Capable security partners succeeding with Cisco

Cisco’s UK security chief has highlighted the success of partners that are able to wrap services around its technology. The firm has seen a growth in managed security service providers (MSSPs) and is hunting for more as it responds to evolving threats.

Scott Manson, director of cyber security UK&I at Cisco, said that it has found that those channel players capable of adding more services depth and covering end-to-end security needs were generating more business.

“It’s easier to work with high-skill partners, and the ones that really understand the full end-to-end lifecycle of cyber security,” he said.

“As Cisco, we have great intellectual property, technology and a huge amount of innovation going...We’ve never been doing so much integration work of our own technology [as now], because we’ve just grown exponentially over the past two years in terms of acquisition and really pushing in this market. We are only as good as that channel partner, because we are fulfilled directly through channel discussions.

“The best of our engagements are always with channel partners that have built a service wrapper around what we offer. They are able to create margin for themselves, profitability that they can reinvest back into their services,” he said.

Manson said that the vendor was continuing to look for more resellers with those skills because the market was continuing to evolve, expand and present a larger channel opportunity.

One challenge was finding partners able to confidently sell and support security and who understand the challenges customers were facing.

“Cyber security is a little bit like salt. Of course, you can have too little, but you can also have too much, so it’s a fine balance between the two. Either way, it’s detrimental or harmful to the organisation,” said Manson.

“If it’s too obtrusive for the users, then you get apathy, productivity issues, and being able to progress and innovate in the market becomes very difficult. But if you release the brakes of security completely, then you’ll end up crashing into the wall because you’re going too fast,” he said.

In terms of the areas where he expected the channel to be busy, the majority of threats are well-known, but remain persistent across the customer base.

“These are well-trodden threats out there and they change and vary from year to year, but they are quite unmistakable. In terms of the repeat offenders, you wouldn’t be surprised to know the most used attack vector is still email. From a phishing and ransomware perspective, you see so many challenges in that area,” he said.

He added that the internet of things (IoT) and operational technology were a key criminal target, and concerns around cloud computing also continue.

The need for the channel to deliver education also remained a priority, with attacks exploiting human weakness still finding a way through company defences.

“Social engineering is huge and the insider threat still becomes a major issue,” he added. “Employees who haven’t been trained properly...increase the attack surface because those individuals aren’t able to take care of their own domain very well, and they’re sloppy, and that’s how things enter into networks and environments,” he said.

The final area where the channel can not only protect, but also needs to ensure its own house is in order around protecting the supply chain.

“We do work in an ecosystem, and many of our customers with supply chain connection. You are really only as strong as your weakest link. If your supply chain is not up to a certain standard, then you may as well not be investing millions of dollars in services and products,” he said.

Manson said the firm had a strong channel, decent portfolio and was operating a growth market, so the company is looking forward to the rest of 2024.

“We make sure that everything we put into our customers can be onboarded, adopted and drives cyber maturity. Quite often, we will go back with the partner and do an assessment of a project, widget, managed service, and so on, and questioning how it increased the customer cyber efficacy and maturity,” he said.

“If you can’t turn around after three to six months, and say the fidelity of your security roll-out has increased by a quantum quantifiable amount, then you are just selling dreams...We’re really big on that – and, again, that’s where channel partners come in,” he concluded.