Is Cybersecurity Disruption an Existential Threat for MSPs?

Dive into the impact and future of MSP Cybersecurity Disruption. Is it a looming threat or a hidden opportunity?
MSP cybersecurity disruption feature

Table of Contents

The “threat landscape” in cybersecurity is dominated by talk of ransomware, phishing, and other cyberattacks. But could the actual cybersecurity risk to MSPs be an internal one—the risk of their business model becoming obsolete due to innovative shifts in cybersecurity operations?

MSP’s cybersecurity operations stand at a crossroads. Once little more complex than administering a firewall, clients are now entrusting their cybersecurity to their chosen MSP. This has consequences including legal risks under reasonable care and protection. But critically, it also offers a business opportunity, as outlined in our latest white paper, Disrupting MSP Cybersecurity: Embracing Innovation for a More Efficient Security Model.

Disruptive Innovation vs Sustaining Innovation

Clayton Cristensen’s “The Innovator’s Dilemma”, published in 1997, changed the way we think about innovation and disruption. It was the book that arguably brought the words “innovation” and “disruption” into everyday speech. 

Cristensen argues that there are 2 types of innovation: sustaining innovation and disruptive innovation. Sustaining innovation sees incremental improvements made to a tool or process, but the legacy, underlying tool remains the same. Disruptive innovation usually takes the form of something completely new that creates new value networks, upends the status quo, and renders the legacy incumbent obsolete. 

Famous examples include when Netflix’s streaming service led to the demise of Blockbuster and when Apple disrupted Blackberry (and its own iPod line) with the iPhone.

Indicators of a Market Ready for Disruption

Cristensen identifies 6 factors that indicate that a market might be disrupted. Let’s look at how these apply to MSP cybersecurity disruption.

1. Overshooting Customer Needs

Companies risk disruption when their products go beyond what most customers need. This happens when established businesses focus too much on high-end improvements, missing what their regular customers want.

For MSPs, offering overly complex cybersecurity can push clients away. While there might be complexity involved on the MSP’s side, clients should be protected from it. This meets client needs and keeps MSPs essential, reducing the chance of losing out to competitors seen as .

2. Sustaining Innovation Focus

Sustaining innovation refers to making small changes to existing products, rather than pursuing disruptive innovation, which involves creating entirely new products that open up new markets. This focus can cause them to overlook the potential for disruptive changes, leaving room for more innovative competitors to step in.

In MSP cybersecurity, there are many examples of tools (and acronyms) that are the result of sustaining innovation. 

  • SIEMs (Security Information and Event Management) developed from log aggregators to centralized cybersecurity hubs. They are famously very labor-intensive to set up and operate.
  • XDR (eXtended Detection and Response) is an evolution of EDRs, adding various different signals to those coming from endpoints. As such they still tend to create a lot of noise that requires further investigation.
  • SOARs (Security Orchestration, Automation, and Response) enhance the efficiency of cybersecurity operations, but it primarily does so because of the inefficiency of tools like those already mentioned.

These tools carry legacy DNA from simpler times when there was less data to be moved, processed, and stored. Today, they are generally not efficient at their current tasks given modern technologies and requirements.

3.  High Profit Margin Focus

Companies focused on high-margin products risk missing market disruptions. They often neglect low-margin, innovative sectors, focusing instead on immediate, lucrative gains. This approach can leave them blind to disruptive technologies emerging in these overlooked areas.

For MSPs cybersecurity, this means balancing the allure of high-margin offerings with the potential of lower-margin, innovative technologies. Ignoring these emerging solutions can lead to missing key market shifts and a broader client base.

4.  Inability to See New Market Opportunities

Companies often miss how disruptive products can open new markets, too focused on current market shares and short-term goals. Preoccupation with daily operations and short-term client relations can mean overlooking long-term market changes and potential.

For MSPs, the challenge is cutting through the noise of the cybersecurity market to identify and leverage emerging technologies. Recognizing these opportunities early is essential for capturing new market segments and providing enduring value to clients, ensuring long-term relevance in a rapidly evolving industry.

5.  Value Networks 

Firms are often embedded in value networks — the intricate systems that define how they interact with customers, solve problems, source inputs, respond to competitors, and aim for profit.

In cybersecurity, MSPs face a similar challenge with their complex networks of customers, partners, and industry trends. It’s important for MSPs to not let this complexity stop them from adopting new cybersecurity tech. Staying agile and open to change within these networks is key to staying competitive and meeting market shifts.

6. Customer Dependence

Firms often hesitate to adopt disruptive tech, fearing it won’t align with what existing customers want. This focus on current customer needs can limit innovation, especially in sectors that value customer feedback highly.

For MSPs, it’s crucial to balance listening to clients with exploring new technologies. Even if these innovations don’t have immediate demand, they can open up new markets and attract fresh business, essential for staying ahead in a rapidly evolving industry.

Examples of Disruption

Blockbuster fell behind due to several factors outlined in Christensen’s “The Innovator’s Dilemma.” They stuck to incremental improvements in their physical store model, missing the shift to more convenient options like Netflix’s streaming service. Blockbuster was heavily invested in their high-margin physical stores and failed to recognize the potential of online rentals and streaming, considering them niche markets. Their reliance on a value network of physical stores and in-store customers hindered their transition to an online model. 

Meanwhile, Netflix’s lower-margin, mail-based service and later streaming option captured a growing market. Blockbuster’s inability to innovate and adapt to digital trends led to its bankruptcy, overshadowed by Netflix’s disruptive approach.

BlackBerry, once mobile phone market leaders, were drastically disrupted by Apple’s iPhone. While they focused on small upgrades to their products, Apple and Google completely redefined the smartphone, merging a phone with a powerful computer and a third-party app platform. BlackBerry couldn’t keep up with this rapid innovation, leading to a steep decline in their market shares. Notably, the iPhone’s launch also signaled the end of Apple’s then-most profitable product, the iPod. Steve Jobs understood the importance of self-disruption, recognizing that failing to innovate could lead to being overtaken by competitors.

Explore Further

The current MSP Cybersecurity model is ripe for disruption but also offers exciting business opportunities. Would you rather meet this challenge like Apple or Blackberry did? For further insights into how MSPs can embrace and meet this challenge, read our freely available white paper Disrupting MSP Cybersecurity: Embracing Innovation for a More Efficient Security Model.

Subscribe to Our Blog

Get the latest cybersecurity articles and insights straight from the experts.

Share this post

RELATED POSTS

SOC Analyst Salaries
Trends

The Struggle to Afford SOC Analyst Salaries

Reading Time: 3 mins Explore the challenges faced by a wide range of organizations in affording SOC analyst salaries amidst rising cybersecurity demands and limited budgets

soc of the future jeffrey wheat
Trends

The SOC of the Future

Reading Time: 4 mins Lumu’s recently appointed Field CTO Jeffrey Wheat looks at the future of the SOC and how incremental improvement leads to proficient operations. Beginning his cybersecurity career at the department of defense, Jeffrey Wheat is a proven leader and CISSP with 30 years of experience spanning SOC management at international firms as well as cybersecurity architecture design and implementation.