5 Managed Security Trends Driving MSP Success in 2021
December 7, 2020
Looking ahead to remote work, automation, insider threats, and more
By Tim Brown, Vice President of Security, SolarWinds MSP
As we look ahead into 2021, it’s fair to say cybersecurity trends favor the managed service model. With businesses now having more of their workforce dispersed through multiple home environments, no one is better equipped than MSPs to help monitor and manage those environments. Fueled by the increasing use of automation, IT service providers can add customers without adding to the workload.
Cyberthreats will also continue to evolve and multiply in the new year. They generally do. And MSPs will be called upon to build effective defenses against them. To rise to the challenge, providers will need to consider their responsibilities under privacy laws such as Europe’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA), and the potential ramifications of nonconformance. As a rule, cybersecurity is becoming more intricately linked with legal obligations, possibly creating liability for specific individuals within organizations.
These trends are only the beginning when it comes to security. There will be plenty to keep MSPs busy in 2021. Here are five trends to consider:
1. Go Home
One of the biggest strengths MSPs have is to manage devices in independent mode—that is, outside the confines of a network. Typically, an agent is placed on the device to allow monitoring to commence. With high numbers of employees continuing to work from home as a result of the pandemic, customers will call on MSPs more and more to manage these devices in remote environments. In cases where employees need access to critical IT assets, MSPs will be asked to actually manage and protect home networks.
2. Automate
As the MSP role expands, automation is key. It allows IT service providers to add clients with less impact on staff, creating a force-multiplier effect by automating prevention, prediction, and response processes. MSPs understand automation because they’ve always relied on programmable functions to deliver services. Now, with the reliance on automation increasing, MSPs can reap the rewards of multiple benefits such as reducing error while enabling the addition of more clients.
3. Lawyer Up
As regulations increase, so does the potential for liability. Cybersecurity and liability are becoming closely linked. Customers and MSPs should seek legal advice to better understand their responsibilities in handling private data, especially when it comes to personal liability. Individuals within an organization may be held personally accountable for breaches. Providers and clients need to know how this responsibility fits into specific regulations and what fines they may be subjecting themselves to.
4. Respect Privacy
Fines have already been charged against a handful of companies for GDPR violations. While fines have been reduced in certain cases – those involving Marriott and British Airways, for example – the important point is that the law is being enforced. And this puts pressure on providers and clients to make sure they’re implementing all the necessary protocols and controls to avoid running afoul of the law.
5. Look Within
A big part of preventing breaches is understanding the risk of insider threats and how to prevent them. The potential for a prolonged economic downturn remains high as a result of the pandemic, which puts pressure on companies to outsource business functions. This, in turn, raises the possibility of insider threats. Zero-trust policies and good cyberhygiene practices can help reduce insider risks.
In 2021, it will be important for MSPs to keep an eye on these trends to protect not only their customers’ businesses but also their own. Those providers who take time to prepare — by understanding the legalities involved in cybersecurity and taking advantage of automation — will be able to grow their businesses and drive greater success in the new year.
Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. An in-demand cybersecurity expert, Brown has been central in driving advancements in identity frameworks, has worked with the U.S. government on security initiatives, and holds 18 patents on security-related topics.
Cyberthreats will also continue to evolve and multiply in the new year. They generally do. And MSPs will be called upon to build effective defenses against them. To rise to the challenge, providers will need to consider their responsibilities under privacy laws such as Europe’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA), and the potential ramifications of nonconformance. As a rule, cybersecurity is becoming more intricately linked with legal obligations, possibly creating liability for specific individuals within organizations.
These trends are only the beginning when it comes to security. There will be plenty to keep MSPs busy in 2021. Here are five trends to consider:
1. Go Home
One of the biggest strengths MSPs have is to manage devices in independent mode—that is, outside the confines of a network. Typically, an agent is placed on the device to allow monitoring to commence. With high numbers of employees continuing to work from home as a result of the pandemic, customers will call on MSPs more and more to manage these devices in remote environments. In cases where employees need access to critical IT assets, MSPs will be asked to actually manage and protect home networks.
2. Automate
As the MSP role expands, automation is key. It allows IT service providers to add clients with less impact on staff, creating a force-multiplier effect by automating prevention, prediction, and response processes. MSPs understand automation because they’ve always relied on programmable functions to deliver services. Now, with the reliance on automation increasing, MSPs can reap the rewards of multiple benefits such as reducing error while enabling the addition of more clients.
3. Lawyer Up
As regulations increase, so does the potential for liability. Cybersecurity and liability are becoming closely linked. Customers and MSPs should seek legal advice to better understand their responsibilities in handling private data, especially when it comes to personal liability. Individuals within an organization may be held personally accountable for breaches. Providers and clients need to know how this responsibility fits into specific regulations and what fines they may be subjecting themselves to.
4. Respect Privacy
Fines have already been charged against a handful of companies for GDPR violations. While fines have been reduced in certain cases – those involving Marriott and British Airways, for example – the important point is that the law is being enforced. And this puts pressure on providers and clients to make sure they’re implementing all the necessary protocols and controls to avoid running afoul of the law.
5. Look Within
A big part of preventing breaches is understanding the risk of insider threats and how to prevent them. The potential for a prolonged economic downturn remains high as a result of the pandemic, which puts pressure on companies to outsource business functions. This, in turn, raises the possibility of insider threats. Zero-trust policies and good cyberhygiene practices can help reduce insider risks.
In 2021, it will be important for MSPs to keep an eye on these trends to protect not only their customers’ businesses but also their own. Those providers who take time to prepare — by understanding the legalities involved in cybersecurity and taking advantage of automation — will be able to grow their businesses and drive greater success in the new year.
Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. An in-demand cybersecurity expert, Brown has been central in driving advancements in identity frameworks, has worked with the U.S. government on security initiatives, and holds 18 patents on security-related topics.
