The Business Case for Addressing the Security Needs of the SMB
The unmet security needs of SMBs represent a large, untapped source of revenue for service providers globally. Mobile and fixed carriers face stagnant revenues and even declining ARPU due to encroaching Over-The-Top (OTT) players and other competitors, which have seriously affected many current revenue sources.
Cybersecurity is a big business. Some expect global cybersecurity spending to top $1 trillion over the next five years. As we outlined previously, there are several key cybersecurity challenges face, and SPs are in a strong position to help SMBs solve these challenges while creating new revenue streams.
The recent news about high profile cyberattacks like WannaCry and breaches to companies like Equifax are stern reminders to businesses of all sizes they are vulnerable. Larger companies may lose hundreds of millions of dollars and erode customer trust in the wake of these incidents, but they are in a better position to weather this storm and recover. However, for SMBs even a small breach can be severely debilitating.
While many service providers look to support larger businesses and organizations, SMBs are a prime market that SPs should pay attention to. Many SMBs find it difficult to obtain the tools and support to implement a strong security posture as many of the things on the market today are either too expensive or not designed specifically for smaller businesses.
Fortunately, there are opportunities for significant growth through new streams when SPs while delivering tools and resources that address the needs of the SMB. SPs that leverage certain synergies will be at the forefront of mining these new potential revenue streams:
- Knowledge – A strong understanding and knowledge of the needs and threats the SMBs face and how best to prevent incidents and mitigate risks, while also having the ability to provide information in the event of an incident.
- Manpower – The ability to provide additional resources as needed to help educated customers, tailor programs to address their individual needs, and even provide additional support either on-going or on-demand as needed.
- Physical and virtual solutions – Having the ability to leverage software and hardware solutions that can be deployed on-premises or delivered virtually.
In doing so, customers in the vast SMB market space can now more easily achieve parity with their enterprise-level competitors while SPs are able to expand into new revenue streams. There are functional requirements that first need to be met, however:
- Actionable, timely, and accurate analysis of traffic anomalies
- Use of a precise, error-free database of common threats to enable automated analysis; which will resolve issues SMBs face with available qualified manpower
- Centrally updated mitigation policies within appropriate tools that provide the added ability to redirect traffic without affecting business continuity, combined with real-time threat detection and automated analysis and prioritization
SPs can easily leverage emerging technologies in both software and hardware tools to deploy services that address the SMBs through individually tailored solutions to achieve those ends. Beyond the baseline requirements of best-of-breed attack prevention tools such as firewalls and URL filtering, SPs can now offer SMBs services that provide additional value by integrating options most SMBs are unable to staff and fund alone.
Advanced services like Security as a Service, Security Operations Center as a Service, and Emergency Response Team as a Service have become viable value-add or upsell opportunities to offer SMB customers. This allows the SMB to achieve the level of security that enterprise-level customers routinely use, but do so cost-effectively, and in a manner appropriate for each SMB’s unique position within its market.
For example, by offering Emergency Response Teams when events occur, the SMB has access to a dedicated, high-quality security analyst team to manage collective Security Operations Centers that can evaluate and intervene in the inevitable event of a cyber-attack. Such 24/7/365 availability is a tier-1 requirement that SPs can help SMBs meet, where they could not do so alone.
SPs also can offer such solutions as a tiered service solution to provide à la carte, on-demand, up-sell, and value-package options.
At the end of the business day, SPs can now offer tiered services, through flexible subscription and pricing models that allow SMBs to expand and increase revenue streams in a tightening market, competing with enterprise competitors to service SMB tier-1 security needs, and it is all made possible due to emerging services and technologies (physical and virtual) that are readily available to SPs, but which are outside the scope of SMB resource availability.
Globally the business case for delivering flexible security solutions dedicated to the SMBs is hard to ignore and with the right partner, SPs can easily deliver and deploy these solutions. To learn more about the cybersecurity challenges SMBs face, read our LightSEC Managed Cyber Security Innovation brochure.