This is a summary of an article written for MSSP Alert by Stephan Tallent, Sr. Director, MSSP & Service Enablement at Fortinet. The entire article can be accessed here.
Many organizations undergoing digital transformation do not have the security infrastructure or personnel in place to adequately defend against sophisticated threats. As a result, more organizations are increasingly turning to MSSPs to help them manage their cybersecurity. While this trend presents an opportunity for service providers to grow their business, transitioning to an MSSP can be a resource-intensive task.
To begin, providing specialized security services requires access to a comprehensive Security Operations Center (SOC). The problem for service providers looking to transition into MSSPs is that building a SOC requires a substantial initial investment and ongoing monetary support.
Fortinet developed the SOC Lifecycle Strategy to help those partners who want to evolve their security services and become visionary MSSPs. The SOC Lifecycle Strategy is comprised of four phases that each focus on assisting partners in developing the skills and infrastructure needed to offer scalable and profitable customer-focused services. In doing so, partners can bypass barriers to entry, such as cost, and build security operations without exceeding their internal capabilities.
During phase one of the SOC Lifecycle, partners begin to build out their security services by leveraging different aspects of the Fortinet Security Fabric. By providing OpEx services, such as hardware as a service (HWaaS) and FortiCloud multi-tenant solutions, partners can offer SECaaS solutions as part of their service portfolios. This allows them to keep cash liquid while improving time to market. At this stage, partners also begin to train their sales teams to identify new revenue streams through the use of on-demand managed security services sales training videos.
Once service offerings have been established, the next step in becoming a visionary MSSP is to begin providing Security Incident and Event Management (SIEM) and SOC services to customers. Because partners often have limited resources at this point in the SOC Lifecycle, Fortinet can align them with SOC Authorized Partners so that they can outsource their SOC capabilities. This allows partners to offer SOC services to customers even if they do not have an established security operations center in place. Outsourcing these capabilities also helps partners develop the infrastructure needed for future large-scale deployments.
By phase three of the SOC Lifecycle, partners will have become mature MSSPs that can conduct SOC operations almost entirely in-house. The focus for partners at this point shifts to expanding their service portfolios and improving their SIEM capabilities. By leveraging FortiSIEM, MSSPs can reduce complexity when managing network and security operations, freeing up resources and improving their breach detection capabilities. As the scale of customer deployments grows, automation will also become a necessity. With the help of Fortinet’s engineering team, partners can build out Managed Detection and Response (MDR) offerings while also beginning to automate mundane functions using API-based tools.
During this phase, partners also begin to grow their internal SOC teams leveraging training from the Fortinet NSE Training Institute's Network Security Academy. Additionally, they can recruit talent through the Fortinet Veterans Program (FortiVet), which is designed to facilitate the transition of military veterans into the cybersecurity industry by providing professional networking, mentoring, and training opportunities.
At this final stage of the SOC Lifecycle Strategy, partners will have fully established SOC teams in place and are evolving into being visionary MSSPs. Partners should have the infrastructure needed to deliver threat lifecycle management and protect customers from attack vectors with solutions that operate at machine speeds. By leveraging the security automation, orchestration, and response (SOAR) capabilities of FortiSOAR, partners can better address the challenges that come with protecting networks from sophisticated cyberattacks.
During this stage, Fortinet’s engineering team helps partners incorporate Incident Response and DevSecOps capabilities into their service portfolios so that they can deliver expanded support to customers as their networks evolve. MSSP partners also gain access to the Fortinet Developer Network, a subscription-based community built to help administrators and developers enhance and increase the effectiveness of their Fortinet products.
Through the Fortinet MSSP Partner program, partners receive business development assistance so they can create a path to service expertise and drive customer demand. Fortinet MSSP Partners also have access to MSSP engineers who provide guidance on strategy development and security deployments so they can ensure ongoing profitability, regardless of their size or maturity level.
Fortinet’s SOC Lifecycle Strategy prepares partners to take advantage of the growing MSSP market by significantly lowering the barriers to service profitability. With access to Fortinet’s full catalog of security solutions, partners can provide SOC capabilities and deliver customized security services with minimal capital investment. This enables partners to quickly adapt to the evolving threat landscape and provide maximum value to their customers. With Fortinet’s, partners have access to all of the tools they need to become visionary MSSPs.
Find out how FortiSOAR enables SOC teams to accelerate incident response, unify operations, and eliminate alert fatigue.
Current partners can visit the Partner Portal to find important updates from Fortinet and our partner program.