How to Become a Managed Security Service Provider (MSSP): Your Customer Depends On It

Be Different. Deliver Excellence.

Sep 18, 2018

Recorded Webinar (Above): "State of Managed Security Services: Survey Results & Panel Discussion" (August 2018) moderated by Greg VanDeWalker (Vice President of IT Channel & Services, GreatAmerica & Collabrance), with featured panelists Dan Hoban (Executive Vice President & Chief Strategy Officer, Nuspire), Brian Wells (Director of Product Development, Collabrance) and Jay Allpress (Vice President of Informational Security, GreatAmerica).

Last week, Collabrance was honored to be ranked as a Top 100 MSSP by After Nines Inc. and MSSP Alert who tracks the world’s top managed security service providers who specialize in comprehensive cybersecurity services.

“Collabrance stands out fiercely in the competitive cybersecurity market.” – Amy Katz, CEO of After Nines Inc.

The transition for Collabrance to provide an MSSP offering did not happen overnight. After several months of in-depth research and evaluations, Collabrance enhanced our technology roadmap to include the security components necessary for our partners to differentiate from the competition, and provide the services end-user customers seek, but here is why we made the move to provide the Master MSSP offering…

Why MSPs Should Transition to an MSSP

In today's IT marketplace, network security is at the forefront of your customer’s mind and plays a major role in their decision to partner with a managed IT company. This was confirmed in a recent TechValidate survey done by GreatAmerica that found 87% of MSPs have lost business because their security offering was lacking something a customer needed. When the same question was asked to those who identify themselves as an MSSP, only 5% reported losing customers because a lack of security offering. This large gap may highlight the opportunity MSPs have when it comes to transitioning to become an MSSP.

5% of MSSPs vs 87% of MSPs have lost business because their security offering was lacking something a customer needed.

Service levels, response times and even 24/7 help desk availability are all major factors in the ultra-competitive landscape of managed services. But transitioning your IT business to a Managed Security Service Provider (MSSP) solution can be a catalyst to customer retention, lasting monthly recurring revenue (MRR) and profitably scaling your business well into the future.

I recently moderated a panel of security experts on a webinar (see above) to review the results from our GreatAmerica survey of over 200 IT Service Providers to understand the state of security offerings in the IT Channel. Before I jump into key findings from the survey, let’s quickly consider what can differentiate a Managed Security Services Provider (MSSP) from a Managed Services Provider (MSP).Managed Security Service Provider (MSSP) vs Managed Service Provider (MSP)

While the difference may seem slight to an end user, there can be a whole host of IT goods and services that can differentiate MSP from an MSSP. Today, there is no clear distinction of what defines an MSP verses an MSSP, but here is one way to think about it.

Managed Security Service Provider (MSSP) vs Managed Service Provider (MSP)

What is an MSP?

An MSP provides a standardized technology stack and proactively manages a customer’s IT or infrastructure issues while providing a remote help desk for IT support as needed. MSPs are the backbone of companies which allows them to focus on their core business instead of their IT.

What is an MSSP?

An MSSP is similar to an MSP, except an MSSP also specializes in security for their customer in addition to the standard managed IT services, in most cases. While the term "MSSP" is fairly new, the majority of MSPs have yet to develop the security solution(s) needed to this new, growing market of cybersecurity needs.

“Name one item in your stack that doesn’t involve security? It is impossible as everything involves security in today’s IT world,” Jay Allpress (VP Information Security GreatAmerica) shares on webinar.

While an MSP may do things securely, an MSSP has a distinct focus on security in their managed IT services offering.

IT Security is A Multi-Billion Dollar Industry from Both Ends

A small business should expect 1-2 security events per month and a medium business, almost 1-2 a week.

This is a great opportunity for MSPs to differentiate themselves and position their IT business as an industry leader as only 18% consider themselves an MSSP.

“Hacker organizations have thousands of employees working around the clock trying to break into your network, your customer and the companies under your watch only have you,” says Dan Hoban, Executive Vice President and Chief Strategy Officer with Nuspire. That is why having a managed security service strategy in place for your customers covering all of their IT needs is a critical evolution from an MSP to a MSSP.

Offering Solutions Securely (MSP) or Also Offering Security Solutions (MSSP)?

