The channel is key to plugging cyber skills gap

If there is going to be one theme that continues from year to year, it is the desire by customers to work with channel partners to help solve security problems

This article can also be found in the Premium Editorial Download: MicroScope: MicroScope: Opportunities in security

When we all shouted “Happy New Year!” as the clock struck 12am as 1 January 2022 arrived, how many of us could have predicted just how tough a year it would prove to be?

Inflation, soaring energy prices, rising interest rates, the aftermath of Brexit, supply chain disruption, the lingering effects of Covid-19, unprecedented political turmoil at Westminster, the illegal Russian invasion of Ukraine – these all contributed to making 2022 an extremely challenging, and insecure, year for everybody.

Perhaps the uncertainty, upheaval and general insecurity over the past 12 months is one of the reasons why cyber security is considered by many to be the most promising growth area for channel partners in 2023. It’s also likely because cyber security was already doing very well in 2022 – Canalys recently reported that just under 91% of sales in the third quarter for the worldwide cyber security market came from the channel, with channel sales growing at a faster rate than direct sales.

The market research company also revealed channel partners were optimistic about the opportunities in cyber security in 2023. As many as 27% expected their cyber security revenue to grow by more than 20% in 2023, with a further 27% anticipating growth of 11% to 20%. Only 10% of partners expected cyber security sales to decline in 2023. 

Gabe Luis, senior director for Western Europe at Infoblox, says: “[Cyber security is] particularly critical and will probably even see rises in expenditure in some sectors. Cyber crime is already a multi-trillion dollar businessand its on a hockey stick growth curve.” 

He argues that cyber criminals love the doubt and uncertainty that comes from recessions, wars and political instability, adding, “Enterprises – and the solution providers they rely on – will have to double down on the most effective means to address the threats.”

Greg Jones, EMEA vice-president of business development at Datto, believes there will be a significant opportunity for partners as companies look to outsource more of their security. “Ransomware and cyber crime show no signs of slowing down. Supply chain attacks will remain a headache, connected devices and remote working have brought new risks, and social engineering is becoming smarter,” he says.

Attackers are using artificial intelligence (AI) and machine learning (ML) against their victims, scraping information off social media platforms, tracking usersbehaviour and exploiting certain windows of time when they may be more susceptible to attack.

“Couple all this with shrinking IT budgets and a shortage of cyber security professionals, and businesses have a perfect storm on their hands,” says Jones. “Offering extended security services will be a huge opportunity for MSPs [managed services providers] that can fill talent gaps, add agility and provide the right expertise.”

Michael O’Hara, group managing director at DataSolutions, adopts a similar view. “We will see continued growth in MSSP solutions as businesses struggle to hire and hold onto in-house security experts,” he states.

O‘Hara reveals that a recent survey by the distributor found 89% of SME leaders were increasingly concerned by the growing risk of cyber attacks in the form of ransomware and malware. “It revealed an alarming lack of expertise within SMEs capable of dealing with cyber security threats and incidents,” he adds, with 43% of SMEs struggling with the expertise required to address security threats, and 45% struggling with the manpower and IT budgets required to manage threats.

A piece of the puzzle

It’s easy to see where a channel partner might fit into that particular jigsaw.

Johnny Ellis, Arctic Wolf EMEA channel director, believes that even if the market gets tougher for partners in 2023, its unlikely there will be a full recession in the cyber security market.

“Threat actors dont stop during times of hardship, meaning businesses always need to invest in cyber security…executives will head into 2023 with a renewed understanding that cyber security is a never-ending problem, leading many to seek out platforms that adapt to their needs, rather than solving a problem at one specific point in time,” he adds. 

Robert Brower, senior vice-president of worldwide partners and alliances at Druva, believes that security and cyber resiliency services and platforms “will continue to receive the highest levels of attention and spend by customers, so expect to see large spends on cyber security in the channel”.

