Sophos, a global provider of cybersecurity solutions, has published its first-ever “MSP Outlook 2024” research report, revealing that the most significant day-to-day challenge facing managed service providers (MSPs) is staying up to date on the latest cybersecurity technologies and solutions. This concern was highlighted by 39% of respondents. Further discussion included the hiring of new cybersecurity analysts as the main challenge to serve a growing number of customers and address evolving cyber threats.
The survey highlights a critical issue facing MSPs: a lack of in-house cybersecurity skills, which is perceived as the top risk to both their own operations and those of their clients. MSPs also identify stolen access data and credentials, and unpatched vulnerabilities as major security threats. Notably, the State of Ransomware 2024 report indicates that nearly one-third (29%) of ransomware attacks begin with compromised credentials, highlighting the prevalence of this attack vector.
“Rapid innovation in cybersecurity makes it increasingly difficult for MSPs to stay up to date on new threats and corresponding defenses,” said Scott Barlow, vice president of MSP at Sophos. “This situation is exacerbated by a global skills shortage, making it difficult for MSPs to recruit and retain cybersecurity analysts. Additionally, our 2023 Active Adversary report for technology leaders revealed that 91% of ransomware attacks occur outside of normal business hours, increasing the need for round-the-clock vigilance.”
These challenges are driving demand for managed detection and response (MDR) services that provide continuous monitoring. Already, 81% of MSPs offer MDR services, and nearly all (97%) of MSPs that do not currently offer MDR services plan to do so in the future. Reflecting the skills shortage, 66% of MSPs employ third-party vendors for MDR services, and an additional 15% use a combination of their own security operations center (SOC) and third-party support. The ability to provide 24/7 incident response services is considered the most important capability for third-party MDR providers.
The survey uncovered MSPs' strategies for streamlining operations: More than half (53%) of MSPs work with one or two cybersecurity vendors, and 83% use one to five vendors. Rationalization is seen as a way to reduce expenses, with MSPs estimating they could reduce day-to-day administration time by 48% if they could manage all their cybersecurity tools from a single platform.
Another key finding from the report is the increasing demand for cyber insurance-related support, reported by 99% of MSPs. The most common requests are to implement MDR services to increase insurance uptake rates (47%) and assistance with completing insurance claims (45%). Flexibility from an MDR provider is also essential, with 71% of MSPs believing it is important that the vendor can use their existing security tools to detect and respond to threats.
Geographically, US MSPs lead the way in offering MDR services, with 94% already offering these services, compared to 70% in Germany, 62% in the UK, and 58% in Australia.
“MSPs have a critical role to play in protecting their customers from rapidly evolving cyber threats, but optimizing their security configurations has the potential to significantly improve their business and profitability. Data shows that MSPs can enhance their offerings and reduce costs by integrating platforms and working with third-party MDR vendors,” concludes Barlow. “When building out the security services of the future, MSPs should prioritize vendors that offer comprehensive, industry-leading, fully-managed security services and solutions.”
The “MSP Outlook 2024” report is based on a vendor-neutral survey of 350 MSPs across the US (200), UK (50), Germany (50) and Australia (50). The survey was commissioned by Sophos and conducted by research firm Vanson Bourne in March 2024.