Organizations of all sizes across industries are adding complexity to their networks as they undergo digital transformation. Cloud-based services, multi-cloud environments, and increased reliance on the IoT bring challenges such as reduced visibility, complicated integrations, and new attack vectors to your customers’ networks. Consequently, they oftentimes do not have the security infrastructure or personnel to keep up.
The cybersecurity skills gap exacerbates the security implications inherent in digital transformation, as IT teams cannot find, or are priced out of hiring, IT security professionals in this increasingly competitive market.
As a result, many organizations are now turning to Managed Security Services Providers (MSSPs). MSSPs offer security services to monitor systems using high-availability security operations centers (SOCs) to reduce resource expenditure for their customers. Common security services include intrusion detection, vulnerability scanning, intrusion prevention, and anti-malware services.
The Opportunity That Exists for MSSPs
Rather than devoting extensive resources to build out security teams and SOCs in house, MSSPs allow organizations to reduce upfront CapEx, subscribing to security services on a monthly basis using OpEx funds. MSSPs provide organizations with the tools, configuration, and expertise required to secure modern networks – minimizing the effects of the cybersecurity skills gap.
This broad shift to services-oriented business models has created a wealth of opportunities for partner organizations such as VARs and MSPs. The MSSP market is predicted to grow to $31.9 billion by the end of the year with a CAGR of 17.3%. Resale margins, however, are expected to decline.
To this end, many MSPs and VARs seek to update their offerings to become MSSPs. More than just offering managed firewall services, partners who seek to increase their market share and remain competitive must offer comprehensive security management through a well-maintained SOC. This is where many partners run into issues on the road to becoming an MSSP. Setting up a SOC can act as a major barrier to entry into the services arena as it requires advanced SOC and SIEM expertise and considerable capital investment.
SOC Lifecycle Strategy
To assist our partners in evolving their MSSP offerings, Fortinet has developed the SOC Lifecycle Strategy, which offers programs and assistance in the progression from VARs or MSPs to visionary MSSPs. A visionary MSSP offers services to their customers with an established SOC, focusing on business outcomes through innovations in AI, data-analytics, multi-tenant automation and automated response.
The SOC Lifecycle comprises four phases. Our partners follow a structured path along each phase until they graduate to a mature and profitable MSSP, able to grow their market share and maintain effective security posture across multiple client networks. These phases include:
- MSS 1.0 - Services Creation: This is the first phase of the SOC lifecycle. Here, the VAR or MSP begins to build out security service offerings for their clients leveraging different aspects of the Security Fabric. To do this, VARs/ MSPs leverage OpEx offerings to keep cash liquid and improve their time to market. These include services such as hardware as a service (HWaaS) and FortiCloud multi-tenant management services. At this stage, partner services are largely reactive rather than proactive, with minimal SOC or SIEM experience and developing an incident response plan.
- MSS 2.0 - Outsourced SOC: Once service offerings have been established, the next step on the path to becoming a visionary MSSP is to begin providing SIEM and SOC services in a 7X24 capacity. However, there are limited internal resources in these areas at this point in the MSSP process. Fortinet helps partners bridge the gap by aligning them with a SOC Authorized Partner, taking first call support but outsourcing SOC functions to a partner until an internal team can be established. Furthermore, drawing from the pool of candidates in our FortiVets program, which trains transitioning military veterans into new roles in the cybersecurity industry, Fortinet helps partners fill the SOC analyst new hire pipeline.
- MSS 3.0 - MSSP Maturity: At this stage, our partners have broadened their service offerings with different aspects of the Security Fabric. Having leveraged core secure access technologies as beachhead services, they continue to advance their SIEM and SOC capabilities with training offered through Network Security Experts (NSE) program and NIST-based SOC analyst training. While core secure access technology constitutes the predominant share of the services revenue, our partner is expanding their service portfolio to offer SD-WAN, MDR and public multi-cloud security. The internal 8x5 NOC coverage is expanded to 24x7 SOC coverage.
- MSS 4.0 - Visionary MSSP: By now, partners have established a fully mature SOC and SOC team and are looking for ways to elevate offerings. Here, MSSP partners have the infrastructure and team to build innovative solutions to the key challenges facing the cybersecurity industry today. Some of these challenges include incorporating AI and machine learning into incident response processes, adding security capabilities to headless IoT devices, threat hunting, and bringing big data analytics into cybersecurity to facilitate predictive response. In addition to looking for solutions to these challenges, fully-realized visionary MSSPs will incorporate SOAR (Security Orchestration Automation & Response) process to automate deployments, tier 1, mitigation, and response. Fortinet MSSP partners at this level have configured security playbooks to assist with the standardization of security deployments.
The MSSP Partner Program
In addition to facilitating the creation and maintenance of an effective SOC, the Fortinet MSSP program offers specialized support, service creation assistance, and technical guidance on Fortinet products as well as business development assistance and sales alignment to identify new revenue streams. This is done through OpEx and SECaaS model enablement to grow MSSP capabilities and assist in preparing partners for future customer needs. Fortinet also offers our partners access to MSSP engineers with expertise in multi-tenant management and automation, enabling them to secure virtual and multi-tenant environments.
Furthermore, Fortinet offers a wide range of solutions, enabling partners to customize their offerings to their customers' needs, while incorporating advanced threat intelligence.
Final Thoughts
The growth of digital transformation, when combined with the cybersecurity skills gap, means that organizations are increasingly seeking to outsource corporate cybersecurity to MSSPs. This is a huge opportunity for our partners to grow their businesses while increasing the value they offer their customers. However, in order to take advantage of this opportunity aspiring MSSPs need the expertise and resources to create an advanced SOC, and offer diverse security services.
Through Fortinet’s SOC Lifecycle Strategy our partners can seamlessly make the transition from MSP / VAR to a profitable MSSP.
