Content, Content

Privileged Access Management and MSSPs: Big Opportunity?

Thycotic’s Charlie Patsios
Thycotic Channel Marketing DIrector Charlie Patsios

It’s well known that privileged accounts and business user credentials are potentially lucrative gets for cyber hackers. Armed with the right privileged credentials, hackers can can rummage virtually unimpeded through a company’s infrastructure to pilfer valuable proprietary or customer data.

More than 60 percent of businesses served by solution providers have been hit with cyber attacks that specifically targeted privileged account passwords, or the so-called “keys to the kingdom,” a recent study showed. Other researchers place the figure at around 80 percent.

While that tie-in isn’t surprising, the absence of solutions to protect privileged access credentials presents a revenue opportunity for MSSPs and other channel partners, concluded Thycotic, a privileged access management (PAM) developer, from its survey of 250 solution providers. About 90 percent of the channel partners offer cybersecurity services to their customers.

Of those channel partners, more than 90 percent said that only half of their clients have a PAM solution in place. And, 45 percent of the survey respondents said that only 10 percent of their clients have implemented a PAM solution. In other words, privileged account credentials need better guardians, the Washington, D.C.-based company suggested.

"The survey suggests channel partners need to help educate their clients about the risks associated with privileged credentials," said Charlie Patsios, Thycotic’s channel marketing director. "We are seeing a growing number of solution providers expanding their cybersecurity services around PAM protection."

Here’s some more data from the study:

  • 74 percent of solution providers’ clients have suffered a breach in the past 12 months.
  • Among those experiencing a breach, 55 percent did not act to fully remediate the cause of the breach and 18 percent did not seek any remediation to prevent a breach from recurring.
  • 62 percent of solution providers said that cyber attacks were specifically targeting their clients' privileged accounts seeking to exploit credential vulnerabilities.
  • 44 percent of clients identified ransomware as their most common breach, followed by 31 percent for phishing attacks.
  • 79 percent of solution providers’ clients ranked PAM as a significant priority, while 11 percent said it was their urgent priority and 10 percent said it wasn’t a priority at all.
  • 92 percent of solution partners plan to increase their training and investment in PAM solutions for 2018.

Solution providers in the study acknowledge the challenges associated with convincing their clients of securing access to privileged accounts through PAM solutions. Most said the indecision came from prioritizing vulnerabilities, with ransomware and phishing topping their concerns.

Thycotic has posted 161 percent annual growth over the last three years and recorded 12 straight quarters of record revenue growth, according to the company's website.  The 22-year old firm has landed $4.5 million in venture funding in two rounds, with the most recent capital infusion in September, 2016.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.