MSP survey: cybersecurity skills shortage & technology updates lead challenges

Sophos, a global provider of cybersecurity solutions, has published its first “MSP Perspectives 2024” survey report, revealing that the most significant day-to-day challenge faced by Managed Service Providers (MSPs) is keeping abreast of the latest cybersecurity technologies and solutions. This concern was highlighted by 39% of the respondents. Further discussions outlined hiring new cybersecurity analysts as a primary challenge to meet customer growth and address evolving cyber threats.

The survey underscores a critical issue faced by MSPs: a shortage of in-house cybersecurity skills, perceived as the greatest risk to both their own operations and those of their clients. MSPs also identified stolen access data and credentials and unpatched vulnerabilities as substantial security threats. Notably, the "State of Ransomware 2024" report indicated that nearly a third (29%) of ransomware attacks began with compromised credentials, emphasising the prevalence of this attack vector.

"The rapid innovation in cybersecurity makes it increasingly challenging for MSPs to stay updated with emerging threats and the corresponding defensive measures," said Scott Barlow, Vice President of MSP at Sophos. "This situation is exacerbated by a global skills shortage, making it difficult for MSPs to attract and retain cybersecurity analysts. Additionally, our 2023 Active Adversary report for Tech Leaders reveals that 91% of ransomware attacks now occur outside regular business hours, amplifying the need for round-the-clock vigilance."

In response to these challenges, there is a rising demand for Managed Detection and Response (MDR) services to provide continuous monitoring. Already, 81% of MSPs offer an MDR service, with nearly all (97%) of those not currently offering it planning to do so in the future. Reflecting the skills shortage, 66% of MSPs employ a third-party vendor for MDR services, while another 15% use a combination of their own Security Operations Centre (SOC) and third-party support. The ability to provide 24/7 incident response services is deemed the most critical capability for third-party MDR providers.

The survey sheds light on MSPs' strategies to streamline their operations. Over half (53%) of MSPs work with one or two cybersecurity vendors, and 83% use between one and five vendors. Streamlining is seen as a way to reduce overheads, with MSPs estimating they could cut day-to-day management time by 48% if they could manage all cybersecurity tools from a single platform.

Another significant finding from the report is the increased demand for cyber insurance-related support, reported by 99% of MSPs. Among the most common requests are implementing an MDR service to enhance insurability (47%) and assistance in completing insurance applications (45%). Flexibility from MDR providers is also essential, with 71% of MSPs considering it vital that vendors can use existing security tools for threat detection and response.

Geographically, MSPs in the United States lead in MDR service provision, with 94% already offering these services compared to 70% in Germany, 62% in the United Kingdom, and 58% in Australia.

“MSPs have a critical role in defending their clients against rapidly evolving cyber threats. However, there is significant potential to grow their business and profitability by optimising their security setups. The data indicates that MSPs can enhance their offerings and reduce costs by consolidating platforms and engaging with third-party MDR vendors,” concluded Barlow. “When building future security offerings, MSPs should prioritise vendors that provide a comprehensive range of industry-leading, fully managed security services and solutions.”

The “MSP Perspectives 2024” report is based on a vendor-agnostic survey of 350 MSPs across the United States (200), United Kingdom (50), Germany (50), and Australia (50). The survey was commissioned by Sophos and conducted by research firm Vanson Bourne in March 2024.