Organizations of all sizes across industries are adding complexity to their networks as they undergo digital transformation. Cloud-based services, multi-cloud environments, and increased reliance on the IoT bring challenges such as reduced visibility, complicated integrations, and new attack vectors to your customers' networks. Consequently, they oftentimes do not have the security infrastructure or personnel to keep up.

The cybersecurity skills gap exacerbates the security implications inherent in digital transformation, as IT teams cannot find, or are priced out of hiring, IT security professionals in this increasingly competitive market.

As a result, many organizations are now turning to Managed Security Services Providers (MSSPs). MSSPs offer security services to monitor systems using high-availability security operations centers (SOCs) to reduce resource expenditure for their customers. Common security services include intrusion detection, vulnerability scanning, intrusion prevention and anti-malware services.

The Opportunity That Exists for MSSPs

Rather than devoting extensive resources to build out security teams and SOCs in house, MSSPs allow organizations to reduce upfront CapEx, subscribing to security services on a monthly basis using OpEx funds. MSSPs provide organizations with the tools, configuration and expertise required to secure modern networks-minimizing the effects of the cybersecurity skills gap.

This broad shift to services-oriented business models has created a wealth of opportunities for partner organizations such as VARs and MSPs. The MSSP market is predicted to grow to$31.9 billion by the end of the year with a CAGR of 17.3%. Resale margins, however, are expected to decline.

To this end, many MSPs and VARs seek to update their offerings to become MSSPs. More than just offering managed firewall services, partners who seek to increase their market share and remain competitive must offer comprehensive security management through a well-maintained SOC. This is where many partners run into issues on the road to becoming an MSSP. Setting up a SOC can act as a major barrier to entry into the services arena as it requires advanced SOC and SIEM expertise and considerable capital investment.

SOC Lifecycle Strategy

To assist our partners in evolving their MSSP offerings, Fortinet has developed the SOC Lifecycle Strategy, which offers programs and assistance in the progression from VARs or MSPs to visionary MSSPs. A visionary MSSP offers services to its customers with an established SOC, focusing on business outcomes through innovations in AI, data-analytics, multi-tenant automation and automated response.

The SOC Lifecycle comprises four phases. Our partners follow a structured path along each phase until they graduate to a mature and profitable MSSP, able to grow their market share and maintain effective security posture across multiple client networks. These phases include:

• MSS 1.0 -Services Creation: This is the first phase of the SOC lifecycle. Here, the VAR or MSP begins to build out security service offerings for its clients, leveraging different aspects of the Security Fabric. To do this, VARs/ MSPs leverage OpEx offerings to keep cash liquid and improve their time to market. These include services such as hardware as a service (HWaaS) and FortiCloud multi-tenant management services. At this stage, partner services are largely reactive rather than proactive, with minimal SOC or SIEM experience and developing an incident response plan.
• MSS 2.0 -Outsourced SOC: Once service offerings have been established, the next step on the path to becoming a visionary MSSP is to begin providing SIEM and SOC services in a 7