Managed Security Services Still a Profitable Exercise

Plusone Twitter Facebook Linkedin Digg Email

By now, it’s easy to assume that managed security services are inherent to the managed services model, taking on the trappings of a baked-in offering that’s a prerequisite for any business class IT services practice.

Over the past two years most of the major IT vendors — Dell Inc., Cisco Systems Inc., Hewlett-Packard Co., IBM Corp., EMC Corp. — have made a play to incorporate security into their services support products. And the channel has responded in kind, making security services a fundamental part of managed services practices akin to storage and backup and recovery. Notably, the space has attracted some of the largest service providers like AT&T Inc., Verizon Communications Inc., Tata Communications Ltd., Wipro Technology Services Ltd., and CenturyLink, Inc., among others.

But what might have been a march toward commoditization appears, at least for now, to remain a campaign toward opportunity. Several industry analysts of late are noting the continued growth of managed security with estimates that indicate enough meat on the bone for both ongoing value for the early adopters and new profits for the MSPs that may still be nibbling around security’s edges.

In one recent take, Transparency Market Research this week said the managed security services market is expected to reach $24 billion by 2019, rising annually at a CAGR of 15.4 percent. The boost is being fueled by increased demand for things like network security and confidentiality services with a major push for emerging cloud-based managed security services, the analyst firm said.

Demand for managed security services is particularly hot in highly regulated verticals such as finance, government, utilities, pharma and health care, and telecom which now account for nearly 60 percent of the managed security market share, Transparency analysts said. The firm also noted the continuing shift away from CPE-based security services to cloud-based offerings which now account for the lion’s share of the revenue in the space.

Managed security services growth is also being driven by the realities on the ground for most businesses, particularly SMBs which rely more heavily on third-party partners for their IT needs.  Managed security is certainly being helped along by the ever-present increase in the volume, variety and complexity of threats, as well as by security product sprawl and the burgeoning BYOD trend which is obliterating network perimeters.

That’s made other industry watchers bullish on the managed security space as well. Just last month, market analysts at Infonetics Research estimated the global market for managed security services will grow by 45 percent over the next five years. The cloud side of the market alone is set to top $9 billion by 2017, Infonetics said.

“The long-term outlook for managed security services, and especially cloud services, is quite strong, but there are some potential stumbling blocks,” said Jeff Wilson, principal analyst for security at Infonetics. “Improvements in the efficacy and ease of management of security products could decrease the urgency to move to the cloud, and regulatory drivers are forcing some customers to keep all data on premise.”

Ash Patel, regional director at McAfee-owned security vendor Stonesoft said more SMBs are turning towards managed security service providers (MSSPs) to combat the new breed of more advanced and complex attacks, rather than fighting them in-house.

“Cyber security must be provided to SMB customers in the same way we use our telephones or electricity,” Patel said. “They do not need to concern themselves with how it works, but simply need to pay a monthly fee for a comprehensive, flexible and robust security service. The future of cyber security for the SMB is with the MSSPs.”

Patel may be right in theory, but the proliferation of security services certainly hasn’t left the business landscape fully protected or kept all SMBs from suffering significant security blind spots that leave them open to sophisticated cyberthreats, a new study finds. According to the non-profit IT advocacy firm CompTIA, an overwhelming majority of companies (82 percent) say their level of IT security is completely or mostly satisfactory — despite just 13 percent having made significant changes to their security approach over the past two years.

This disconnect indicates organizations may be ignoring the most prevalent technology trends, such as the adoption of cloud computing, social media and the growing number of employee-owned mobile devices connecting to critical business systems, according to CompTIA’s latest Information Security Trends survey.

All of which spells opportunity for service providers ready and willing to amp up their services practices to take advantage of a still-hot market. But while it may remain profitable, the journey to success in the highly travelled managed security realm won’t be easy.

“New entrants are expected to face stiff competition from existing players, and will have to focus on service differentiation and quality, so as to sustain growth in the long run,” the Transparency report concluded.

Related Articles:

Leave a Reply