Market Report

Digital defenders

Cybersecurity
How is the cybersecurity market evolving? And what opportunities remain for resellers and MSPs? Comms Business finds out more.

As our world becomes more intrinsically entwined with technology, threats and risk in the digital sphere are reaching new heights. Organisations and businesses must take cybersecurity seriously to protect their employees and customers and to avoid disruption to their operations.

This means cybersecurity is in the spotlight, with organisations continuing to invest in technologies in this space despite uncertainty in the economy.

Mark Kent, head of channel, UK, Kaspersky, outlined the challenges businesses in the UK are facing. He said, “The main challenge revolves around the vulnerability and risk of falling prey to cyberattacks, particularly data breaches and ransomware. Threat actors are continuously improving their techniques, receiving better funding, and becoming more prepared to execute sophisticated attacks.

“It might sound simple, but here in the UK it is crucial for organisations to focus on getting the basics right to enhance their cybersecurity posture. Far too many times we are seeing the same kind of attacks and personal data being held to ransom, supply chain attacks for example, which have become a primary concern. Organisations need to ensure they have strong defences against phishing and social engineering, as these tactics are often used as stepping stones for attackers to breach businesses.”

The explosion in data is a key driver of cybersecurity requirements. Organisations today generate data every minute of the working day, and much of this needs to be secured.

Tom Fowler, CTO at CloudSmiths, said, “In today’s fast-paced digital era, businesses across the UK are grappling with the complexities of the cyber world and the myriad challenges that come with it. The importance of data security and compliance cannot be overstated, particularly in the context of cloud computing.

“The ever-looming threat of cyberattacks necessitates proactive measures such as firewalls, intrusion detection systems, and regular security assessments. Technological advancements undoubtedly bring numerous benefits. However, they also introduce new vulnerabilities, underscoring the necessity for businesses to forge strategic partnerships with tech experts to safeguard their systems and data.”

Despite businesses being aware of the importance of cybersecurity, they are still keen to reduce costs where they can. Spencer Starkey, VP of EMEA, SonicWall, explained, “One of the major cybersecurity challenges that UK businesses face is remaining secure with dwindling security budgets. As more and more security teams are cut down, there is an increasing workload that needs to be consistently managed.”

Even in businesses where there is adequate budget for security professionals, sometimes the talent pool is too small to hire the right people.

Rick Hemsley, cybersecurity partner, UK and Ireland, EY, said, “The more persistent challenges remain the lack of cyber talent, which is increasing the need for automation for many organisations. Alongside this, employee engagement is now becoming the weakest link rather than the strongest line of defence for an organisation.

“There is an increasing need for human factors tooling and investment into effective education resources to engage and train employees across an organisation. Employees need to be engaged and educated to build effective proactive and strategic approaches to cybersecurity. The whack a mole approach to cybersecurity is not functional or sustainable and its leading to stress and burnout.”

Bob Layton, chief channel officer, eSentire, highlighted the reality that many organisations in the UK do not know how to go about mitigating these risks.

He said, “The cybersecurity challenges facing UK businesses and organisations are very broad. Addressing the rising sophistication of cyber threats, such as phishing, vishing, all manner of business email compromise, and ransomware, is quite daunting.

“Add to these the challenges geopolitical tensions are posing to organisations around the world, and many don’t even know where to begin.” This is where the Channel comes in.

Developing an offering

So, how can channel companies develop compelling cybersecurity offerings? Lauren Marsden, senior director of channel, EMEA, Forcepoint, explained why zero trust can be a good approach.

She said, “An effective cybersecurity offering is one that enables businesses to focus less on the traditional threat-centric approach to security and more on user behaviour. Through a guiding principle of ‘never trust, always verify’, a zero trust approach builds an additional layer of assurance by only granting access to specific data or documents that users are authorised to see, or until their identity can be verified.

“Part of this philosophy includes monitoring network activity, and how users are interacting with data to establish a baseline of normal activity. If there is a sudden change in behaviour, it can be flagged as suspicious – resulting in closer monitoring or increased security provisions as needed.”

Kaspersky’s Kent explained why evaluating the needs of your customer base is the perfect starting point. He said, “Channel organisations should focus on understanding their customers’ specific needs and tailoring solutions accordingly. Specialising in a particular area and offering a suite of products that meet customers’ security requirements can be beneficial. However, since every organisation’s infrastructure and layout differ, a fully customisable approach is essential to fit their unique security posture.”

