“ Let ' s just say they get 10 customers that are willing to have them monitor another third-party SaaS application for an additional
$ 200 a month – that ' s an additional $ 2,000 a month in monthly recurring revenue ” – Jim Lippie
How Does CDR Differ From Other Detection And Response Tools ?
Managed detection and response ( MDR ), endpoint detection and response ( EDR ), and extended detection and response ( XDR ) solutions are important , Lippie says , but “ they tend to focus on the threats of yesteryear as opposed to most of the threats that are happening today , which are coming from cloud-based attacks or through cloud-based applications . And the average EDR , while necessary , is really focused on devices and networks . We ' re focused on securing the user .”
CDR is a relatively new category that started in the enterprise , and like other IT trends , has been moving down to the SMB space , Lippie says .
A variety of tools and solutions offer some elements of CDR , such as CASB ( cloud access security broker ), SASE ( secure access service edge ), SIEM ( security information and event management ), SOAR ( security orchestration , automation , and response ), CWPP ( cloud workload protection platform ) and CNAPP ( cloud-native application protection platform ).
However , even the Cloud Security Alliance noted that “ manual audits and CASB are not enough to protect companies from SaaS security incidents .”
“ The reality is that there are people that do pieces of what we do , but no one does the entire platform ,” Lippie says .
He adds , “ There are companies that will specifically do 365 configuration management , but that ' s the only piece that they do . There are people that will do the real-time monitoring and alerting of SaaS . And then there are folks that through a SOC will remediate based on what they find . We ' re the only ones right now in the MSP ecosystem that will do all of it plus — and this is a really important piece — protecting the MSP ’ s tools themselves .”
Why CDR Is The Next Frontier For MSPs
With some traditional revenue sources drying up , MSPs have an opportunity to bundles services around CDR . “ The professional service projects and product sales , which have always been a component of the economic story for MSP , are in decline ,” Lippie says . “ MSPs need to start figuring out how they ' re going to backfill some of that lost revenue , and I believe that it ' s through the ability to monitor additional third-party SAS applications .”
Lippie outlines what he calls “ SaaSenomics ” for MSPs . “ They should be getting 75 % gross margins if they ' re doing this the right way .”
The core principle is the ability to increase your MRR by properly securing cloud-based applications . There are three components . First is to properly secure SMBs ’ Google Workspace or Microsoft 365 . Next is to monitor their other third-party apps like Dropbox , Slack , Duo , Octa , or AWS .
“ Let ' s just say they get 10 customers that are willing to have them monitor another third-party SaaS application for an additional $ 200 a month ,” Lippie says . “ That ' s an additional $ 2,000 a month in monthly recurring revenue .”
The third component is a security protection plan , he says . “ The MSP can go to their customers say , ' Look , you pay us an extra $ 1,000 a month for a protection plan , so $ 12,000 a year , and no matter what happens , we ' ve got you covered .'”
With the SaaS Alerts platform , Lippie says the MSP mitigates their own labor risk because data is retained for a year . “ You can go back from a forensic standpoint and look at all the data that led up to that specific compromise .”
Embrace The Future
Lippie says it ’ s time for MSPs to start thinking differently . “ Think more about what the customer deals with every single day and the applications they use and the use cases , as opposed to what the MSPs have always done ,” he stresses .
The transition to cloud has been underway for a while now and Lippie says MSPs need to adapt their solutions to win on the transition .
“ MSPs need to understand where the threats are coming from and prioritize what is going to take down my customer . What are the highest probable threats and how do I start mitigating those threats ? When you start thinking that way , it ' s inevitable that you come back to cloud detection and response .”
Colleen Frye is Executive Editor of MSP Success . A veteran of the B2B publishing industry , she has been covering the channel for the last 17 years , most recently as managing editor of ChannelPro . Her work has been published in a variety of media , including TechTarget sites , InfoSecurity Professional magazine , and Application Development Trends .
MSPSUCCESS . COM | 21