The cybersecurity landscape is changing across the UK, as well as within the channel ecosystem. Whilst there is a wealth of opportunity, understanding those changes will be key to converting possibilities into results. Dale Smith, channel director for the UK and Ireland, Juniper Networks, discussed the changes he is seeing.
He said, “The current cybersecurity landscape for channel players is particularly distinct. IT teams were challenged when employees started working from home overnight, driving the need to overcome massive increases in secure remote connectivity scale and performance with very little warning. However, the return to the office doesn’t solve this issue, and actually brings new problems with it.
“With a large portion of those work-from-home employees increasingly coming back into the office — at least part time — organisations’ IT security teams are under rising pressure to secure the corporate network from office branches. Ransomware threat actors, in particular, will be a number one priority for IT teams.
“As these attackers having grown increasingly competent over the last two years in their approaches to ransomware and payment extraction, IT leaders should adopt an approach rooted in zero-trust and a SASE-first mentality in order to protect data as it moves across infrastructure.”
Gemserv is a provider of professional services and cybersecurity is one of the specialist sectors the company operates in. Mandeep Thandi, the company’s director of cyber and digital, explained that created shared value is critical.
He said, “In a channel ecosystem the general assumption is that value cannot be created by one part of the whole. Value is created by the sum of the ecosystem partners working together to provide solutions that create value for a shared client. The implication, in terms of cybersecurity, is that a single weak link can compromise the efforts of the entire framework.
“This need for common ground in the approach to cybersecurity has fuelled the introduction of entry level cybersecurity frameworks that are size agnostic, and ensure that all potential partners contributing to a channel possess the same base approach to cybersecurity.
Thandi added the UK government-backed Cyber Essentials scheme has helped provide a common approach to cyber risk. He said, “A framework such as Cyber Essentials enables organisations to easily see whether partners are functioning at the same baseline. A similar, voluntary framework has been developed in the EU with the same goal of providing a baseline approach to cybersecurity common to all organisations irrespective of size.
“The increasing risks posed by cyber threats will ensure that accepted baseline approaches to cybersecurity will grow in importance as organisations look to demonstrate they are a trusted partner within a channel delivery.”
Delivering value
Over the past decade, many channel companies have transitioned to services-focused offerings to ensure they are delivering results to customers. That transition has also been felt in the cybersecurity space. Dominic Trott, UK product manager at Orange Cyberdefense, explained how his company ensures it can demonstrate value.
He said, “As an MSSP, we are working to adopt a more solutions-based approach in order to deliver value with security services. This means that, rather than purely re-selling products to make a margin, we are helping our customers achieve their desired outcomes by delivering services that happen to be powered by vendor technologies.
“Our channel relationships are therefore undergoing two key changes. Firstly, we’re aiming to build deeper and more complementary partnerships with fewer vendors in order to deliver services that provide the maximum value to our customers, focusing on specific areas. For example, we’re aware of the importance of joining forces with different partners on the same service to meet the varied needs of small, medium and large customers, and of finding partners skilled in each area of our portfolio. This means that, within our threat detection offering for example, we work with partners for endpoint, network, log and XDR.
“We’re also beginning to work with more and more partners that are either new to us or new to the market to meet the growing and evolving needs of our customers. For example, we’re recently entered market segments such as breach attack simulation, third-party risk management and micro-segmentation, which all require different skills to maximise their value for customers.”
Emma Carpenter, vice president for global service providers, Palo Alto Networks, explained why many organisations want their cybersecurity to be managed by their provider of choice. She said, “One key change is that customers are increasingly looking to managed security services because of the frequency and complexity of threats, the lack of skilled cybersecurity workers and the increased tightening of IT capital budgets. In fact, over the next few years, managed security services are projected to grow two times faster than the traditional security resale business.”
JP Kehoe, senior director, Barracuda, added, “After the sudden transition to a work-from-home environment and the historic breaches in 2020, cybersecurity has skyrocketed to the forefront of public discussion. As reports warn about the potential for foreign state attacks and ransomware to intensify in 2021, there is no doubt that cybersecurity will remain an important topic of discussion for the future. However, for many, cybersecurity remains a nebulous concept that’s difficult to describe.
“Discussions surrounding cyber can quickly turn into technical jargon and leave people confused and uncertain as to whether they need to boost their defences against emerging threats. It’s down to cybersecurity channel leaders to break down what cybersecurity entails, and what the current cyber landscape looks like, so that those ingrained in the channel can and will know what they’re facing.”
Changing needs
When asked how the cybersecurity needs of businesses and organisations are changing, Orange Cyberdefense’s Trott said, “For several years now, the expectations placed upon security teams have been evolving, requiring them to step up and become business leaders, not just technology experts. They must, of course, understand the threat landscape, how it relates to their organisation’s particular context and deal with security on an operational basis.
“But, also have a strong grip on the people, processes and technologies required to fully protect their company. The challenge is that this is always evolving, transformed by the expansion of the attack surface due to surging interest in technologies such as AI, cloud computing, IoT and 5G.
