As if the rise in cybercrime wasn’t worrisome enough, many managed service providers (MSPs) are straining under the weight of bloated cybersecurity stacks. Cybersecurity has evolved rapidly over the past several years. Remote work led to threat surfaces exploding in size. Naturally, the volume of cybersecurity tools followed suit.
Every business, MSPs included, has just been trying to keep up.
However, the biggest challenge for many MSPs is that they never expected (nor were they ready) to take on their clients’ cybersecurity efforts. To many, cybersecurity and IT look interchangeable, so MSP clients thought cybersecurity was within their provider’s wheelhouse. Almost overnight, MSPs were on the hook for finding and managing the tools needed to protect their clients against cyberattacks.
All of this has caused many MSP security stacks to become unmanageable, unaffordable, and unsustainable.
What MSP security stacks look like today
Like many businesses today, MSPs struggle with headcount. This makes it hard to assess the tools available on the market, let alone evaluate what they already use. Many tools are point solutions, meaning they’re designed to address one specific problem. So, as each new problem arises, another tool is built and marketed to solve it.
As a result, the average security stack is a sea of acronyms: EDR, MDR, XDR, NDR, AV, SIEM, SOC, SOAR, IDS, DLP—the list goes on.
Considering that every tool has its own data, dashboards, notifications and alerts, costs, processes, vendor support teams, and dedicated training sessions, it’s easy to see why MSPs struggle to keep up. They’re stuck with up to a dozen disparate security tools that fail to integrate and all demand their team’s time, attention, and energy.
Let’s dive deeper into five reasons why these cybersecurity stacks simply don’t work, and what MSPs can do instead to lighten the load and remove some of this complexity.
Why most security stacks aren’t effective
1. A patchwork defence puts clients at risk
Complex tech stacks create a false sense of security. With numerous tools working to keep threats out, it's easy to assume that your clients are fully protected. All the alerts these tools generate, and the data they collect, will imply that there’s no cause for concern.
But less is often more.
Layering point security solutions, platforms, add-ons, and other tools creates excessive noise that makes it difficult to effectively detect and respond to attacks. The likelihood that your team misses something in the chaos increases greatly with every added tool.
Speaking of noise, tools are rarely designed to integrate well with other technologies. Tools speak different “languages,” often resulting in major communication issues and inefficiencies.
2. Complexity overwhelms MSP teams
More tooling leads to more work and more room for error. Your team may struggle to navigate between multiple dashboards. If there are redundancies among the tools in the MSP security stack, they’ll collect too much data and generate too many alerts.
It’s challenging to stay on top of the false positives or duplicate alerts that arise from poorly integrated technology. In the end, this unchecked layering of tools is the best-case scenario for an attacker as they hide or move around safely in the noise.
What’s more, it’s not getting any easier to find the help you need. Like most other businesses, MSPs struggle to find IT administrators, let alone cybersecurity experts with the knowledge and skills to manage all these tools. The labour shortage is acute, and every business feels the effects.
3. Unnecessary costs thin MSP margins
MSPs are depending on more and more software to protect their clients. Each added tool in the MSP security stack raises expenses—not just in the form of monthly or annual fees to the vendors, but also the added cost to deploy, train, market, sell, and manage. It adds up.
Unfortunately, the MSP target market doesn’t have a lot of budget room for price increases. Asking small businesses to pay more, especially if they don't understand the difference or importance of this new service, is a particularly difficult sell.
So, to retain clients, MSPs may lessen their margins to put their services within reach. This tactic negatively impacts the return on investment.
4. Takes time away from other services
Offering managed security services represents a major business opportunity for MSPs. But your clients rely on you for a wide range of services: general help desk, disaster recovery, compliance management, server configuration, cybersecurity, the list goes on.
The problem with many modern security stacks is they take manpower away from the MSP’s other core services. If your stack takes too much time or resources to run, it might negatively affect your ability to deliver the other services your clients rely on.
5. Not sustainable in the long term
The final problem is that complicated cybersecurity stacks are just not sustainable. Adding another point solution each time a cyberattack technique emerges, regulations are enacted, or your clients’ threat surfaces change, you’re stuck in an exhausting game of catch-up that may eventually lead to burnout.
Burnout is rampant within the cyber security industry and, more generally, across IT workers. The State of Burnout in Tech [2022 Edition] surveyed 32,644 IT professionals across 33 countries and found that 40% were at high risk of burnout. More specifically, 62% of those surveyed reported feeling physically and emotionally drained.
Because cyber security is such a fast-paced space, the point solution approach is unsustainable. For this reason and all others above, MSPs need a different approach.
Building a better MSP security stack
There’s a natural impulse to resist change, even if the stack you’ve put together doesn’t work anymore (or never did). You’ve already invested in each tool, trained your team, deployed it in your customers’ networks, developed sales and marketing materials, and more.
But introducing new tools so frequently inevitably leads to redundancies or overlaps in features and functionality. Long-established MSPs may find tools they pay for but just collect dust.
As a result, many MSPs are starting to swap out their layered security stacks with a comprehensive, integrated cybersecurity solution that provides a better defense with less lift.
Our flagship product, Covalence, is designed to replace (and outperform) 10+ tools in the average cybersecurity stack—all in one integrated solution. That means fewer dashboards, less complexity, and more time in your team’s day to support your other managed services.
Read more about the Field Effect Partner Momentum Program or get the conversation started today with one of our experts.