Michael George, CEO, Continuum:
The MSP Market is Going to Be Dominated by the Top 20 Percent
The Pareto Principle suggests that 80 percent of the wealth is dominated by 20 percent of the market, and a combination of market forces has created the perfect storm for this to emerge in the managed services marketplace. By 2020, just 8,000 out of 40,000 MSPs in the United States will dominate most of the available revenue.
The first of these market forces is a reduction in the workforce of up to 40 percent due to retirement, as predicted by CompTIA, which could leave many providers without successors to lead the businesses and hamper growth.
Second is the trend of mass market consolidation through merger and acquisition, now that private equity firms and major office equipment dealers have realized the opportunity that awaits them by investing in or acquiring managed services businesses. That is likely to result in increasingly challenging environments for smaller players unable to seek an exit as their competition grows larger and stronger.
To prepare for these first two market forces, providers must reduce their reliance on increasingly scarce labor and focus instead on delivering valuable services to clients, efficiently. And, to compete in a consolidating marketplace, business owners should be taking a close and urgent look at their exit plan, whether through merger, acquisition, or scale.
Finally, the dominance of large-scale MSPs in the major metropolitan areas across five key verticals will make it difficult for smaller providers to compete. Unless they are established dominant players, providers should look at focusing on geographies outside the 107 metropolitan areas in the United States or the five verticals (financial services, healthcare, construction, non-profit and legal) to stand a chance of succeeding.
Every Business Will Be No More Than Two Degrees of Separation from a Major Cyber Attack
At this time in 2017, we predicted that security would be the number one reason why end-customers fire their providers, and today, that likelihood has only increased.
Sixty-one percent of small and medium businesses are now being hit by cyberattacks every year, and the average cost of a cyberattack has increased to $2.2 million, making it extremely difficult for businesses to recover. The sheer volume of cyberthreats that SMBs are experiencing has caused a substantial shift in their risk of being attacked—from minimal to material—meaning that no business is now more than two degrees of separation from a business that has been attacked. What’s more, the risk and potential damages associated with these attacks is also increasing—making it extremely difficult for SMBs to protect themselves.
The threat has moved from our news headlines into our business circles, prompting cybercrime to become ever-present in the minds of business owners. Practically every business owner has heard of colleagues and competitors being hit by ransomware and phishing attacks, putting their businesses at risk of annihilation.
MSPs can expect that every one of their clients will have one question on their minds: “how are you making sure this doesn’t happen to my business?”
Security Will Emerge as the Disruptive Force That Cloud Never Was
When cloud emerged as a groundbreaking technology in the early 2000s, MSPs were braced for a major disruption to business models and operations. Instead, cloud storage and computing blended into the market, leveraged for solutions that supported, rather than disrupted, those businesses.
As the dust settled from the cloud revolution, our industry has emerged stronger, because the technology made it easier to run our businesses. Security will not be as kind.
It will be harder to protect clients from the escalating threats, because cybercriminals are hitting them with greater force and smarter attacks.
It will be harder to discuss what clients are secured against, because outdated promises of antivirus and firewalls are causing them to operate under the assumption that they are protected against much more.
It will be harder to keep up with enterprise-grade security solutions, because MSPs simply cannot afford to hire and retain the teams of seasoned security professionals for which they are built.
And, it will be hardest of all for businesses to admit to end-clients that they’ve successfully been attacked, because their MSP failed to protect them.
If MSPs are to survive the disruption that security will bring to the industry, they need to be ready for the hard work ahead.
