The Time is Now for a Security Conversation

In our first ‘Meeting of the Minds’ instalment, we highlighted the growing market share claimed by Managed Security Service Providers (MSSPs) as a trend that deserves the attention of ICT Partners and providers.  

It’s true that conversations about security are becoming front and centre at many Australian organisations as the cybersecurity threat landscape becomes increasingly complex and as news of data breaches continues to dominate media headlines.  

But despite the growing demand for these services, many Partners continue to utilise legacy security solutions—and too often, they struggle to recognise the value of bringing new solutions to market to meet consumer demand. Whether or not you are considering a move to Azure or the development of a new cloud-centric business model, the need to expand into security can’t be ignored. 

Here’s what you need to know, and what options exist to help you mitigate risk when developing a security practice: 

Key Customers are Seeking Security Solutions

Small- and medium-sized businesses (SMBs) in Australia are ready to hear about security—and they’re increasingly going to market looking for Partners who can support them with audits, assessments, and managed security services. 

We've seen such a huge rise in very basic security attacks, as findings from the Australian Cyber Security Centre and the most recent Notifiable Data Breaches report confirm. As a result, we’ve had Partners come to Dicker Data who have chosen to audit themselves and their customers and realise they’ve come up short. We’ve even seen customers audit themselves and come back to their Partners to say, ‘you know, we’re in a potentially bad situation.’ 

Requests for proposals (RFPs) represent another area where this security conversation is already happening. Several Partners have come to us when they’re responding to a request for proposal and there's a significant number of security requirements in that RFP. Sometimes they're not very well-equipped in responding to them. 

View our video on the Market Opportunity in SMB for Security for more information.  

What We See Holding Partners Back

It isn’t wholly surprising that many Partners aren’t well-prepared to meet their customers’ cybersecurity needs. For several different reasons, Managed Service Providers (MSP’s) and hybrid cloud providers have all struggled to build and develop sustainable security practices.  

• First, and perhaps most critically, they may fail to recognise the importance of cybersecurity to their customers. Unfortunately, this mistake may leave them vulnerable to disruption by Partners who have implemented more security-focused offerings. 
• Others lack confidence in their internal skillsets, believing that delivering security solutions requires a depth of specialisation they lack. 
• Many have struggled to hire the right talent in today’s challenging labour market, contributing to their delays in bringing security solutions to market.   

• Some Partners have struggled to keep up with product changes over the past several years. As a result, they may not be fully aware of the security features they already have access to—or of how easily many of these features can be turned on for their customers. 

• Partners who are providing private cloud or hybrid solutions leveraging SPLA are finding it difficult to understand how to compete with Microsoft’s offerings and remain relevant to their customers. 

• Partners who host infrastructure and sell Infrastructure-as-a-Service (IaaS) may see themselves as being removed from the security conversation, due to the nature of their offerings. Yet even though much of the responsibility for security falls on the end-users renting space from them, these Partners aren’t immune to consumer evaluations that prioritise security. 

• The new Notifiable Data Breach legislation in Australia has caused many partners to fear potential liability if a customer's data is attacked. In addition to the costs associated with a breach, customers are also asking for new compliance considerations. This can leave partners wondering if investing in a security practice build is worth it. 

Overcoming Fears and Reducing Risk

While many of these concerns are justifiable, Partners can’t avoid questioning whether or not their existing solutions truly protect and mitigate risk for their customers—let alone how they should be responding with security-centric offerings.  

“We are seeing many Partners investing heavily to mitigate risk for security,” describes Jakub Wolinski, Cloud Services Manager at Dicker Data. “But many are still unsure if their investment truly provides the security posture needed in today's security breach landscape.” 

Fortunately, solutions and strategies exist that can help Partners move past these concerns, while simultaneously minimising their exposure to risk. That’s thanks, in part, to Microsoft, which provides numerous tools and resources to benchmark security posture and make customer recommendations, as well as ongoing options that support Partners and their customers in increasing their security ratings. 

A good example of this is the combination of Microsoft’s cloud-native SIEM (Azure Sentinel) and integrated XDR (Microsoft Defender) offerings, which Partners can use to build managed detection and response services that deliver end-to-end visibility and clear risk prioritisation to customers.  

As a result, introducing security offerings doesn’t need to represent a major undertaking on Partners’ behalf—nor does it have to mean competing directly with Microsoft. Instead, it’s about adapting complementary offerings,  or extending your existing solutions and reducing your direct risk with the shared responsibility model.  

In some instances, this can be as simple as uplifting Partners’ licences—straightaway, they can have access to new security capabilities that they can start rolling out. In other cases, there may be opportunities to bolt ‘good, better, best’ security packages onto Partners’ existing managed services tiers. 

It’s also important to recognise new capabilities coming from vendors. Beyond Microsoft’s native multicloud protection for Azure, AWS, and Google Cloud Platform (GCP), some of Microsoft’s built-in product features can detect a potential threat or suspicious activity, they can then investigate that, and potentially fully remediate the whole threat without any human intervention.  

Not only can these and other capabilities help Partners struggling to hire amidst the current skills shortage, but they can also offload some security responsibility from Partners and customers to Microsoft.   

How Partnerships Fuel Security Success

Dicker Data’s ongoing support and guidance make improving your security posture and developing a security offering easy, as you’re able to take advantage of the industry-leading resources—which encompass everything from technical and sales enablement, to go-to-market—accessible to all our Partners.  

With Dicker Data’s Cloud Security Ascend program, for example, we give Partners awareness into how they might monetise security. And then, we take them to market and bring that Microsoft branding with us to bolster the sales process and help them get the first few deals across the line. 

To start exploring security, take a look at the following handpicked resources: 

• Good, Better, Best guide to security managed services 
• Conversation guide​ to Security for Small Business customers 
• Microsoft best practice for securing remote workforce 

Missed the first installment?  2022 Partner Prospects - 4 Key Trends to Watch