“Security teams are therefore facing additional pressure from rising expectations, alongside industry challenges such as the security skills shortage and the simple rate of change. This has created demand for tools that can alleviate the pressure on these teams, such as SOAR and detection-based security, among others.
“The expectations placed on security teams are expanding as well as heightening, with security now expected to be a business enabler, adopting forward-looking strategies that will allow new projects to run successfully and securely. To do this, security departments have had to make some shifts, such as focusing on key security metrics like mean time to detection and mean time to response, while finding ways to relate these KPIs to things such as cost savings and efficiency improvements, as well as security. It is this that will generate business buy-in for security goals from the top down, enabling it to secure the budget it needs to succeed.
“Security personnel are also now becoming stakeholders for the management of third-party digital risk. The pandemic and the shift to remote and then hybrid working has catalysed this, with security teams having to adopt new tools like Zero Trust and SASE to stay secure. What’s more, it’s not just their existing environments security staff have had to re-architecture. Cloud computing has surged in recent years and has opened the door to new threats entirely.”
Carpenter, from Palo Alto Networks, pointed out how the greater awareness of cyber risk in many organisations is changing customer requirements. She explained, “Enterprises are losing the battle to secure their assets. This is now a board-level concern across all major industry verticals, such as financial services, retail and healthcare.
“Alongside growing awareness that incumbent security systems – people, processes and technology – are failing, enterprises are adopting outsourced security at an increasing rate. As a result, they seek to control capital and operational expenses while gaining a sounder security posture.”
Thandi, from Gemserv, added, “Cybersecurity risk in the UK is ever evolving, due to the constant development of new technologies and sophistication cyber-attacks. With organisation adopting more digital technology to improve and enhance operations, including hybrid working and dissemination of data across a dispersed workforce, this continues to open up opportunities for criminals to target employees. Phishing and ransomware cyber-attacks continue to trend high, whilst state sponsored attacks remain a significant challenge for Governments.
“Furthermore, cyber criminals are becoming more creative with how they approach their targets, whether that be private sector businesses or public sector organisations. We are now seeing threat actors use advanced technologies, such as artificial intelligence and machine learning, to access unauthorised data. Furthermore, these technologies are also being adopted to undertake advanced social media misinformation campaigns largely aimed at influencing public opinions and shaping ideologies toward Governments and institutions.
“Insider threat is another area targeted by criminals. Businesses need to be vigilant of the employees and associates they recruit ensuring all applicant security checks are undertaken before appointments are made. Missing these steps has the potential of giving criminals access to organisations systems on the inside, something that has become more common in recent years.”
It is also worth paying attention to the specific challenges MSPs are tackling. Kehoe, from Barracuda, said, “Outside of the growing number of cyber criminals and breaches on the horizon, MSPs are facing four major roadblocks when it comes to addressing the needs of their customers when it comes to cybersecurity.
“Firstly, finding cyber talent. Although there’s a massive demand for cybersecurity talent, there aren’t enough professionals in the field to meet that demand. Because of this massive shortage in cyber talent, even if a growing MSP had the funds to build a dedicated cybersecurity team, they might not be able to find employees to fill their vacancies.
“Secondly, talking about cyber risk. Discussions around cybersecurity are going nowhere. End users from growing small-to-medium sized businesses don’t understand what cyber risk is, and some don’t realise they have a problem until they get hit with an attack.
“Finally, managing cyber solutions. Offering cybersecurity is incredibly difficult. Often, delivering a cybersecurity solution involves maintaining multiple security tools at once, and struggling to automate them.”
Expert partners
For channel companies looking to develop cybersecurity offerings, there are particular benefits to being a specialist cybersecurity provider. Palo Alto Networks’ Carpenter argued that specialising can help to build trust. She said, “There is great value in establishing oneself as a trusted security adviser. Channel partners must be able to demonstrate their ability to enforce higher standards of protection and compliance than their clients could achieve in-house.
“As organisations expand across multiple locations and migrate to public, private, and SaaS cloud environments, they rely on channel partners such as MSSPs to deliver seamless, scalable, and automated security. With the wide range of legacy architectures and security point products on client networks, MSSPs are challenged to manually stitch together insights from many disconnected sources before they act. This results in rising operating costs and growing challenges to prevent cyberattacks from affecting customers.”
Orange Cyberdefense’s Trott added, “Speaking for my own company, which is the specialist security services provider arm of the Orange Group, being a specialist provides us with three key attributes. First is the fact that our security focus allows us to think ahead and predict how the cyberthreat landscape might evolve in the future and how we can continue meeting our customers’ needs in this environment, while also reacting fast to shifts in the market – whether they are from threats, technologies or customer demand.
“We are also able to be technology and vendor agnostic, which allows us to provide our customers with the best solution to their problem, rather than selling pre-determined products. We understand the full breadth of the security market place – in terms of technologies and vendors – meaning we can make informed, unbiased recommendations and deliver the most appropriate solutions every time.
“Finally, the scale of our security personnel, teams, infrastructure, geographic reach and threat intelligence helps us provide our customers with the insights, context and support they need from their security partner.”
