Skip to main content

Managed Security Services Growing Among SMBs


A new report from Forrester Research on the state of IT security at small to midsize businesses (SMB) in North America and Europe predicts ongoing growth in the managed security space.

In a result similar to that of enterprise respondents, SMB executives reported that the two top drivers for using managed security services is the demand for a specialized skill set that security requires (cited by 31% of the respondents) and the need to reduce costs (cited by 24%).

Other reasons cited for adopting managed security services include:
  • The need to reduce complexity (19%)
  • The need for 24/7 security coverage (19%)
  • The rest of the IT environment is outsourced (5%)
Managed Services Tops for Filtering and Monitoring
The report also revealed that the top two services SMBs ask from their managed security provider are e-mail or Web content filtering (36%) and network firewall monitoring (33%). Forrester believes that the biggest uptick in the next year, however, will come from increased use of vulnerability management and assessment. Some 20% of SMBs plan to deploy these services in the next twelve months.

The Forrester report clearly shows that SMBs have a strong interest in all facets of managed security services. Some 23% are already using it for identity and access management, and another 35% are interested in it, but either have no plans or no budget for adding it to their slate of services.

Similar proportions of SMB executives recognize these issues: host event log monitoring or management (31% are interested but have no plans or budget); IDS/IPS monitoring or management (30%); endpoint security (34%); and regulatory compliance monitoring and assessment (31%).

When To Add Managed Services
The Forrester survey didn't tackle one of the most interesting questions from a managed services standpoint (in fairness, the focus was on security, not managed services). That is, what will it take for SMBs to start adopting the services in which they express interest, but have not yet budgeted for?

Our recommendation is to be proactive and deliberate about adding services. Don't wait for the need to arise; develop a plan to takes into account your security needs and build capabilities into both your budget and deployment plans on an incremental basis. That way, you'll enjoy the highest level of protection with a minimum amount of disruption.

Popular posts from this blog

McKinsey's GenAI Journey Offers Valuable Lessons

The rapid evolution of Generative AI (GenAI) platforms has sparked a transformation in how progressive organizations leverage their institutional knowledge and enhance productivity. McKinsey's development of its internal GenAI platform, named Lilli, provides valuable insights into how large enterprises can successfully implement practical solutions while prioritizing user adoption and maintaining high security and quality standards. McKinsey's approach to developing Lilli is noteworthy for its methodical, user-centric implementation strategy. Starting with a small team of just four people that has since grown to over 150, the firm focused on solving specific operational challenges across four key domains: team performance, client development, service delivery, and post-project communications. Why Purposeful Adoption Planning Matters Rather than attempting to solve every possible use case at once, this focused approach has proven instrumental in the platform's successful ad...
Read more