Rethinking Cyber Security Strategies: The Role of VARs

As SaaS moves to the mainstream across industries, cyber security concerns have pushed the cybersecurity sector to evolve faster than ever before. Many cyber security firms are racing to convert from on-premises to SaaS-based delivery models and have shifted their focus from new business growth to annual recurring revenue (ARR) growth.

Although SaaS solutions are easy to adopt and roll out, they’re also easy to leave so it’s imperative that you ensure services are in line with user’s current needs and implement tactics to keep existing customers. This has led cybersecurity vendors to rethink their strategies and pivot their priorities to become more service-oriented. More cybersecurity companies have started to add pre- and post-sale services to ensure their customers see tangible value in their products immediately.. More cyber security companies have started adding pre- and post-sale services to ensure customers see tangible value in their products immediately.

Cybersecurity resellers provide value in three areas: Bringing customers closer to cybersecurity vendors and helping them sell better and faster, deploying and migrating solutions, and managing and monitoring deployed solutions.

Value-Added Resellers (VARs) play an important role in the IT industry because they provide additional services that enhance existing products and deliver turnkey solutions that are ready-to-use and customized to their client’s needs. VARs offer significant value to businesses when during the selection and implementation process by helping to clarify functional requirements, identify software solutions, implement those solutions efficiently, and facilitate enablement and training. They can also help businesses create unique custom reports that empower management to make more informed business decisions. The value of VARs is high, and leveraging their services can shave weeks, months, and even years off any software implementation.

Five Ways VARs Can Reinvent Their Roles

To thrive in a world where there are now cost-effective and ready-made solutions that require no maintenance, the role of cybersecurity resellers and VARs must change. Here are five ways VARs can reinvent their roles to put the “value” back in VAR:

1. High-end Security Assessors: Sales methods are changing for cybersecurity resellers. Instead of showcasing solution features to customers and doing a proof of concept, it’s now more about finding security gaps and assisting customers in identifying the products and services they need to bridge those gaps. You’ll want to offer red teaming, incident response, and advanced cloud security posture management to help customers spot security risks, uncover and address gaps in their defenses, and prioritize future security investments.

2. Integrators: Cybersecurity resellers will want to focus on providing an application programming interface (API) that enables companies to open their applications’ data and functionalities to external third-party developers, business partners, and internal departments. This helps accelerate innovation and improves efficiency through external development and collaboration. Many enterprise customers are trying to build up their own security operations centers (SOCs), data lakes, and data analytics capabilities. They have many solutions to choose from, but to make them work in their environment with their current applications (that are often home-grown), they need partners who can develop APIs and integrate them to work together.

3. Customer Success Accelerators: This type of cybersecurity reseller helps vendors deliver comprehensive customer success services seamlessly, efficiently, and cost-effectively. Customer success partners exclusively manage the customer experience for vendors. From customer onboarding (e.g., deployment and migration), to customer service (e.g., troubleshooting and incident support), and to the expansion of solutions (e.g., health check-ups and scoring), partnersneed to manage the entire life cycle of their customers so that they continue to see value in the product. In this way, customers not only renew solutions but buy more as well.

4. Hybrid Cloud Consolidators and Optimizers: These cybersecurity resellers assist with cloud deployment and managing high-end cloud services. To this end, they deploy new tools that automate various tasks in the cloud to remove repetition, inefficiencies, and errors that are inherent in manual processes to help reduce costs. Having partners that manage costs across hybrid cloud consumption by automating tools that optimize the usage of various cloud platforms todeliver better value is going to be vital for cloud service partners.

5. SOC-as-a-Service Partners: Cybersecurity resellers that offer SOC services have been around for many years, but now their role is changing. They’re no longer just responsible for managing endpoints and server events and sending alerts to security or infrastructure teams. Vendors that offer XDR (i.e., extended detection and response) will invest more into next-generation managed security service providers who have high-end SOC capabilities. These capabilities include automated detection and response capabilities (coming from security orchestration, automation, and response(SOAR)), the ability tomanage all cybersecurity-related events and delivering response capabilities in near real time.