Michael Rogers, vice-president for global alliances at CrowdStrike, says: “Businesses will be forced to optimise security and IT costs as a result of the global marco-economic shift”, adding that there will be growing pressure from customers for vendor consolidation, resulting in a shift to platform vendors that offer solutions under a single umbrella, and partners will fuel this vendor consolidation. 

He also believes manages security services providers (MSSPs) and global system integrators (SIs) will serve a critical role in addressing the ongoing global cyber security skills shortage. He cites the (ISC)2 2022 Cyber security workforce study that claims there is a gap of 3.4 million people in the cyber security workforce. “As a result, organisations will look to MSSPs and GSIs to fill this gap,” Rogers says.

Michael Paye, vice-president of research and development at Netwrix, agrees that a shortage of cyber security professionals could be a big opportunity for partners, describing understaffing of cyber security teams as one of the main challenges organisations will face in 2023. “Demand for these professionals is already far outpacing supply. The trend is likely to affect the market already in the first quarter of the upcoming year,” he adds.

In a bid to overcome the shortages, more organisations will come to “rely on their trusted security partners, such as channel partners, system integrators, MSPs, and MSSPs”, he says. Staff shortages will also give channel partners “more opportunities to act as trusted advisers for their customers to deliver the expertise that their clients might be lacking due to understaffed IT teams”.

N-Able CEO John Pagliuca acknowledges that labour shortages will be a significant factor. “Everyone is looking to find ways to increase quality and satisfaction with the same or fewer resources, and I believe that its one of the biggest things that will help MSPs leverage this growth climate,” he says. “Labour shortages are forcing everyone to have a look at where automation can free up time, and managed services experts have the advantage here to help deliver the consistency and reliability that businesses demand.”

With most businesses already grappling with skills shortages, it will be the channel that will have to step up to plug any gaps
Scott Walker, Illumio

Internal IT teams are no longer able to do everything themselves, he adds, “making co-managed IT one of the biggest opportunities for MSPs, driving them upstream into the enterprise space”. 

Scott Walker, EMEA channel sales director at Illumio, also believes the channel will take the lead in plugging the cyber skills gap. Economic uncertainty will force organisations to put their hiring plans on hold. “We’ve already seen the start of a wave of layoffs in the technology sector, and with most businesses already grappling with skills shortages, it will be the channel that will have to step up to plug any gaps,” he says.  

Highly skilled individuals within the channel who can see the industry and its shortcomings from all angles, will be critical in providing the upskilling, consultancy and technology needed to reduce cyber security risks and build resilience, he adds. 

Datto’s Jones suggests that the reluctance to spend money and invest in new solutions in an uncertain economic climate could prove an opportunity to make existing processes more efficient with intelligent automation. “Staffing issues are forcing businesses to do more with less, while at the same time having to decrease operational costs. MSPs and their clients can ride the wave by building in more automation, which will ultimately help them be more profitable and productive,” he says.

In terms of processes that can be automated easily, he cites labour-intensive and repetitive tasks” such as reconciling expenses, diary management, documentation and other administrative tasks, adding that “there are opportunities across almost every area of a business”.

“[Companies should] have a frank conversation with their MSP partner to find all the processes, especially outdated ones, that could be improved,” says Jones.

Areas of growth

While partners may become more attractive to customers, Dave MacKinnon, chief security officer at N-able, makes the interesting point that they will also be more attractive to cyber criminals. I expect that, in 2023, MSPs will continue to be a top target for cyber criminals,” he says. “MSPs need to lead by example and implement the same technologies for their customers that they use to help secure their own businesses.”

Corey Nachreiner, chief security officer at WatchGuard, says the prevalence of supply chain attacks in the past two years is likely to make customers more interested in the security profiles of their channel partners. “Organisations are increasingly concerned with the security of partners and vendors they do business with. After spending so much time refining their own defences, it would feel especially frustrating to fall due to someone else’s security errors,” he remarks.

Companies are making a vendor’s own internal security practices a key part of the product selection decision – so much so that vendor validation and third-party risk analysis have even become a new industry vertical, with products that help survey and keep track of your outside vendors’ security programmes, says Nachreiner.

