This is the third in a series of articles that Fortinet is writing for MSSP Alert. The first article titled, Tips for Assessing Your Vendor Opportunities as a MSSP, provides an overview of what MSSPs should be looking for in a cybersecurity provider partner. In subsequent articles, we are taking a deeper dive into the individual “ingredients” that go into a recipe for a successful MSSP-Vendor partnership.
The Most Important Ingredient
In this post, let’s examine the importance of cybersecurity vendors providing MSSPs with the right technology, perhaps the most important ingredient in “the recipe.” We believe the “correct tech” for a MSSP should always be an integrated and integrate-able solution. The industry-leading vendors are moving away from standalone point products and towards integrated mesh solutions that aren’t siloed and work together. The integrated adjective also applies internally. Vendors need to provide integrated solutions that make it easy for MSSPs to go from one offer or two offers to five offers or more.
The Integrate-able Solution
The ideal vendor also must offer solutions that are integrate-able — meaning that they will “play nicely” with all the other tools and items that must be employed to deliver a solid cybersecurity solution. This requirement is based on the reality that no single vendor can easily deliver all the solutions or tools necessary — now or probably in the future, too. Therefore, at some point, the vendor’s products are going to have to work well with another vendor's products or services. This integrate-able capability of a solution is something that every cybersecurity vendor should offer MSSPs — and every MSSP should be looking for in a vendor.
An MSSP will want to partner with a vendor that understands its current situation. In all likelihood, the MSSP already has vendors and offers that are deployed in the field and not going to be dropping them overnight and replace them with a new vendor and solution — no matter how good they may be. However, an MSSP will do well to part with a vendor that isn’t prepared to help them on their journey from integrating point products into a cybersecurity platform.
Placing a Bet with Long-term Impact
As partners are required more and more to make bets that will have a long-term impact on their businesses, this is where they need to know if the bet is too risky or if it will increase their odds of success. The quickest way for a MSSP to increase its odds of success is to work with a cybersecurity provider that not only helps you today with the offer that you're currently building — but also gives you the roadmap for building the five more offers that you'll need over the next 24, 36, or 48 months.
Questions to Ask
When deciding on a cybersecurity vendor, MSSPs need to ask themselves a few questions, “Has this vendor done the work to make this an easy journey for me? Do you have demonstratable success in doing this with other partners? Have they done what's required to make sure that I'm not creating five different islands, but I'm building a city that is all interconnected in a way that my processes and people and customer experience can all be predictable?” Obviously, for a MSSP to be successful the answers to these questions must be “yes.”
One of the best examples of “an easy journey” is how vendors like Fortinet took a next-generation firewall (NGFW) and added SD-WAN, and then rolled that into SD-Branch, and continued to bring additional offers to market in the form of things like Universal ZTNA. An MSSP needs a partner who has a long, successful history of doing this kind of networking and security convergence.
Indicator of Future Success
Unlike the financial investment disclaimers that say past performance is no guarantee for future success, a cybersecurity vendor's history is indeed a great indicator of future success.
Therefore, some of the primary questions that MSSPs need to be answered are:
- Has the vendor done this before?
- Do they have successful MSSP’s already?
- Is this part of their DNA?
- Is this how they think?
The responses to these and the previous queries mentioned above, will really give a MSSP an understanding of whether it’s likely going to be successful with a new vendor or not.
Where the Industry is Going
Leading cybersecurity vendors are conversing a lot about the convergence of networking and security. For MSSPs, this trend in particular needs to be paid close attention to. The level of change as this trend continues is significant and has the potential to disqualify some MSSP’s from success in the market. Cybersecurity partners that can help MSSP’s successfully navigate these industry changes will be the most strategic partners for them moving forward.
In summary, our advice for MSSPs is to work with a vendor that offers the right technology and is anticipating where the industry is going. Also, work with a vendor with demonstrable proof and a history of building on its own solutions to create new incremental offers. Additionally, MSSPs should commit to building a long-term relationship only with a vendor that's going to be around for the long term.