ConnectWise has outlined a path for channel growth through managed services, advising partners to pivot towards lucrative security offerings.
The shift in focus comes as cyber attacks continue to increase across the world, following a string of high-profile breaches impacting brands such as British Airways, Equifax, Under Armour and Cathay Pacific.
With the direction of travel clear, the channel is moving into selling security via a subscription basis to counter rising challenges around liability, legal and regulatory concerns.
“There’s a great opportunity in the managed technology space, and security is an area in which partners can succeed,” said Arnie Bellini, CEO of ConnectWise.
“I encourage you to diversify and take your skill-set beyond where it is today and start building out cyber security practices.”
Speaking during the opening keynote of IT Nation Connect, Bellini said partners should accelerate the transition towards a managed service provider (MSP) model, in a bid to provide competitive advantage through security.
“Cyber crime is a six trillion-dollar business [according to Cybersecurity Ventures], which takes a huge chunk out of the world economy,” Bellini added. “A total of 49 per cent of small businesses have been hacked in some capacity and 60 per cent of those companies went out of business within six months.
“This is organised crime and it’s big business. But most people don’t really know what’s going on through the dark web.”
According to Bellini, a “perfect storm” is emerging across the market, as MSPs look to expand offerings to include cyber security solutions.
“You have a social responsibility to do so because anyone that is touching data has an obligation to protect that information,” Bellini said. “You also carry a massive amount of liability.
“If you’re providing managed services and looking after infrastructure, and if you’re not hardening your environment in a way that your customers won’t get hacked or breached, then you carry a massive liability.”
For Bellini, ConnectWise “learned this the hard way”.
“We had a customer in the Tampa Bay area that was hacked and they called me to say their firewall was breached,” he explained. “My response was that we can’t guarantee that you won’t get breached.
“Our customer responded that they stole 100 tax returns from top clients and have all the social security numbers and could file tax returns and receive refunds early.
“The customer said to me, ‘what are you going to do about it?’ and I looked at the customer and said, ‘well you know, you’re not really paying me to do that’. Then I caught myself right there and thought this is insane, I can’t even say this out loud.
“The customer is paying us to do this, it’s our responsibility and we should have told them that they needed to be safer and add some services because they got hacked and we are the MSP so it’s on us. It might not have happened to you yet, but the day of reckoning is coming and it will.
“People are suing over cyber crime and you don’t want to be sued because of negligence.”
Within the context of the channel, Bellini said providing such deep expertise and services around security can help MSPs create “massive competitive advantage” in an increasingly crowded market.
“There’s not many MSPs doing security right or even attempting to do this the right way. This is how you can specialise and this is the easier path for you, get good at cyber defence.”
Citing a US$25 billion opportunity in 2019, Bellini said the security proposition matches that of managed servers, with the managed security market growing at 17 per cent year-on-year.
“How much money do you make managing servers?” asked Bellini. “Add that up and that’s how much additional money you can make through security. There are a host of new services and line items that you can provide to your customers.”
Currently, Bellini said MSPs are selling basic levels of security to customers, at an average rate of $125 per seat in USD, spanning infrastructure and device management, as well as cloud, monitoring, help desk and disaster recovery offerings.
“This is basic security which most MSPs do today,” he said. “This also covers email encryption, spam filtering and anti-virus software, plus firewall management.
“That’s exactly what we were providing when our customer was hacked and it wasn’t enough. As an MSP you have the liability to work through the equation but you’re not making the money.”
For Bellini, increased value can be found in advanced security services, such as password protection, single sign-on and disk encryption capabilities, joined up with multi-factor authentication, cyber risk assessment and vulnerability scanning.
Other key advanced services include intrusion detection, threat intelligence and security awareness training, alongside data loss prevention, network access control and user behavioural analytics.
Such services can increase per seat billing from $125 to $175, according to Bellini.
“This is MSP 2.0,” he explained. “You can charge $175 per seat for this because you’re adding a new set of services around cyber and adding more value in the process through digital offerings.
“You can go even further with some services and charge more than $250 per seat, this is a world that you can conquer.
“I’ve talked with several of our largest partners and I asked them to self-assess themselves in cyber security on a scale of 1-10. Most are ranking two or three and overall, I’d say most MSPs are not ranking higher than a four out of ten at this stage.”
In reference to ongoing MSP challenges in building out security capabilities, Bellini acknowledged a worsening skills gap in the market, a gap which is expected to widen within the next seven years.
“There’s a huge talent gap in cyber security and this year alone, over a million jobs were unfulfilled in the industry,” Bellini observed. “There’s not enough people doing this work or being trained to do this work.
“By 2019, there will be a skills gap of 1.5 million people, which will grow to three million by 2025. The way to fight this is not through more people because we don’t have enough people and by the way, it’s silly to fight with people. Fight with technology.
“In security, a lot of work is still being carried out in the same way, with human beings and checklists, the market hasn’t changed that much.”
To help partners make the transition, ConnectWise is providing a cyber security risk assessment tool and a vulnerability scanner free of charge for three months to members of the IT Nation.
Bellini said the move is designed to allow providers to “quickly evaluate” a company’s ability to combat a variety of malicious cyber threats.
“The idea is simple,” he explained. “We want every member of the IT Nation to be able to understand where they and their customers stand in terms of cyber security.
“Our partners are responsible for the security and technology footprints of hundreds of thousands of companies, and we want to help them be successful.
“These tools will give our partners additional opportunities to position themselves as trusted and valued strategic advisors to their clients in an ecosystem where security risks continue to exponentially grow.”
Citing ConnectWise commissioned research, Bellini said the global managed technology opportunity in USD is expected to reach $154.5 billion in 2021, up from $83.6 billion in 2016.
Within this market, managed security will account for $35.2 billion of spending, followed by managed support, managed server and managed storage at $30 billion, $28.7 billion and $26 billion respectively.
“It’s as simple as this,” Bellini added. “Every aspect of technology than you can provide will be delivered as-a-service.”
Labelling the wider as-a-service catalogue as a “sushi menu” of choice for customers, Bellini said 15 core technology categories will be delivered on a subscription basis, spanning all aspects of the market.
Specifically, key areas include cyber and physical security; copy and printing; Internet of Things; audio visual and collaboration, in addition to disaster recovery; line of business applications; office applications; network infrastructure and onsite computing.
Delving deeper, other segments cover cloud computing; business intelligence; application development and artificial intelligence.
“You might be a value-added reseller and not yet doing as-a-service, but you’ll have to move your business towards this model,” Bellini said. “Even if it’s not your business model today, you’ll have to start moving towards this approach for the services side of your company.
“The opportunity is there for the taking but partners need to run their business in the right way to take advantage.”
The managed security services messaging comes as ConnectWise hosts IT Nation Connect in Orlando, in front of more than 3,500 attendees.
This year plays host to an open ecosystem of providers, including Cisco, Webroot, Barracuda and Cylance, alongside Fortinet, StorageCraft and Veeam.
Furthermore, ConnectWise recently unveiled plans to launch an inaugural IT Nation Connect event in Australia in early 2019, driven by increased partner momentum locally.
Set for the Gold Coast on 25-27 March, the flagship conference will span the entire Asia Pacific region, providing three days of technology product training, business sessions and networking, backed up by a keynote address from Bellini.
James Henderson travelled to IT Nation Connect as a guest of ConnectWise