“In short, during 2023, the internal security of vendors will become a top selection factor for software and hardware products and services – right below price and performance,” he adds. 

The other area that could spur growth for partners in 2023 is sustainability. Neil MacDonald, UK & Ireland channel director at HP Inc, says: “[Channel partners] are telling us they’re increasingly being judged on their sustainability credentials as part of their RFP new business process. Our channel partners want to understand specifically how they can promote more equitable supply chains and start driving a circular and low-carbon economy, while still generating more new business.” 

Some of the larger resellers can afford to have their own strategies and teams dedicated to tackling sustainability, but many smaller and medium-sized resellers have requested extra support and guidance from the vendor.  “As a result, sustainability has become an open, evidence-based topic of conversation between HP account managers and our channel partners, because it represents a competitive advantage,” says MacDonald.

“[HP is] helping sales teams to constructively discuss sustainability with prospects and customers, to better communicate what their organisation is doing in the most effective way possible, and to earn more revenue [through its HP Amplify Impact programme],” he adds. “Having these kinds of discussions regularly, and keeping them going, is one of the best examples that company culture is evolving to make sustainability more of a priority.

MSPs need to lead by example and implement the same technologies for their customers that they use to help secure their own businesses
Dave MacKinnon, N-able

MacDonald points out that customers are aligning themselves with organisations that prioritise sustainability, as shown by the $3.5bn gained in new HP sales influenced by sustainability in the company’s fiscal year 2021.

Paul Flannery, vice-president of international channel sales at Epicor, says there’s a growing awareness that the only way whole industries are going to significantly reduce emissions is by managing the sustainability of their connected supply and value chains. “Otherwise, its too easy to claim one company is greenwithout acknowledging that the companies it buys from arent,” he adds.

But there’s a complication in that rising interest rates, energy costs and many other factors, mean survival over the next six months and beyond is the most pressing issue for most businesses. As a consequence, Flannery argues that channel partners and vendors “need to strike the right balance in their own marketing and sales pitches to technology buyers”. First and foremost, the solutions they recommend need to help customers improve their resilience and increase profit margins to justify the investment when spend is under increasing scrutiny.

But the technology also needs to help buyers achieve their business goals without rolling back any progress thats already been made on decarbonisation or emissions reduction, he says, as the C-suite needs to report to stakeholders (including investors, media and consumers), that their operations and the vendors they work with are taking steps to become greener.

Flannery is adamant that “pleading ignorance down your supply chain isn
t good enough”, adding: “This positioning challenge is where channel partners can provide trusted guidance on the right technology buying decisions, which will give the C-suite the confidence it needs to proceed.”

Richard Eglon, chief marketing officer at Agilitas, agrees that 2023 will provide an opportunity for channel businesses to enhance their sustainability initiatives and re-focus their efforts on the circular economy. “As the consumption of technology continues to increase, ESG is quickly becoming a prerequisite when it comes to building partnerships in the channel,” he says.

“Organisations that have taken the lead in terms of tracking their upstream and downstream supply chains and carbon emissions will be miles ahead and will have opportunities to partner with other businesses that share the same ethos and spur growth in the future,” he adds.

Christina Walker, global director of channel sales and programmes at Blancco, argues that 2023 is poised to be the year of business sustainability regulations. “The role of system integrators, MSPs and the channel partner community overall will evolve to serve a growing and more sophisticated business sustainability market,” she says.

This means that partners will become more involved in advising, tracking and reporting on ESG performance for the purpose of achieving regulatory compliance. Walker says that partners are already prioritising vendors based on sustainability value propositions. “Along with sustainability tracking platforms, this is a big part of the future vision for collaborating with technology suppliers,” she concludes.

Now that we’ve arrived in 2023, let’s hope there’s a lot more “happy” about this new year than the last.

Read more about the channel in 2023

Read more on Threat Management Solutions and Services