Kent also discussed the add-on services that channel partners can offer their customers. He said, “Assisting customers in building effective incident response plans is also important. These plans should go beyond being mere tick-box exercises and include real-life simulations to prepare employees for handling actual security incidents. Offering more comprehensive incident response support than necessary can be beneficial, as incidents like ransomware attacks often reveal the importance of solid foundations and the ability to recover effectively.”

The objective, Kent said, is to be a trusted advisor for your customers. He added, “To become a trusted advisor, channel companies should leverage support networks with their vendor partners and invest in developing expertise around security. By fulfilling their customers’ strategies and providing valuable guidance, channel companies can solidify their position as trusted security advisors.”

Mark Pillow, managing director, Voip Unlimited, added, “Cybersecurity circumvention tactics are constantly evolving, especially those leveraging artificial intelligence, making it incredibly challenging for SMEs especially to stay secure. That’s the value the Channel can bring to its customers, educating them on the risks and the significant impact they can have on day-to-day operations!

“Everything from two-factor authentication and connectivity options to private networks and interconnects, should be covered in conversations so that businesses can make an educated decision around how to protect themselves, as should DDoS attack mitigation.”

The ability to customise your solutions can also be important. Fowler, from CloudSmiths, said, “To add value, channel companies should deliver customised cybersecurity solutions tailored to the specific needs of clients. Thorough assessments and vulnerability identification help design solutions that effectively address vulnerabilities.

“By offering proactive monitoring and incident response capabilities, they enhance their offerings and enable continuous monitoring, quick detection of security incidents, and minimise the impact of breaches.”

Fowler added that data governance plays a “crucial role in unlocking the full potential of cybersecurity in the channel industry”.

He explained, “By establishing robust practices, channel companies build trust and confidence by ensuring data accuracy, integrity, and confidentiality. Effective data governance enables the identification, classification, and protection of sensitive information, mitigating risks of breaches and non-compliance. Furthermore, it enables proactive monitoring, incident response, and customisation of cybersecurity solutions. With data governance as the foundation, channel companies deliver comprehensive security solutions that safeguard client data, ensure regulatory compliance, and add significant value to clients’ businesses.”

Managed services

In this complex market, Ryan Sheldrake, field CTO, EMEA, Lacework, explained that managed security service providers (MSSPs) are thriving. He said, “Security is complex and needs niche skill sets to implement effectively across the business. This is why many organisations decide to partially or fully outsource monitoring and at least any initial response to a third party, usually an MSSP.

“MSSPs have existing and scalable capability to monitor infrastructure and applications. They bring experience and skill sets that would otherwise be difficult and costly to procure. The MSSP performs initial triage and investigation before escalating to the subject matter experts that exist in the originating organisation.

“This can save huge amounts of time and means the outsourcing organisation can manage costs in parallel with focusing on revenue and business growth, and less on security monitoring.”

What is important is that the solution can make a difference to the customer, and Chris Waynforth, general manager, Expel, highlighted the risk of too many alerts.

He said, “The question channel partners should ask themselves is how they can help solve some of their customers’ most pressing challenges. Those include not enough people and too many alerts, vulnerabilities, and threats.

“One answer is to offer solutions and guidance that address these problems directly and enable customers to extract more value from their tech stack and employees. If we use alert fatigue as an example, channel partners offering solutions that directly reduce unnecessary alerts are attractive to buyers.

“This is because those who provide tailored, built-in automated processes also provide respite to overworked teams. That is something that customers value.”

Paul McLatchie, security strategy consultant, Daisy, added, “Partners must act as the eyes and ears for organisations – monitoring the ever-changing security landscape and recommending solutions and methods to combat threats.

“When this offering is backed up by skills and experience, channel partners can really add value for their customers. Ongoing skills shortages means security roles within organisations remain unfilled – and even the best-laid security response plans cannot be thoroughly executed.

“Providing consultative and hands-on assistance, channel partners have a crucial role to play in modern cybersecurity for organisations.”

Keeping an ear to the ground

It is no secret that cyberattacks are becoming increasingly sophisticated, but the technologies to guard against them are evolving as well. It is vital that channel companies continue to educate themselves on innovations and new approaches to cybersecurity so they can offer their customers the best guidance and solutions.

Fowler, from CloudSmiths, highlighted areas where progress is being made. He said, “The realm of cybersecurity solutions has seen recent advancements to strengthen the security of networks, applications, cloud platforms, and endpoints. This includes deploying firewalls and intrusion detection systems for network infrastructures, as well as vulnerability assessments and secure coding practices for applications.”

Fowler added cloud security is a key focus for innovation. “Cloud security has been prioritised through identity and access management protocols, data encryption, and continuous monitoring.

