyst resources, it is not surprising that MSPs feel unable to keep pace with the changing threat landscape,” said Barlow.

According to him, this is all compounded by the need for 24 hours coverage as indicated in the 2023 Active Adversary Report for Tech Leaders.

Barlow said that the Active Adversary Report found that 91 per cent of ransomware attacks happens out of business hours.

He said that in response to this complex threat landscape, there is growing demand for Managed Detection and Response (MDR) services to provide always-on coverage.

Barlow said that currently 81 per cent of MSPs offer an MDR service, and almost all (97 per cent) MSPs that do not currently offer MDR plan to add it to their portfolio in the coming years.

The Sophos vice president said: “while MSPs have a huge job to do in protecting their customers against fast-moving adversaries, there is tremendous opportunity to grow their businesses and profitability if they can find the right security set up.”

He said that the data showed that MSPs are strengthening their proposition and reducing overheads by amalgamating the platforms they used and engaging with third-party MDR vendors to expand their service offerings.

‘’As they look to build their security offering of the future, they should prioritise vendors that can offer a complete portfolio of industry-best, fully managed security services and solutions,’’ Barlow noted.