Future threats
When asked about the cybersecurity issues and opportunities channel companies should expect to see in the near-term, Carpenter, from Palo Alto Networks, said, “A continued trend is the appetite for cloud security. Modern channel partners can support monitoring and managing security within public, multi-cloud, IaaS provider platforms. This can help organisations improve their visibility and context in the overall security programmes and reduce risk from misconfigured cloud resources.”
Trott, from Orange Cyberdefense, emphasised the shift towards unified security. He said, “The world of security is constantly evolving, with everything from Zero Trust, SASE and SOAR to application, data, cloud and detection-based security worth keeping an eye out for. It’s an exciting time! However, there are a few trends that I think should be monitored closely.
“This includes the concept of unified security – delivery security outcomes that work well together to reduce the pressure on customers’ internal resources – supply chain security and risk management, and cyber-resilience and crisis management. These are areas where customer organisations really need their security partners to step up and add value for them.”
Thandi, from Gemserv, said, “Agility is the keyword for cybersecurity in 2022. With the recent spike in ransomware attacks over the past year, making sure that your company is protected by an agile security strategy should be top of the agenda. This should also include a layered security approach where data is segregated by security measures to enhance its protection, so that in the event of a breach the impact is minimised.
“The shift to hybrid working as well as the changing ways in which consumers interact and engage with companies, such as the growth in online retail, will push companies to realise benefits of transitioning to the cloud, and out of legacy centres. Two security models that we believe will benefit from this and become more popular are Zero-Trust Architectures and Secure Access Service Edge, both of which are suited to architectures with extensive cloud-based services.”
Kehoe, from Barracuda, added, “Cyber attackers are becoming smarter, creating innovative ways to exploit continued work-from-home vulnerabilities and attack critical infrastructure. Defending against modern cyber threat campaigns requires the ability to respond quickly and correctly to rapidly-evolving attacks that can strike anywhere within an organisation’s infrastructure.
“By working with a cybersecurity partner to sell and deliver a cybersecurity-as-a-service offering to their end users, MSPs can tackle major cyber landscape problems at once. A great managed cyber solution eliminates the need to find and pay for a full team of industry professionals to operate 24/7 for 365 days a year.
“This cybersecurity partner should be able to shed some insight on how to speak with a prospect or a customer about cybersecurity without resorting to deep technical talk or fear mongering. Oftentimes, partners find conversations about prioritising the data that a business needs to protect, and outlining the potential risk of a breach can go a long way in helping a customer understand and acknowledge the existence of risk, and encourage them to move forward with selecting a cybersecurity solution.”
For Tim Stone, global leader of channel sales at Skyhigh Security, the biggest opportunities can be found in helping customers protect their data. He said, “In terms of other themes channel partners will begin illustrating the value of a solution that’s already been purchased – and ensuring adoption of that solution. Unless you are the victim of an attack, it can be difficult to visualise how this technology is working. This is why proof of value is so important, channel partners that can successfully articulate this value to their customers are able to form lasting relationships and drive additional mutually beneficial services.
“Channel partners also need to be aware that organisations are beginning to look for a new approach to security. Threat actors are becoming increasingly sophisticated, therefore protecting data needs to go beyond building perimeter and ensuring correct access. Protecting how data is used us an essential part of protecting the data itself. Organisations are now looking for a data-centred approach to security that allows them to protect their data wherever it resides, moves or is used.”
Choosing partners
For resellers and MSPs that are examining their current portfolio, it can be complex to assess potential partners. Thandi, from Gemserv, said, “The number of vendors providing services in the cybersecurity space has grown exponentially in the last 10 years making the decision around who to partner with increasingly challenging. Despite the growing number of vendors there is rarely anything ‘new’ or revolutionary in what is being offered.
“Whilst it is tempting to look immediately at the larger long-established vendors in the market as providing the best option for secure, stable services it is often noted by customers that they feel they are ‘just another client’. Unless the spend is significant then delivery of services, whilst within agreed SLAs, is rarely, if ever, above and beyond expectations.
“Smaller vendors are more likely to offer a more tailored service with the customer experience paramount in delivery. The downside is the smaller footprint and resources available. This may be acceptable for an organisation looking to procure services where internal resource will be more involved with the vendor and transition to an alternative is more feasible if the relationship breaks down.”
Thandi also discussed the difficulties that can arise in off-boarding vendor partners to emphasise the importance of making the best initial decision. He said, “Off-boarding a major supplier can take years and substantial resource investment where an organisation has largely outsourced its cybersecurity provision. Ultimately the decision on vendors is as much about the viability of the relationship as it is about the capability of products and services.”
Trott, from Orange Cyberdefense, summarised this as being all about symbiotic partnerships. He said, “The best partnerships are just that: partnerships. This means both sides work together to drive mutual success, rather than being a transactional relationship. It is also advisable to partner with a vendor that possesses a true differentiator, rather than acting as a ‘one stop shop’ or simply matching their competitors’ capabilities.
“Finally, we aim to partner with vendors that understand and value the strengths that the channel delivers, and those that complement our qualities and capabilities to create a unified, value-add proposition.”
This feature appeared in our June 2022 print issue. You can read the magazine in full here.