One of the continuing major challenges facing security operations center (SOC) teams worldwide is the shortage of cybersecurity talent. Case in point, the Fortinet 2022 Cybersecurity Skills Gap report found that 50% of global leaders cite security operations as one of the most challenging roles to fill. Furthermore, 42% are still in need of security operations analysts.
Perhaps the most startling data revealed in this Fortinet survey was that globally 80% of organizations suffered one or more breaches because their staff lacked an appropriate level of cybersecurity skills and awareness. Thus, managed services security providers (MSSPs) and many organizations are all competing for the same talent. How can your MSSP stand out and land the trained and experienced cybersecurity people you need? I have some suggestions.
The Competition for Cybersecurity Talent
First, ask yourself, “What compels highly sought-after cybersecurity professionals to gravitate toward a certain MSSP instead of other opportunities?” The answer is common sense when you consider all the opportunities in-demand cybersecurity talent have before them.
Like almost any individual who decides on a career and hopes to excel in their field of choice, cybersecurity-trained people will prefer to learn from — as well as work with — the industry’s best individuals and teams, as well as get significant experience using the newest top technology. In other words, these in-demand cybersecurity jobseekers want to add value to their careers, resumes, and bank accounts by working with the technologies of a recognized and respected cybersecurity industry leader/vendor.
In my opinion, the best cybersecurity vendors are SOLELY focused on the mission of securing organizations from cybercriminals. They are not distracted by other goals. MSSPs looking to recruit top talent in cybersecurity need to be partnered with such a vendor—a leader in the marketplace. Most top talent won’t accept a cybersecurity position that doesn’t offer job satisfaction, include personal and professional growth opportunities that could lead to a long, fulfilling, and financially rewarding career in cybersecurity.
They Go Where the Opportunity Is
Why do cybersecurity professionals gravitate towards working for managed security services partners who are creating services based on a leading vendor’s platform? Because that is just where the opportunity is. MSSPs that aren't currently partnered with a market-leading cybersecurity vendor may find it kind of interesting but it's definitely not exciting, and probably a “dead end.”
Talented cybersecurity professionals want to be with an MSSP that’s building their business on a major vendor’s platform because it is thrilling and lucrative. A trailblazing cybersecurity vendor offers individuals the challenge of working on a platform with technological flexibility, versatility, breadth, and innovation. And getting training certifications after mastering an industry-leading platform has proven market value when the individual seeks a promotion or “greener pastures.”
Better Bait
If MSSPs are struggling in the competition for resources, their vendor’s cutting-edge platform is better bait. Having an exciting environment to learn in and work in can incentivize top cybersecurity talent to join your MSSP crew. The prospective MSSP employee may have this thought process: “Hmm, if I work for a leader in the marketplace with proven technology that is widely applied, and if I invest my time in managing and learning it, I’m going to be rewarded in my career later on with even more exciting and interesting opportunities.”
To be very successful, MSSPs need a vendor that does everything from the data center to the edge and everything in between. And one that deploys security on multiple platforms, in multiple delivery models. These types of environments are much more exciting for technical professionals to work in.
Another Tip for MSSPs
MSSPs shouldn't show up just selling technology. Think about services—human augmentation services, and additional services pre and post sales that enable the business to grow quickly with predictable outcomes.
MSSPs that are trying to climb to peak success need their cybersecurity partner to be a technology and business Sherpa. Sherpas are renowned for providing support to mountain climbers in the Himalayas, both as porters and guides. The best partner for an MSSP is the industry-leading vendor that acts like a Sherpa — an organization that will not only carry “the gear” but also help guide your business as it scales to ever-higher summits of success. It is very important if you're just launching an MSSP to be aware of the roles you need support in when selecting a new cybersecurity vendor.
3 Key Recommendations
You want to select a vendor that:
- Gets you into your service quickly and easily with low overhead
- Helps you scale up your people
- Helps you scale up your current resources
If a vendor can do all of those things, it puts all the tools in place that you will need to build your business quickly and efficiently.
Opportunities for Partners
To remediate the cybersecurity talent shortage in the short term, enhanced services can help SOC teams reduce their organizations’ cyber risk while freeing up the team’s time to focus on higher-priority projects.
Technology alone won’t solve the skills gap and inundation problem of the SOC, which is why MSSPs need to choose vendors who are dedicated to also delivering human-based SOC augmentation services to provide immediate support, while investing in an industry-leading training institute to close the cybersecurity skills gap. This combination of technology, services, and training enables SOC professionals to better protect their organizations from detection to incident recovery.
A vendor that can augment a partner’s technical staff quickly with a better rate of success is a good proposition for a partner to consider. Look for vendors that have a lot of experience doing this. In short, partner with a cybersecurity vendor that can deliver people, processes, and technology.
Author Michael O’Brien is regional VP, strategic routes to market, Fortinet. Read more Fortinet blogs here. Regularly contributed guest blogs are part of MSSP Alert’s sponsorship program.
