Guest blog courtesy of LimaCharlie.
MSSPs want to grow—but the complexity of modern security operations (SecOps) and the unique demands of the security services market make this challenging.
In this post, we’ll look at how tools with public cloud or public cloud-like pricing—pricing that is usage- or consumption-based rather than fixed fee or license-based—can help MSSPs grow more effectively and efficiently.
Four Growing Pains for MSSPs
Discussing benefits without context doesn’t mean much, so it’s worth looking at the key operational and business challenges that all growing MSSPs face:
Controlling costs while delivering value to customers. MSSPs must invest in security tooling and infrastructure to provide the performance customers expect and build a reputation that wins new business.
But a modern SecOps stack may comprise dozens of different tools. The licensing costs of such a complex toolset eat into profits, and there are significant labor costs to managing all of that complexity, creating an additional drag on profitability.
Building infrastructure in-house can provide some relief, but there are long-term maintenance and management costs involved here as well. Over time, those costs can negate the savings offered by DIY infrastructure and create an unacceptable burden on security teams.
If taking on a new client requires a new tool, the cost of customer acquisition can be prohibitive, further hampering growth.
Differentiating services while remaining profitable. MSSPs need to differentiate their service offerings from competitors to stand out in an increasingly crowded marketplace.
However, finding a product–market fit can be difficult and time-consuming for service businesses—threatening the viability of an MSSP as it finds its place in the market.
In addition, the cost of validating new service offerings, or of pivoting away from an approach that isn’t working, can be high enough to prevent companies from taking the sorts of calculated risks necessary for growth.
Taking advantage of new opportunities quickly. The cybersecurity services market moves fast—especially for firms engaged in incident response work. When an opportunity presents itself, MSSPs need to act.
Unfortunately, many cybersecurity vendors have lengthy sales processes that require contract negotiations, mandatory meetings with salespeople, and so on.
That kind of sales culture is not necessarily a problem for enterprises, as they are accustomed to longer procurement cycles. But for a growing MSSP that needs immediate access to a tool, it is a major stumbling block.
Building scalable security operations. Early-stage MSSPs often depend on the expertise of a small number of highly skilled individuals—security engineers who can make magic happen on a shoestring budget.
But the tech stack and workflows built by these high-skill individuals must be able to scale, or firms will have problems when they expand.
In many cases, a growing MSSP will be forced to choose between spending money they don’t have on scalable tools or using a cost-effective DIY approach that may not scale well in the future.
Public Cloud Pricing as a Growth Enabler
MSSPs that want to overcome these challenges should look for ways to integrate tools with a public cloud pricing model into their stack. Doing so confers important benefits:
Operating costs are more manageable since it’s possible to scale tool and infrastructure usage with revenue—and change the scope of an existing deployment without incurring penalties. If onboarding a new customer means taking on a new tool, pay-per-use pricing helps an MSSP account for the additional tool and labor spend in their fees more easily.
Risk-taking is safer when tools can be scaled up or down as needed. By leveraging public cloud elements, service providers gain the freedom to try out new ideas and adopt the same “fail fast” business development strategy embraced in other areas of technology.
Rapid action is easier when using technology with consumption-based pricing, because such technology is typically delivered via a self-service model. Service providers only need a credit card to access the capability they need right away, bypassing the longer sales timelines of traditional software vendors.
Scalability is intrinsic to usage-based tools. The business model of the providers of these tools assumes that most users will start small and grow exponentially, meaning that their technology is designed with scalability in mind.
Laying the Groundwork for the Future of SecOps
MSSPs shifting to tools and infrastructure with public cloud-like pricing models will find immediate opportunities to do so in the areas of compute and storage.
In addition, an emerging class of cybersecurity tools and platforms offers on-demand access and pay-per-use pricing in an attempt to do for cybersecurity what AWS and GCP did for the technology sector at large. MSSPs that adopt this approach now can lay a foundation for sustainable growth and build a forward-looking SecOps practice.
At present, it may not be possible for MSSPs to switch completely to pay-per-use tools. But by using more public cloud-like components, MSSPs begin to access the benefits of cost savings, agility, and scalability already enjoyed by the world of IT and general tech.
What LimaCharlie Offers to MSSPs
LimaCharlie is building the cybersecurity industry’s first SecOps Cloud Platform. The goal is to deliver core security capabilities and infrastructure on-demand and pay-per-use—offering the pricing benefits of the public cloud with the interoperability and integration of a unified platform.
To learn how MSSPs and other service providers are taking advantage of this new approach, see our webinar: Navigating the SecOps Cloud Platform Revolution for Service Providers.
