“Customers simply don’t care what technology they sit on anymore,” Fox said. “Those days are long gone in the market. The key is in looking at engaging at the right level within the customer, and helping to educate them along the way around what they are trying to achieve.”
Success in security
As the recent hack of Christchurch-based crypto-currency firm Cryptopia highlighted, businesses of all sectors and sizes are now a target in New Zealand.
So much so that more than 1200 cyber security incidents were reported in New Zealand during the first six months of 2018, as threats continue to increase across the country.
Amounting to more than $5 million in losses, the reports range from 1 January to 30 June, according to quarterly report findings from CERT NZ, a Government-backed industry body focusing on cyber security.
With the writing now on the wall for both customers and partners, the channel is finding success in teaming up in security, joining forces to increase protection levels for Kiwi businesses.
According Michael Foley - CEO of Umbrellar - the reality remains that the majority of security risk stems from human behaviour, rendering the idea of a “perimeter” for infrastructure almost redundant.
“It is about behaviour, and it’s not one party that’s going to be able to achieve that for the customer,” Foley said. “And that’s why an ecosystem approach is the right way to do things.”
In agreement, Frazer Scott - CEO of Plan B - acknowledged that the channel is now actively exploring ways to pursue partner-to-partner strategies, in the pursuit of delivering customer value in security.
“Over the last year there was a lot of noise made in encouraging partnering inside our industry,” Scott observed. “It absolutely is the answer.
“In terms of our approach to the partnership model, we’re looking at what we offer, and seeing what is available outside of what we do as non-core business to us. Then, we are asking questions about how to deliver value for the customer.”
For example, Scott said partnering can take place in the form of governance work and board presentations, alongside technical requirements and capabilities.
“We can have IT manager conversations but they can lack the buy-in from the board on occasions, so how do we help level that up as a partner?” Scott asked. “We must focus on the strategy, proof points and outcomes which is how the partner ecosystem can help.
“Australia has made ground from a regulatory perspective in terms of data breaches, and that’s going to happen in New Zealand also.
“The risks around security continue to pose a problem, a problem that continues to grow from the perspective of both the business owner and the board.”
The making of an MSSP
With expertise across cloud and security offerings, Igor Matich - managing director of Dynamo6 - emphasised increased focus on helping customers conduct independent reviews to understand, and then act on, relevant security requirements.
“There’s many factors that are beyond our control that could create a major risk for our business, even though it has nothing to do with us,” Matich said.
“There’s good balance in recommending customers carry out an independent review, whether it’s products that we’ve built or work on to service we provide, and how those fit into their broader security strategy.”
According to Martin Smithson - account director of Kordia - the secret to success for MSSPs centres around “owning the customer relationship”.
“Having that research capability provides us with the credibility that we want from a security perspective,” he said. “And from our perspective at Kordia, that is absolutely crucial.
“We want to continue our focus on our customers, and what their needs are, and additionally how can we build a better partnership ecosystem in New Zealand.”
In addition, Simpson of Lexel Systems cited the “pure-play” approach as a criteria for successful security partners to align to across the country.
“We want to be an outsourced provider to our clients to work with in terms of the ethical implementation, design and upkeep,” Simpson said. “We won’t be doing independent auditing and writing reports because for medium and large customers, they want a true independent person. So that’s where the partnerships come in.”
From a hiring perspective, Conlon of SpecOps NZ, also recommended the benefits of seeking local talent to create homegrown security expertise.
“If you get the right personality you can turn a graduate into a reasonably effective hacker within six months,” Conlon said. “Continuing to invest in homegrown talent across New Zealand is a priority and we see that there’s a lot of room for differentiation through that approach.”
In New Zealand, one of the most significant impacts to the security technology space has been the rise of cloud services. Specifically, the scalability of those services.
“One of the biggest areas of concern in New Zealand is in the response aspect of security,” said Igor Portugal, business development manager at Catalyst IT.
“When you are under attack, when somebody is actually trying to break into your network or using a denial service type attack, do you have the resources that you need to stand up to that attack?”
However, partners transitioning customers to the cloud, and providing security solutions on top, must up the ante in terms of end-user education.
“Some customers think that once they go to cloud they’re secure automatically, and that’s completely the wrong perception,” added Everett of Defend.
“Others are mature enough to know that they can’t be, so what they are asking for, and what we need to provide as MSSPs, is understanding the level of risk that they are exposed to.
“As long as you can investigate or provide the mechanisms that enable the customer to respond, it puts you in a prime position to be able to build services and solutions to take to the customer around response.”
Concluding the conversation, Reid of Sophos observed that escalating risk profiles - triggered by heightened social and political concerns around security - are driving MSSPs to become more specialised.
Such specialisation naturally lends itself to partner-to-partner collaboration.
“Most successful MSPs have picked a chunk of the network that they’re going to look after and they’re very willing to push back from other areas and partner with other partners to cover those gaps,” Reid said.
“Environments and risk profiles are becoming bigger and bigger and customers are now wondering what it even means when they’re being told ‘hey, we’re going to keep your network secure’.”
This exclusive Reseller News Roundtable was in association with Sophos. Photos by Gino Demeer.