|
||
Understanding the MSSP Business and Vendor RelationshipBy Michael O'Brien - Regional Vice President - Strategic Routes to Market | ||
Dubai, United Arab Emirates When managed security service providers (MSSP) evaluate a cybersecurity vendor, they usually start by reviewing the technology offerings. The vendor’s technologies often drive the MSSP’s business model and ability to respond to client needs. Technology is the core concern for many MSSPs. However, focusing solely on technology ignores the other two parts of a robust cybersecurity program. The people that use technology need processes that streamline their daily tasks.
Michael O'Brien - Regional Vice President - Strategic Routes to Market
What is an MSSP business? An MSSP offers security device management and continuous monitoring using a collection of technologies that enable them to provide:
Companies looking for a cost-effective way to enhance their security posture work with MSSPs to mitigate some or all of their cybersecurity risk, and overcome the cybersecurity skills gap.
The Importance of the MSSP Business-Vendor Relationship While many MSSPs focus on cybersecurity technology capabilities, they should remember that their customers come to them for services. Too often, MSSPs view their vendor relationship as a transactional agreement focused on products. However, when they incorporate cybersecurity vendor experience they can build a relationship that enables long-term business success.
MSSPs should treat conversations with their sales engineers the same way they would treat potential employees during a job interview. The sales engineers should be able to understand and articulate the MSSP’s:
"To build successful short- and long-term business strategies, MSSPs need vendors who have best-in-class technologies supported by knowledgeable people and proven processes."
Important Questions to Ask When Searching for A Vendor To achieve a successful and profitable cybersecurity vendor relationship, MSSPs need to consider how vendors respond to important evaluation questions.
1. How Does Your Service Produce Success? Vendors should understand the services portion of the MSSP equation. For MSSP customers, security is one part of a larger business model. For MSSPs, security is the business model. A vendor should discuss its technologies in ways that align with MSSP business and revenue objectives. Some terms to look for include:
2. How Do Your Services Compare to Competitors? Ultimately, the vendor should help its customer achieve its business objectives.
MSSPs evaluating vendors should consider whether they provide the following support capabilities:
3. What Are Your Technology Standards? Finally, MSSPs need to ensure vendors take the same approach to their technology standards that they do their people. A vendor that understands the MSSP business will provide technologies that are integrated and integratable. While an integrated solution incorporates multiple tightly-connected technologies that work together, an integratable solution fits seamlessly into the overarching business technology stack.
A vendor’s technology services should be:
When a vendor provides well-defined technology standards, it proves its commitment to MSSPs. By reducing the operational overhead per customer, the MSSP is more profitable.
How Do You Keep Your Technologies Up-to-Date? The cybersecurity vendor acts as the MSSP’s intermediary between attackers and customers. As part of the vendor’s threat intelligence services, the MSSP should have people engaging in research.
Cybersecurity vendors should have teams actively engaged in zero-day research that support their artificial intelligence (AI) and machine learning (ML) technologies. These supporting services should include research across:
Final Thoughts MSSPs use cybersecurity vendors as the foundation of their services and offerings. To build successful short- and long-term business strategies, MSSPs need vendors who have best-in-class technologies supported by knowledgable people and proven processes. MSSPs must have a true relationship with their vendor so that they can provide their customers with the best services possible.
About Fortinet Fortinet (NASDAQ: FTNT) makes possible a digital world that we can always trust through its mission to protect people, devices, and data everywhere. This is why the world’s largest enterprises, service providers, and government organizations choose Fortinet to securely accelerate their digital journey. The Fortinet Security Fabric platform delivers broad, integrated, and automated protections across the entire digital attack surface, securing critical devices, data, applications, and connections from the data center to the cloud to the home office. Ranking #1 in the most security appliances shipped worldwide, more than 595,000 customers trust Fortinet to protect their businesses. And the Fortinet NSE Training Institute, an initiative of Fortinet’s Training Advancement Agenda (TAA), provides one of the largest and broadest training programs in the industry to make cyber training and new career opportunities available to everyone.
Learn more at www.fortinet.com, the Fortinet Blog, and FortiGuard Labs. |
||
|
||||||||||||||||
| ||||||||||||||||