IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Playing a role in the shift from prevention to detection

Recent security incidents show that perimeter-focused security regimes alone aren’t sufficient to safeguard the enterprise

As the spectre of financial and reputational devastation to businesses grows, cyber security has become a top boardroom talking point, with the average cost of a data breach standing $3.9 million, according to IBM. This means more customers are asking partners how they can stay out of the headlines. 

Consequently, concentrating security on prevention-first strategies, organisations are left blind to attackers slipping through the net. Exacerbating the problem is that the way we work has shifted irrevocably in the past 18 months. The attack surface has widened, the traditional security perimeter has disappeared, and visibility is clouded. The recent Kaseya attack further signalled that perimeter-focused security solutions are no longer fit for purpose.

The uncomfortable truth is that, while it has its place, prevention alone can never be 100% effective. There will always be some attackers that find a way in – whether it’s via spear-phishing and social engineering, a software vulnerability or misconfiguration, or credential stuffing, the list is endless. In this increasingly distributed world of work, prevention-based approaches are not equipped to provide the visibility needed into cloud environments and keep users safe.

Stopping attacks before they become breaches

What does this mean for the channel? It’s up to partners, as trusted advisors, to educate their customers about the changing nature of the threat. They must advise them to shift their mindset and operate as if they’ve been breached. This means adding technologies like AI and proactive threat detection solutions that can identify suspicious anomalies and behaviours, so they can stop attackers in their tracks.

For example, technologies like Network Detection and Response (NDR) and cloud-based security for services like Office 365 can increase visibility and enable them to stop attacks before they do any real damage. The good news for the channel is that the timing couldn’t be better, as the market for detection tools is skyrocketing. In fact, the NDR market is set to register a 14.2% Compound Annual Growth Rate (CAGR) over the next five years, meaning there’s huge potential for the channel.

Managed security service providers (MSSPs) and other cyber channel businesses can improve the security posture of their customers and keep them out of the headlines. They can also be first in line to capitalise on what stands to be a huge market and upselling opportunity. 

Meanwhile, it looks like remote working is here to stay; there are now 145 million Microsoft Teams daily active users worldwide, for example. Being able to provide security teams with visibility into Microsoft cloud environments will be a gamechanger for partners, again with huge upsell potential for those partners already selling Microsoft services.

Partners should pay particular attention to detection solutions that integrate well with existing Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) tools, which will provide them with greater opportunities to cross-sell, too.

Expanding revenue streams for partners

The channel will play a vital role in moving customers from traditional, low value, prevention-based cybersecurity technologies such as those relying heavily on signatures, to detection-based security that will keep their customers safe while presenting new revenue streams. Traditional solutions are simply not equipped to provide visibility in an increasingly cloud-driven world. Indeed, 71% of companies suffered seven account takeovers of authorised O365 users on average last year.

This realisation is driving the adoption of detection tools like NDR technology as organisations using Office 365 begin to recognise the need for a new type of security. They are increasingly investing in and deploying proactive AI-based threat detection solutions that identify, manage and stop any and all breaches. Partners, however, must act quickly to engage customers before others snap up detection revenue streams and own those customers in the long run.

 Partners must engage with their customers as soon as possible to qualify opportunities and prioritise those who are in the most need of detection technology. By securing NDR revenue, Office 365 security revenue – or both – partners can own that revenue stream moving forward as the whole industry shifts to detection, strengthening relationships and creating multiple and significant upsell opportunities.

Garry Veale is the UK & Ireland Regional Director with Vectra AI

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Accelerating security and success for MSPs with automation
Sponsored

Accelerating security and success for MSPs with automation

25 May 2022
Schneider Electric unveils Grid Operations Platform as a Service on Microsoft Azure
cloud computing

Schneider Electric unveils Grid Operations Platform as a Service on Microsoft Azure

24 May 2022
T-Mobile unveils new 5G Advanced Network Solutions
Network & Internet

T-Mobile unveils new 5G Advanced Network Solutions

24 May 2022
Google unveils new Assured Open Source Software service
open source

Google unveils new Assured Open Source Software service

18 May 2022

Most Popular

Open source packages with millions of installs hacked to harvest AWS credentials
hacking

Open source packages with millions of installs hacked to harvest AWS credentials

24 May 2022
Europe's first autonomous petrol station opens in Lisbon
automation

Europe's first autonomous petrol station opens in Lisbon

23 May 2022
Nvidia pauses hiring to help cope with inflation
Careers & training

Nvidia pauses hiring to help cope with inflation

23 May 2022