IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Playing a role in the shift from prevention to detection

Recent security incidents show that perimeter-focused security regimes alone aren’t sufficient to safeguard the enterprise

As the spectre of financial and reputational devastation to businesses grows, cyber security has become a top boardroom talking point, with the average cost of a data breach standing $3.9 million, according to IBM. This means more customers are asking partners how they can stay out of the headlines. 

Consequently, concentrating security on prevention-first strategies, organisations are left blind to attackers slipping through the net. Exacerbating the problem is that the way we work has shifted irrevocably in the past 18 months. The attack surface has widened, the traditional security perimeter has disappeared, and visibility is clouded. The recent Kaseya attack further signalled that perimeter-focused security solutions are no longer fit for purpose.

The uncomfortable truth is that, while it has its place, prevention alone can never be 100% effective. There will always be some attackers that find a way in – whether it’s via spear-phishing and social engineering, a software vulnerability or misconfiguration, or credential stuffing, the list is endless. In this increasingly distributed world of work, prevention-based approaches are not equipped to provide the visibility needed into cloud environments and keep users safe.

Stopping attacks before they become breaches

What does this mean for the channel? It’s up to partners, as trusted advisors, to educate their customers about the changing nature of the threat. They must advise them to shift their mindset and operate as if they’ve been breached. This means adding technologies like AI and proactive threat detection solutions that can identify suspicious anomalies and behaviours, so they can stop attackers in their tracks.

For example, technologies like Network Detection and Response (NDR) and cloud-based security for services like Office 365 can increase visibility and enable them to stop attacks before they do any real damage. The good news for the channel is that the timing couldn’t be better, as the market for detection tools is skyrocketing. In fact, the NDR market is set to register a 14.2% Compound Annual Growth Rate (CAGR) over the next five years, meaning there’s huge potential for the channel.

Managed security service providers (MSSPs) and other cyber channel businesses can improve the security posture of their customers and keep them out of the headlines. They can also be first in line to capitalise on what stands to be a huge market and upselling opportunity. 

Meanwhile, it looks like remote working is here to stay; there are now 145 million Microsoft Teams daily active users worldwide, for example. Being able to provide security teams with visibility into Microsoft cloud environments will be a gamechanger for partners, again with huge upsell potential for those partners already selling Microsoft services.

Partners should pay particular attention to detection solutions that integrate well with existing Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) tools, which will provide them with greater opportunities to cross-sell, too.

Expanding revenue streams for partners

The channel will play a vital role in moving customers from traditional, low value, prevention-based cybersecurity technologies such as those relying heavily on signatures, to detection-based security that will keep their customers safe while presenting new revenue streams. Traditional solutions are simply not equipped to provide visibility in an increasingly cloud-driven world. Indeed, 71% of companies suffered seven account takeovers of authorised O365 users on average last year.

This realisation is driving the adoption of detection tools like NDR technology as organisations using Office 365 begin to recognise the need for a new type of security. They are increasingly investing in and deploying proactive AI-based threat detection solutions that identify, manage and stop any and all breaches. Partners, however, must act quickly to engage customers before others snap up detection revenue streams and own those customers in the long run.

 Partners must engage with their customers as soon as possible to qualify opportunities and prioritise those who are in the most need of detection technology. By securing NDR revenue, Office 365 security revenue – or both – partners can own that revenue stream moving forward as the whole industry shifts to detection, strengthening relationships and creating multiple and significant upsell opportunities.

Garry Veale is the UK & Ireland Regional Director with Vectra AI

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Databricks announces major contributions to flagship open source projects
open source

Databricks announces major contributions to flagship open source projects

29 Jun 2022
VMWare unveils new vSphere+ and vSAN+ solutions
virtualisation

VMWare unveils new vSphere+ and vSAN+ solutions

29 Jun 2022
HPE unveils new partner programme to boost XaaS practices
channel

HPE unveils new partner programme to boost XaaS practices

28 Jun 2022
Open source giant Red Hat joins HPE GreenLake ecosystem
automation

Open source giant Red Hat joins HPE GreenLake ecosystem

28 Jun 2022

Most Popular

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
Carnival hit with $5 million fine over cyber security violations
cyber security

Carnival hit with $5 million fine over cyber security violations

27 Jun 2022