Cybersecurity’s next winners – Specialist Service Partners and MSPs/VARS
Why these two models are best placed to outperform
Tuesday 06 February 2024Article
Cyber security is notoriously high-growth and acyclical so it rightly attracts significant attention from investors. However, the space is increasingly complex and rapidly changing - the goalposts keep moving for traditional business models and while some will come under pressure, others are especially well placed to win going forward. Based on our recent work, two categories in particular stand out for the potential to generate significant returns: Specialist Service Partners and Managed Service Providers (MSPs)/Value Added Resellers (VARs).
Large Corporate and the Mid-Market are the highest growth areas in Cyber and Specialist Service Partners and MSPs/VARs are especially well positioned.
Specialist Service Partners
As the sophistication of threats and size of attack surfaces have increased, cyber security tooling has proliferated, specialised and fragmented. In-house teams are increasingly relying on specialist support across the design and build phases of core cybersecurity solutions, and to a lesser extent, for ongoing support. Key areas of focus include XDR/SOC and Identity (IAM, CIAM, PAM, IGA), but many other areas exist. Specialist service providers are very well positioned given:
- Strong domain expertise with tangible track records at blue-chip clients is scarce – and this is critical in an industry where cyber risk minimization is the primary objective. Quality wins and Specialist Service Partners can often position themselves as leaders.
- As Enterprise and Large Corporate cyber teams mature, they increasingly seek best-of-breed and more specialist service provision for critical applications. Independent firms typically have the closeness and agility that broadline or offshore providers lack.
- Software vendors, such as Microsoft, Crowdstrike and Okta are increasingly relying on channel and service providers for client success instead of in-house professional services. They particularly favour independents, especially those exclusive to their platform/s, which can drive high volume, high-value pipeline.
MSPs & VARs
These businesses target the highest growth segments - mid-market and large corporates - where adoption growth is rapid, and clients need the most support. Critically, due to their limited in-house capabilities, these customers tend to have greater dependence on their partners and willingness to adopt a recurring managed service model - highly attractive revenue quality dynamics. MSPs & VARs are increasingly well-positioned to win here given:
- They already typically have the largest share of outsourced IT spend and have “the ear” of the CTO – an advantaged position to identify needs early and be able to bundle and integrate best with wider IT services.
- Supply-side technological improvements allow for “mass-market” adoption of technologies (e.g., Microsoft’s rapid rise in SIEM with Sentinel). These are standardised enough that MSPs can take on the propositions with scale.
- Cyber remains closely tied to, and embedded within, wider IT services and transformations, such as Cloud and data strategy. As a result, being able to provide integrated solutions is critical.
- They have well-honed high-scale and low-cost delivery models.
It is important to note that for both these groups, M&A is a very attractive means to accelerate growth. Service provision remains relatively fragmented, and M&A can drive new geographic and/or service line offerings with significant revenue (e.g., product cross-selling) and cost (e.g., go-to-market) synergies.
Notably, this list does not include the MSSP and software categories. While substantial opportunities remain in these areas, some challenges exist. MSSPs are facing considerable pressure from MSPs. Software vendors can face rapid category and technology lifecycles, presenting a material downside risk. For investors, significant pockets of opportunity remain in these areas, but it’s crucial to approach with caution.
If you are looking at any of these areas, or refreshing your views on the wider Cyber ecosystem, our experts are on hand to discuss further: