Security Skills Gap Drives MSSP Growth

Now at an estimated four million open jobs, the ongoing shortage of qualified security professionals presents both opportunity and challenge to many service providers. According to findings from NETSCOUT’s 15th annual Worldwide Infrastructure Security Report (WISR), many enterprises want to outsource all or part of their security services to third-party providers. But while service providers are eager to take advantage of this market opportunity, they are squeezed by the same skills shortage. Their continued success depends on their ability to solve the skills gap and thwart attacks on their own networks.

There are three key factors:

1. Market Opportunity.

Over the past 10 years, service providers have used the knowledge they’ve gleaned from their own experience battling cyberthreats to create service offerings that address acute problems for their enterprise customers. In fact, 60 percent of service providers played the role of managed security service provider (MSSP) in 2019, up from 47 percent in 2018. According to WISR survey data, service providers now offer a wealth of revenue-generating security services, ranging from DDoS (69 percent), firewall (65 percent), and access/VPN services (58 percent), to IPS/IDS (58 percent), security operations center (SOC) (50 percent), and cyberthreat intelligence (38 percent).

The result: service providers have becoming much more strategic and valuable to their customers.

2. Filling the Skills Gap.

Enterprises are finding it increasingly difficult to find qualified employees for internal cybersecurity roles. When asked to identify their most pressing cybersecurity challenges, 59 percent of respondents cited difficulty hiring and retaining skilled personnel,(a number that has risen for the third consecutive year. Meanwhile, 48 percent said a lack of headcount or resources continues to stymie their efforts. Outsourcing to service providers is a solution for many enterprises, but service providers are facing their own skills gap issues. In fact, service providers themselves are turning to third parties for some sort of SOC capability, either to fully outsource security or to augment their existing teams with outside SOC capabilities. The “people” problem is so significant for 42 percent of service providers that 12 percent report they have no SOC at all, 12 percent outsource completely, and 18 percent use a hybrid model.

3. Thwarting Attacks.

While service providers are finding great success as MSSPs, they’re also worried about the same security issues as their enterprise customers. Top targets for cybercriminals include customer-facing applications and cloud services. Attacks on publicly exposed service infrastructure increased dramatically in 2019, with 51 percent of service providers reporting this as a major issue compared with only 38 percent in 2018. Considering the widespread use of these attacks, it’s not surprising that they’re a top 2020 worry for 55 percent of service providers.

Meanwhile, inbound DDoS attacks from external networks remained the top threat for service providers, with 69 percent of respondents considering this a major issue, highlighted by the growing number of difficult-to-defend techniques being used. Internet of Things (IoT) botnets, reflection/amplification techniques, and DDoS-for-hire services are making attacks more distributed, complex, and powerful than ever. Another growing threat is the increase in outbound/crossbound DDoS attacks from on-net customers and devices, which was reported by 31 percent of respondents.

Many service providers have carved out a nice niche for themselves as outsourced MSSPs. Their continued success, however, is dependent on their ability to solve their own skills gap and thwart attacks on their own networks.

Read the NETSCOUT Threat Intelligence Report to gain a better understanding of the evolving threat landscape.

Hildebrand is senior strategic marketing writer, NETSCOUT.