In the Third Age of the MSP, adaptability is key — those who evolve fastest will lead.
Amid all the hype around the latest version of the AI bubble, there’s been a quiet upheaval in the way that Managed Service Providers (MSPs) operate. We’re entering the Third Age of the MSP, and, just like the previous two eras, successful organisations will be those that adapt the fastest to deliver better results for their customers. Let me explain.
It’s becoming increasingly clear that several factors – not just AI – are conspiring to produce fresh opportunities for MSPs. We’ve seen a number of innovations sweep through our MSP partners that apply, not just to our security-minded focus, but to the wider MSP ecosystem.
This is a big deal because there are tens of thousands of MSPs out there. They stand between complex, costly IT vendors and customers, ensuring the end user gets what they need. Any change to how this works has a huge effect on the rest of the ecosystem, and MSPs are on the cusp of massive change.
MSPs are no stranger to change, of course: it’s in their blood. New technologies and new business models arrive that shake up their - and their customers’ - business models, and more often than not these changes are positive, not negative.
The MSP Trinity: Scale, Reach, Automation
Successful Managed Service Providers have always looked to three things to make themselves useful to their customers:
- They provide an economy of scale to customers that don’t have the resources to do something themselves – be that cash, expertise or systems
- They deliver services remotely to more than one customer
- They use automation to provide services that outscale their resources
As the complexity of IT increases, so does the power of these three factors. The third age of MSPs – MSP 3.0, if you will – turbocharges these factors, representing a fundamental shift (yet again) in how Managed Service Providers do their work and deliver value to their customers.
A quick history lesson
In the 1980s, early MSPs were actually system builders, selling and maintain computers for businesses that couldn’t manage what was then a daunting technical task. Some sold access to timesharing systems, providing smaller enterprises with access to big-ticket mainframe capabilities. In the 90s, the advent of data networking and the internet allowed system builders to manage customers’ IT remotely. This key change allowed MSPs to go from break/fix providers to organisations that proactively monitored their customers’ systems for problems.
At the turn of the century, MSPs really started to come into their own, with businesses actively seeking out the force multipliers of cloud-based computing and applications, managed cyber security and IT automation.
From around 2010 to the present, MSPs continued their evolution, becoming strategic business partners – a long way from the technicians that fixed broken desktop PCs.
The three ages of MSPs
The above description sounds like a seamless journey toward tech utopia, but anyone who was around at the time will be happy to correct that impression.
The future might well be here already, so the saying goes, but it’s unevenly distributed, and more than one MSP got it slightly (or even very) wrong along the way, even if they did everything right. It’s highly likely that, if you work for or are a customer of an MSP, you’ll see a real mix of signals from what follows; many MSPs are already doing some of the things a third-gen provider does – but more on that later.
MSP 1.0
The first gen MSP managed technology, not strategy. Their role was largely reactive – fixing hardware, network and software problems as they arose. In these early days, the ability to keep PCs running was something that could be used to turn a profit.
MSP 2.0
The next step for many organisations was to go beyond break/fix and start working with customers as a strategic business partner. That meant things like proactive consulting, cloud adoption, cybersecurity provision and business process automation. This wasn’t a one-and-done change, by the way; each MSP picked up different innovations at different times, but all the successful ones became trusted advisors, proposing changes to their customers’ systems that opened up opportunities or created efficiencies.
Defining MSP 3.0
The current third evolution of the Managed Service Provider model has two things at its core: Strategic enablement of customer organisations, and an imperative to automate many functions practised by MSPs and their customers. This fits with the core tenets we described earlier: Providing an economy of scale, delivering services remotely and using smart tools instead of headcount to provide services at scale.
All change – and it’s not all AI
Central to the current automation drive is Artificial Intelligence, but it’s only one part of a wider sea-change.
MSPs have an opportunity to become AI Orchestrators for their customers, helping these business integrate AI tooling and automation into their workflows. This includes offering various flavours of AI as a Service alongside their existing offerings.
MSP 3.0 also means automating service delivery using DevOps principles to iteratively improve automated IT service management, further honing the MSP’s proposition
This automation also extends to cybersecurity, and canny MSPs are using automation to scale up the cyber security capability they can bring to bear to protect customers.
Finally, MSP 3.0 organisations also look to move beyond IT support into strategic business consulting. Digital Transformation was a training ground for many MSPs looking to do this, and moving on to projects that ensure AI is adopted in as seamless and productive a manner as possible is a key offering.
The regulatory imperative
The imperative for many of these changes from the point of view of customers is increasingly rigorous cybersecurity and information security requirements mandated by law. The Network and Information Security (NIS) second Directive, GDPR and other legislation all have an impact on European organisations, and US guidance in the form of NIST CSF2 points to where individual States and regulatory agencies will implement their controls – examples include the latest update for the New York State Department of Financial Services’ Part 500 regulation, and the Department of Defence CMMC regulation.
MSP customers benefit from expert guidance on all of these – and in the case of the EU, local implementations of central regulations. While many of these regulations - a the guidance that goes with them – are intended to make compliance as painless and affordable as possible for organisations, the support and strategic guidance available from modern MSPs is invaluable, and a smart use of resources in many cases.
The complexities of administering systems in compliance with multiple laws, regulations and requirements, sometimes across multiple jurisdictions, creates a significant challenge for smaller organisations. MSPs are perfectly positioned to provide strategic advice, expertise and an economy of scale.
Built for the Future: Why smart MSPs are already halfway to 3.0
MSP 3.0 may feel familiar in parts, and that’s for a good reason: decent MSPs with strong prospects are already doing many things a next-generation MSP should do, even if they’re not doing all of it. As lifelong adherents to constant change, many MSPs are already adapting, upskilling and investing to make their third evolution as successful as its predecessors. MSP 3.0 is well within the abilities of a good MSP to build - especially with the help of a good partner or two.
Your MSP 3.0 Wingman: ESET’s role in the next evolution
Managed Service Providers (MSPs) must adapt what they do constantly to keep up with changing technologies, updating business models and the whims of customers.
Massive technological shifts, such as the advent of the latest AI evolution, are perfect opportunities for MSPs to exercise those three things they must do very, very well to remain relevant to customers: provide an economy of scale to allow smaller organisations to achieve enterprise-grade results, deliver services remotely and deliver at scale using automation. These three things are an MSP’s secret weapon in the race to reach the next stage of evolution.
A reminder that ESET is well-placed to help its MSP partners with many aspects of moving to MSP 3.0. Our company’s cybersecurity tools and services are already AI – powered, our threat detection already designed for automation. We’re excellent at managing tricky compliance challenges with our partners to the benefit of their customers, and ESET is also well-placed to future-proof the cyber security capabilities MSPs provide to their customers.
