Cybersecurity VARs struggle for growth and profits

Latest CRN Essential report tracks the financial performance of the 15 largest cybersecurity VARs and MSSPs on our radar, as well as how the threat landscape they face is shifting

Massive data breaches such as those at Facebook and BA, as well as the advent of GDPR, kept cybersecurity at the top of the CIO agenda last year.

Despite this, the UK's leading boutique cybersecurity VARs and MSSPs experienced mixed fortunes in their most recent financial years, with six of the 15 firms we track stumbling to a net loss and four seeing revenues roll backwards, according to the latest CRN Essential report.

Available exclusively to subscribers of CRN Essential, the 2019 Cybersecurity Provider Report shines a light on the trends at play in the cybersecurity channel, examining growth, profitability and wage trends among the leading players, as well as how the threat landscape they help clients combat is evolving.

Among CRN's VAR 300, which tracks the top 300 UK VARs, MSPs and consultancies on our radar by revenue, some 15 are cybersecurity specialists, and we have broken out their profiles (where applicable updating them), as well as assessing their growth, profits and wages collectively. Firms profiled include NCC Group, SecureData, NTT Security, SecureLink and ITC Global Security.

A new threat intelligence digest section of the report, meanwhile, looks at the major themes that emerge from recently released threat intelligence reports from four key vendors, namely Symantec, Webroot, Trend Micro and FireEye.

Although each of the vendors pick up on different themes, there is broad agreement that the ransomware epidemic that plagued the world in 2016 and 2017 was brought to heel last year and that malware in general was at lower levels. Despite this, the revival of old-school social engineering techniques such as phishing, and appearance of new threats such as formjacking, meant the good guys didn't have it all their own way…

According to Gartner, worldwide spending on information security products and services was set to hit $114bn (£86.6bn) in 2018, up 12.4 per cent on 2017, before rising a further 8.7 per cent in 2019 to reach $124bn

Gartner pinpointed an increased focus on building detection and response capabilities, the need to address digital business risks, and privacy regulations such as GDPR as the main drivers. Regarding the latter, at least 30 per cent of organisations will spend on GDPR-related consulting and implementation services through 2019, the market watcher predicted.

But this buoyant backdrop didn't necessarily translate into higher revenues and profits for the specialist cybersecurity VARs and MSSPs featured in this report. As a group, the top 15 providers saw revenues grow by a modest 3.6 per cent to £533m, well below the 12 per cent rate of growth of the wider CRN VAR 300.

CRN Essential subscribers can read the full report here.