Installing a printer or wireless access point securely on the network is a responsibility regardless of your focus. Our expert panelists agreed with the survey that the biggest focal points should be having a Security Information Event Management (SIEM) solution and Vulnerability and Penetration (VUL/PEN) testing. This supports findings in our survey that rank these two security components as to what Service Providers are looking to add next to their managed services offering.

Many MSPs have a reactive plan in place for their customer's network, however, implementing a proactive strategy is critical to the health of your customer's network. “It doesn't matter how many tools you have in place, if they aren’t working properly nothing else matters. You need SIEM as well as Vulnerability and Penetration testing to ensure everything works,” says Jay Allpress.

IT Security Is a Giant Game of Leapfrog

Billions of dollars are stolen annually from hacking and cybersecurity breaches. These cybersecurity breaches will only increase to trillions of dollars in the next few years. These aren’t predictions, these are facts according to Dan with Nuspire who stated that MSPs need to continue to evolve and innovate or risk being left behind.

Cybercrime and data security breaches are all risks that IT Service Providers manage as networks continue to expand well beyond the traditional office walls. Becoming an MSSP presents a great opportunity for MSPs to evolve and secure lasting MRR and customer retention.

How to Transition From a Managed Service Provider (MSP) to a Managed Security Service Provider (MSSP)

With 25% of our survey respondents saying they are currently in transition, the question remains how do you transition to an MSSP and scale profitably? Brian Wells, our Director of Product Development, has had the unique opportunity to work with hundreds of Managed Service Providers:

“Even if you had the time and money for everything that goes into becoming a Managed Security Service Provider you can’t be good at everything. There are so many hats; you are your customers vCIO, you acquire hardware, software, migration services - they are calling on you for everything. You need to partner with companies who are the best of breed to stay ahead of your competition.”

Outsourcing with the best in class to provide a full-service and robust Managed Security Offering can help reduce mutual risk, cost and time in implementation.

Partnering with a Master Managed Security Service Provider is the MSSP Fast Track

Paul Dippell, CEO at Service Leadership, has worked with thousands of Managed IT Service Providers and found that 95% of MSPs who partnered with a Master MSPs, like Collabrance, have successfully bought into that business model. Partnering allows you to gain all of the expertise with minimal ramp-up time to get to profitability.

Becoming a true MSSP requires a lot of time and resources, hiring the right personnel and training that personnel because security services are not “set it and forget it” technologies. They take constant monitoring and calibrating to make sure implementation is done right for your customer. Click here to download our MSSP Checklist

Collabrance: A Master MSSP Offering You Can Trust

With so many elements to consider when building your MSSP offering, Collabrance can help you supplement and scale your services the right way. We partner with industry leaders in all aspects of IT, the due diligence has been done for your business. Our Product Development Team is dedicated to vetting and managing vendors in a strategic technology roadmap that is customer-focused.

We are a Master Managed Service Provider who provides a Master Managed Security Service Provider Offering, 100% Midwest-based with a live answer help desk available for you. The list of our value-add services is extensive, so whether you need help positioning and selling your offering or hiring and training your team, Collabrance has you covered.

Ready to Partner With a Master MSSP?

Set up a time to speak with us today so we can help you add that extra "S" to your suite of services that means added MRR, added customer retention and scalability for years to come.

Enhance Your IT Security Portfolio with Collabrance Master MSSP Offering



Collabrance Overview Webinar

Thursday, September 20th @ Noon Central

Join our upcoming webinar to learn more about how Collabrance can help you scale faster with our Master MSSP Offering!

Register for Webinar





Category: Technology

About The Author

Greg VanDeWalker

Greg VanDeWalker, Senior Vice President of IT Channel and Services, is responsible for the strategic vision and performance of Collabrance and the GreatAmerica IT and Unified Communication Financing business units. Greg has consistently been recognized for his leadership in the IT channel. Most recently, he was named a ENX Difference Maker 2017. He was also honored by CRN in 2016-2018 as Channel Chief, and was named on the "100 People You Don't Know But Should" list in 2015. Greg has also served as Chair of the inaugural Managed Print Services Community of CompTIA, and has helped various advisory boards in the IT, Telephony and Office Equipment channels.