Canalys’ estimate of how many MSSPs there are in the market is 10,000, and that number hasn’t changed in a couple of years. What gives? The answer is, it’s complicated. The definition of MSSP varies, and plenty of other types of companies are getting into the cybersecurity services market, including MSPs that may white label cybersecurity services from other companies. So it’s not clear how that MSSP number will vary from year to year.
One thing for certain, MSSPs are in an increasingly hot market. Global Systems Integrators are increasingly looking to come down market and offer managed security to smaller companies, Peter Bryant, Canalys analyst covering cloud, partnerships and GSIs, told MSSP Alert at the Canalys North America Forum this week.
Plus, cybersecurity insurance companies like Coalition have entered the MSSP market and are competing with pure play MSSPs.
Are you noticing competition heating up out there? Let me know. And do you have any news or tips for this column? If so please them to me at [email protected].
Today’s MSSP Update
1. AI security - Symmetry Systems is announcing a significant expansion of its Data+AI Security capabilities to combat the emerging threat of ConfusedPilot attacks that target retrieval augmented generation based AI systems such as Microsoft 365 Copilot. The attack allows manipulation of AI responses simply by adding malicious content to any documents the AI system might reference.
2. ZTNA launch - Alkira launched its Zero Trust Network Access (ZTNA) solution to make remote work safer and simpler. Alkira's ZTNA secures all types of network traffic in one place, making it easier to manage. It also works with existing security tools, the company said.
3. Secure cloud expansion - Data-focused cloud, on-premises and hybrid security solutions provider Skyhigh Security is expanding its global cloud infrastructure footprint. The company has been steadily expanding its SSE Point of Presence (PoP) infrastructure to strengthen global connectivity across North America, EMEA, LATAM, and APAC regions. In the past year, Skyhigh Security has tripled its PoP deployments and currently safeguards over 10 million nodes through its comprehensive network that includes more than 100 PoPs globally.
4. Collaborating on Fortinet exploitations - Mandiant is collaborating with Fortinet to investigate the mass exploitation of FortiManager appliances across 50-plus potentially compromised FortiManager devices in various industries. The vulnerability, CVE-2024-47575 / FG-IR-24-423, allows a threat actor to use an unauthorized, threat actor-controlled FortiManager device to execute arbitrary code or commands against vulnerable FortiManager devices.
5. Partner program expansion - Saviynt has expanded its global partner program, Saviynt Accelerate, to offer a structured program with tiers and new resources - including in-depth identity training, certifications and expert support - designed to empower its channel ecosystem of distribution, solution, service and technology partners.
6. CMMC resources and support - N-able has launched an expanded set of global compliance initiatives and designated resources designed to help fuel cyber resilience and readiness for partners across a growing number of cybersecurity-focused compliance frameworks. This follows the finalized Cybersecurity Maturity Model Certification (CMMC) 2.0 regulation, the initiatives extend ongoing product security, cloud infrastructure, and operational enhancements for the overlapping controls in CMMC 2.0, NIS2, Cyber Essentials, Essential Eight, and other cybersecurity frameworks.
