In the last week, CPI has met with two security vendor giants who, independently, expressed much the same observation - security services partners need to be clearer about who they are, and what they do.
SonicWall's CEO this week had this to say about the continuum between MSPs and MSSPs.
"I think there's an identity crisis for sure. And all you need to do is get in front of my partner group, and ask: ‘how many of you are MSSPs?' And everyone raises their hand.
"Everybody is saying they are but somehow I've got a feeling that only a quarter are in the literal sense.
"That's okay. They just need to know there's a path. And I need to be able to assess if that's a real path or an aspirational path. Because there's a difference, and a lot of them don't carry a whole platform today, or know how to operationalise that as a service."
WatchGuard's global channel boss, Mark Romano, also communicated that his channel strategy was being affected by the question of identity among his partners.
"MSSPs have to be much more focused. They have to be a little more selective in the customers they go after to make it cost effective. Whereas most of our partners want to ensure they're in the managed services space because it allows them to service that broader market... There's a choice to be made."
It leads to the obvious question: do partners see themselves in the midst of an identity crisis?
CPI put this to partners at various stages of their managed services play: an MSP, a reseller, a software asset management partner and a security systems integrator. What do they make of this?
Getting through the door
Wales-based MSP Circle IT happens to be a SonicWall partner.
Its CEO Roger Harry admitted that talking up additional security capabilities can help partners "get through the door".
"I think he [SonicWall CEO, Bill Conner] has got a good point, because I think a lot of managed service providers believe that having a security focus makes you more attractive in the market. Having security features is going to be one of those things that you really want to give a shout about," he said.
However, he said that even for the plethora of partners who describe themselves security-focused, what that actually means for each organisation is very different, whether it's primarily a firewall or other layers including monitoring.
The European director of technology for US security systems integrator giant Optiv, Andrzej Kawalec, agrees that there is what he would describe as "a definite identity crisis".
From his perspective, customers are increasingly becoming more aware that they need to "get a handle" on security requirements, leading some partners to overreach on their marketing in order to grab their attention.
His advice is to look at the bigger picture and take the view that adding clarity to the confusion in the security space is a better bet than adding to the confusion.
"I genuinely think customers are as confused and as distracted by the operational challenge as all of the vendors on the other side struggling to find a niche. And that's why we see this fracture.
"The danger is that we default back to defining the services through a technology lens. And we lean on a veneer of AI or orchestration or automation; we don't focus on what the business or operational outcome is for customer. That will be the trick and the pivot that people need to take," he said.
Vendors, look to yourselves
The chief technologist of top UK reseller, Softcat, Adam Louca, takes a very different view.
His primary takeaway is that vendors should look to themselves.
"Fundamentally, as resellers, we own those customer relationships. We know what customers are asking for.
"However, I would challenge that if vendors think that somehow we are faking it, it is being led by how vendor commerciality is changing," Louca said.
He added that as a channel, it's the job of partners to add additional service lines to their business.
"The vendors are changing their rebate models, and their commissioning models to really reflect partners who are adding services value specifically, as opposed to people who are just providing transactional services.
"So, I would say to vendors that, if they see partners pushing to do something else, they have to kind of wonder where those drivers are coming from."
Meanwhile, Rune Syversen, the CEO of licencing heavyweight Crayon, went as far as saying that vendors have "missed the train" on channel developments.
"It's part of the evolution of the channel that security has to be imbedded in everything. The reality is that I would be interested, and surprised, if people didn't say that they were adding more security layers."
Syversen added that his firm would not have been considered a security player just a few years ago, but has now made "major investments" to become one.
He says this change has been driven by the move to the cloud.
"We have to go to security; and you should be thinking about this. I think everyone is conscious about it and moving in that direction."
Syversen also mused that perhaps security vendors are being too inflexible in how they label partners.
"I think to some extent security is not being commoditised in the right ways. And I think it is something that everyone has to be concerned about."
Security services: in the ‘awkward teenage years'
Harry from Circle IT ended by emphasising that the move from MSP to MSSP is significant, and should not be underestimated by the channel.
"It's a big offering to take it up to that next level [as an MSSP]. But it all comes down to what you talk about and what you can actually deliver from a security perspective."
Optiv's Kawalec added that he sees a fracture happening in in security, with the partners demonstrating varying levels of maturity.
"Security as a defined segment is only about 15 years old. If you follow the same growth maturity curve as general IT outsourcing, managed security services is still very much an awkward teenager.
"If you think about how large scale IT services are now delivered, it's very much around a clear understanding of how you deliver an outcome for your customer's clear and understood KPIs, and IT service levels, rather than the confused landscape we see today."
His advice: "As new technologies develop, don't try to constantly define yourself ‘as the next cool thing'."
"If there's one golden rule around IT outsourcing, it's don't outsource something you don't understand, even as a partner."
Some say performance, others say money but it may be systems and processes that carry the day
Cheryl Cook responds to claims from competitor that legacy vendors aren't investing enough in innovation and how it plans to adapt to an evolving server market
Distributor's head count moves past 400 with latest buyout
Vendor appoints two co-CEOs as long-time leader steps down