“Protective measures for endpoints include antivirus software, anti-malware tools, and data loss prevention mechanisms. The integration of artificial intelligence and machine learning allows for proactive threat detection and response strategies, keeping cybersecurity solutions one step ahead of emerging threats.”

The progress made to artificial intelligence, or AI, engines is also opening up new possibilities for cybersecurity protections. Hemsley, from EY, explained, “Recent innovations in automation that are either powered by ML or AI are freeing up time for cyber teams to focus on important issues. Cyber talent can now investigate and mitigate complex threats, while AI functions are taking care of more basic tasks.”

Layton, from eSentire, said channel companies should take a cautious approach here and AI-powered solutions should be examined carefully. He said, “The most recent innovations in cybersecurity have come in the form of AI. However, it is also a buzzword and consumers should not be fooled by what truly is innovative and what is simply marketing.

“In the area of SaaS-based cybersecurity, AI is of particular interest because it allows a service to scale and ingest datasets, with a guided outcome, more easily. It is not just about the ability to digest and process massive amounts of unmanageable data that determines the value AI brings to a cybersecurity service, it is the quality and breadth of data being used to power these AI services.”

Networking and security

The cybersecurity market is also being transformed by changing working practices. Many organisations now require solutions that enable their employees to carry out their work from anywhere. That shift calls for new approaches to cybersecurity.

Marsden, from Forcepoint, explained that a Secure Access Service Edge (SASE) approach can ensure employees can do their jobs without compromising on security. She said, “A SASE approach to security, which encompasses zero trust alongside other cloud native security solutions, is giving businesses the flexibility they need to protect their modern, location-agnostic, hybrid workforces.

“From an employee perspective, SASE makes it straightforward to have a single set of security policies to follow, without interrupting daily workflow. For businesses, it allows them to streamline their processes and reduce their spending on several individual point products, allowing for security and networking to be delivered through the cloud, defined and managed from one place.”

Jon Selway, VP of channel sales in EMEA, Aryaka, added, “Businesses should combine the roles of networking and security, as they are so intertwined already. This enables businesses to consolidate their network stacks, but only when team members adopting that converged role are provided with a best-in-class SD-WAN and SASE solution.

“Employees can then fulfil their entire role with only one platform for both aspects. This means everything from application optimisation, firewalls, web gateways, VPNs and user permissions can all be managed from a single bird’s eye view of the entire network.”

On the horizon

Cyber threats are not going away, so the cybersecurity market will continue to offer channel companies opportunity for growth and to deliver customer satisfaction.

Jack Peters, customer solutions architect, M247, expects AI and the IoT to be key drivers in the years ahead. He said, “As digital transformation continues to advance at a rapid pace, more and more industries and businesses will need to make sure they are protected.

“The frequency of cyberattacks is not going to dwindle in the years ahead, and the cybersecurity market needs to remain agile and ready to develop and deploy software and services that can address new threats as they emerge.

“The market will see the adoption and integration of new technologies such the IoT and AI to develop new lines of defences for businesses of all shapes and forms. These new technologies have the potential to radically impact the cybersecurity market, such as AI powering the automation of threat detection and response in real-time.

“What this means for the cybersecurity market is a surge of new products, software and technologies to help businesses fortify themselves.”

Kent, from Kaspersky, agreed AI will have an impact and explained that cyber insurance could also make its mark in the years ahead.

He said, “The cybersecurity market is expected to witness rapid growth, driven by an increase in the frequency and complexity of cyber threats and the subsequent demand for security solutions. Organisations will continue to face a rising number of serious threats, particularly here in the UK.

“I expect businesses will focus on building strong security foundations, optimising their existing security tools, and leveraging automation to improve incident response times. AI-driven decisions will play a vital role in accelerating incident resolution.

“The cybersecurity market will witness a surge in cyber insurance adoption. However, the effectiveness and benefits of cyber insurance may be a subject of debate, with some preferring to invest in proactive security measures rather than relying on insurance as a reactive measure.”

Sam Paris, VP for security and networking in Europe, TD Synnex, explained the basic principles channel companies should adhere to.

He said, “One of the main challenges for businesses across the UK when it comes to cybersecurity is finding the right solution for them. Organisations want to further their digitalisation efforts to improve their business agility and flexibility, but this opens them up to more vulnerabilities, which could mean more security solutions, and therefore higher costs.

“Channel partners play a role here to advise their customers on what the best consolidation of solutions looks like for them to improve their cybersecurity posture. The most strategic solutions can maintain a high level of security, fill security gaps, and not create more vulnerabilities.”

This market report appeared in our September 2023 print issue. You can read the magazine in full here.

Posted under: