Skills Gaps and Cyberattacks: Why Gamma Acquired a Managed Security Services Provider

#Skills #Gaps #Cyberattacks #Gamma #Acquired #Managed #Security #Services #Provider

Gamma recently announced the acquisition of managed security services provider (MSSP) Satisnet, giving it a publicly facing cybersecurity offering. Despite already baking cybersecurity into its existing voice and networking offerings, Gamma felt the time was right to build a package that organisations can add to the current services they purchase.

Speaking to UC Today in the wake of the deal’s announcement, Solutions Director Richard McPhee said the cybersecurity skills gap and the rising threat of complex attacks were key drivers behind the deal.

“We’ve actually been offering security solutions to secure our services, but more on an internal basis,” he explained. “We have over 100 enterprise customers consuming managed firewall, for example.”

“However, as the market has gone to the cloud, this has become an adjacent fit for us. We asked our customers if this were a service they would need and expect from us, and the answer was an overwhelming ‘yes’.”

If, Not When

The overwhelming ‘yes’ from Gamma’s base of 1,000 customers likely stems from the realisation that a cyber-attack will hit an organisation. The only element up for discussion is whether that attack will be successful.

McPhee said this thinking was a significant factor as Gamma scoured the market for a potential acquisition target. The expectation that an attack will come led Gamma to Satisnet because of its detection capabilities.

The core of Gamma’s MSSP operation will be based on detection and response. Satisnet has its own managed SOC offering, primarily based on Microsoft Azure sentinel, and a strong Managed Vulnerability Management service powered by Tenable.

McPhee said the rising sophistication of cyberattacks has pushed security to a boardroom discussion.

“They’re becoming more advanced and complex to deal with,” he said. “Almost every organisation has this as one of their top five risks.

“It’s often been seen as an unwanted expense because it doesn’t generate a return on investment, but there’s now greater awareness of the impact of cyber-attacks and an increase in demand on supply chain security.  The consequences of getting it wrong can be catastrophic not only from a data loss perspective but from the risk you run from customers that could cease trading with your organisation if your standards are not up to scratch.

“Organisations are being fined because their suppliers haven’t got adequate security. So, organisations are looking for suppliers they’re requesting, and even mandating strict security policies.”

Mind the Gap

As is the case in many areas of technology and IT, cybersecurity is suffering from a skills gap. A lack of talent makes it difficult for organisations to hire and retain cybersecurity experts, making the thought of outsourcing to a third-party MSSP even more appealing.

This was part of the rationale behind Gamma’s Satisnet deal. The idea is that organisations offload their security to Gamma, avoiding the need to have talent internally.

Hiring a few skilled people internally also poses a potential risk because your security lives and dies by their ability and intentions.

“It’s actually a safer bet to have some element of this contracted out,” McPhee said.

“MSSPs are on the rise because Cyber Security is complicated and it’s hard to keep enough skilled people in-house. Most organisations are looking to outsource now.”

Looking to the Future

It’s early days for Gamma’s MSSP offering, but McPhee said he’s already seeing demand from Gamma’s existing customers. Securing existing clients is likely where Gamma will focus on to begin with, but MSSP services will be available to new customers too.

A channel-focused model, which will allow partners to resell the solution and wrap around their own solutions, is also being reviewed to help secure Gamma’s channel customers.

“Our aim is to help customers assess their current security, understand where their gaps are, then look at how we can help them build a stronger security posture by utilising what they have better or filling gaps. Our Managed SOC layered onto this provides a human centric service and will help give our customers context of events happening in their environment to limit the impact of any potential breach.”