Why Consolidation of Managed Cybersecurity Service Providers (MSSP) is Inevitable – Through the Lens of an MSSP

With the rise in popularity and importance of cybersecurity monitoring, it paved the way for many local and foreign Managed Cybersecurity Service Providers (MSSP) like SysArmy, Bluesify, Ensign InfoSecurity, DXC, and BlueVoyant; where organisations outsourced their monitoring and management of security devices and systems.

Like the US banking industry years ago, this is the dawn of “MSSP Consolidation”; amidst increasing demand for high-quality MSSP as well as tougher competition with notable M&As in the MSSP space, for example EY | ElevatedPrompt, Accenture | Symantec MSSP, Fujitsu | InPhySec.

For the past few years, we have observed a growth trend in the size of the Malaysian MSSP market; much aligned with the global trend. But further observance of the local market shows that despite the growth in enterprise sector, some global or regional companies are moving towards insourcing and/or looking to set up their own Cybersecurity Operations Centers (SOC).

From an MSSP’s perspective, it indicates a decrease in potential market size. Global or regional companies whom used to provide a larger deal size, are now considering their own managed options. Coupled with fierce competition in the market and rising operating costs, local MSSPs will suffer lower profit margins which may not be sustainable in the long run.

When profit margin and business sustainability come into play, it begs the question of whether smaller MSSPs can maintain their service quality or even their business model. Hence, the consolidation of MSSPs in Malaysia may indeed be necessary, to maintain the viability of the market.

One of the most compelling advantages of a market consolidation is the profound cost efficiency it offers. By amalgamating the resources and expertise of multiple companies, a consolidated MSSP can unlock further cost optimization by streamlining operations and eliminating redundant processes.  This cost optimization extends beyond security operations and SIEM license provisioning, encompassing various facets of the business, including HR, marketing, accounting, and infrastructure management such as office space and data centers.

As a result, market consolidation can accomplish more with less, embodying the concept of “1+1=3” by leveraging economies of scale to achieve a lower overall expenditure while upholding comprehensive security coverage and delivering enhanced value. This cost efficiency enables organizations to strategically re-allocate their resources and redirect saved funds toward other innovation, expansion, or critical business initiatives.

The consolidation of expertise from different MSSPs, whether in overlapping or unique service areas, empowers the consolidated entity to integrate diverse skill sets and knowledge and gain a competitive edge by being able to provide a comprehensive suite of security services.

This consolidation of expertise not only enhances the quality of services but also instils a heightened sense of confidence in future and current customers, trusting that their security requirements will be met comprehensively by leveraging the collective expertise. This assurance is particularly vital in the context of revised compliance regulations such as BNM RMiT (Bank Negara Malaysia Risk Management in Technology) and MAS TRM (Monetary Authority of Singapore Technology Risk Management).

Drawing upon a diverse range of expertise, they can navigate complex compliance frameworks more effectively, ensuring that customers’ security measures align with regulatory requirements and industry standards.

With the intensifying competition among local MSSPs, the challenge of competing against regional or global MSSPs becomes even more formidable. Drawing from a past experience, we were approached by a regional enterprise to act as an evaluator of various MSSPs – local, regional, and global. Following several rounds of assessment, it became evident that the local MSSP lacked the confidence and capabilities to handle the project and the global MSSP is too expensive. Ultimately, the contract was awarded to a regional MSSP.

However, the consolidation of Managed Security Service Providers (MSSPs) offers organizations the ability to compete not only on a regional but also a global scale, allowing them to effectively challenge larger regional and global companies. Through the consolidation process, resources, expertise, and capabilities are combined, granting them a competitive advantage, thus enabling them to secure larger contracts and deliver cutting-edge security solutions and services that rival those offered by their counterparts. Market consolidation serves as a catalyst for success, positioning the MSSP as a formidable player in the regional and global cybersecurity landscape.

MSSPs consolidation brings about a reduction in competition and a decrease in practices that involve undercutting. As multiple MSSPs join forces, the market is left with fewer players, which results in a decreased need for intense competition and price wars to secure customers.

With that, they are able to focus on providing value-added services and unique offerings, the selling price of their services naturally increases. This reflects the higher expertise, comprehensive solutions, and improved quality of service offered by consolidated MSSPs. Ultimately, customers benefit from the enhanced value and increased confidence that come with engaging with a stronger MSSP , ultimately fostering a healthier and more sustainable market environment.

As regional or global organisations today are looking to insource their security operations, MSSPs can look at a different role to play when it comes to approaching the “big fishes” in the market, specifically the Build, Operate, and Transfer (BOT) model.

To embark on this journey, MSSPs need the right people, processes, and technology in building and operating the security infrastructure and operations on behalf of the client, while eventually transferring the ownership and control of these assets to the client.

In conclusion, the consolidation of MSSPs leads to the development of more innovative and affordable cybersecurity monitoring services, making it easier for not just enterprises but also medium size companies to protect themselves against cyberthreats.

Despite the challenges, MSSPs with the right people, process, expertise, and technology in Malaysia are vital entities for protecting organisations that may be reliant for their advice, support, guidance, and subscription-style services that MSSPs can offer.  The consolidation of MSSPs in Malaysia is essential to address these challenges, and the rise of cybersecurity-as-a-service (CSaaS) will be the sector’s biggest disruptor in the next five years.