Solution Providers See Customers Shifting Spending Toward Security Services

Security isn't just a technology problem, and customers are now shifting their buying strategies to shell out big bucks for security services, a panel of solution providers and security experts said this week.

"More and more companies are starting to realize that technology is just one aspect of [security]…They're more perceptive about the problem," David Mapgaonkar, principal of Cyber Risk Services at Deloitte & Touche, said in a panel discussion moderated by CRN in Boston this week.

That's a shift from years past, Mapgaonkar said, when customers were investing in buying the latest and greatest security technologies, much of which has now ended up as "shelfware." Mapgaonkar said customers are now looking to be "more effective and more efficient and use what they have."

[Related: Security Solution Providers See Growing Opportunity In Privileged Account Management]

Sponsored post

The numbers show that shift, with Frost & Sullivan predicting that the market for managed security services will explode from $8 billion in 2015 to $30 billion by 2020.

For solution providers, such as Boulder, Colo.-based Integral Partners, this shift solves a problem where customers didn't want to make strategic security services decisions, and, as a result, were struggling to get the full value out of their purchases, Director of Security Technology Charles Drum said. Drum said many of his company's projects were about "picking up the pieces" from prior implementations and helping them take a different perspective ofthe "care and feeding" of the security ecosystem in their environments.

"It's been a real struggle in security over the years because they don't look at it [as strategic]: this is going to cost me money," Drum said on the panel. "Now, they look at it more as a pillar for the business and they're willing to invest more in new software and people."

Udi Mokady, CEO of CyberArk, a Newton, Mass.-based privileged account management technology vendor, said he sees the same shift when talking to customers. When talking to clients in recent meetings, Mokady saw companies were more willing to grow their budgets around security, with a big emphasis on services.

"We're seeing the shift of calling it a 'project' has a negative [connotation]," Mokady said. "Security is an ongoing thing."

For the solution providers on the panel, that opportunity means they are building their business around services. Mapgaonkar said Deloitte is focused primarily around services, though it will offer value-add products when needed.

"Most of our effort is around services," Mapgaonkar said.

However, that doesn't mean that value-added resellers are completely out of the game when it comes to security. Scott Whitehouse, vice president of channels and alliances for the Americas at CyberArk, said he sees a lot of VARs successfully working with security services-focused solution providers to provide a multi-layered approach, with one bringing the products and the other the implementation and on-going services.

"It's a great opportunity for the channel community," Whitehouse said.