VARs as Holistic Cybersecurity Reseller Providers

 VARs are realizing that, for them to remain relevant, they need to lean heavily on the “value-added” side of the equation. More customers are looking to make their own decisions about what products are most appropriate for their environment, and vendors are implementing some elements of the product-led approach, thus making it easier for customers to evaluate and buy their own products without having to involve third parties. All this forces VARs to develop strategic capabilities, challenge consulting forms, and acquire technical capabilities to help them play the role traditionally performed by system integrators. This transformation enables savvy VARs to become holistic security consultancies. This is a type of cyber security reseller that’s- capable of managing entire strategies, not just one or two problems. A trend that VARs should see as a wake up call is the advent of cloud marketplaces; AWS, Microsoft Azure, Google Cloud,  and the pressure from marketplaces that force VARs to accept even smaller margins than they already deal with.

The Future of Cyber Security Resellers and Service Providers

As the digital landscape continues to evolve, the future of cybersecurity resellers and service providers will be shaped by multiple trends and challenges, including:

  • Increased numbers of cyberthreats within organizations
  • More emphasis on safeguarding cloud computing
  • Integration of machine learning and AI into cybersecurity solutions
  • More demand for managed services
  • Need for cybersecurity training and awareness

With more data constantly being added by organizations and a higher number of bad actors that can find vulnerabilities in that data, VARs who partner with customers can create a stronger network of trust and optimal results for businesses of all sizes.

A Collaborative Approach With Consultancies

More organizations are realizing that the process of securing their company from increasing cyberthreats is more nuanced than just finding the best tool. Cybersecurity is now seen as a process rather than a feature, and customers are looking for solutions to their problems rather than just the best product. These shifts naturally push cybersecurity resellers to evolve, since it’s no longer enough to offer a catalogue of tools that feature volume discounts. Instead, companies expect to have cyberecurity resellers understand the specific problems they’re trying to solve. Informed with that understanding, they then want help choosing the best security infrastructure components for their specific environment. This understanding and a consulting-esque component of product selection are what constitutes the “value-add” in VAR. Today, in most cases when we talk about cybersecurity resellers, we are referring to VARs, and vice versa.

VARs now act more like brokers. While they may have deals with specific cybersecurity vendors, they are still expected to represent the customer. The goal of a VAR is to help the customer make sense of the cybersecurity problems they’re facing and bring the right vendors that can integrate well andand help them navigate the buying process both from the technical sideand deal negotiation side. Because these VARs have established relationships with cybersecurity vendors, act as cybersecurity resellers, and because they bring high sales volume, they possess much stronger leverage to get the best pricing arrangement than any individual customer would.

Whether or not a customer has been engaging with a consultant will impact the scope of services a VAR is expected to provide. If there is already a cybersecurity strategy in place, the reseller would often be working with both the consulting firm and the customer to support them from a product selection standpoint. If, however, the customer came to the cybersecurity reseller directly, the reseller’s “value added” role may become broader. Sometimes, a customer may come to the VAR asking, “I have a network security problem. What should I be looking at and how should I be thinking about the technology to help solve this problem?”The reseller could then say: “Let’s refine our understanding of the problem, look at available options, and make the decision together”.

The Integral Role of Partner Ecosystems

Overall, the entire partner ecosystem is becoming more important than ever, and channel partners are critical since no company can reach millions of businesses on its own. Establishing and maintaining relationships that span countries, languages, time zones, and industries is not feasible without relying on partner networks.

Typical channel cybersecurity resellers and service providers are:

  • Strategy consultants that help companies establish and manage their security strategy.
  • Resellers/VARs that help companies select vendors so a security strategy can be implemented.
  • Integrators who decompose a strategy into separate projects, bring experienced engineers and architects to handle the technical implementation of security solutions, and tailor technical capabilities to solve customer problems.
  • Managed security service providers (MSSPs) and managed detection and response services (MDRs) take care of the ongoing security management, custom detection work, monitoring, and support.

Surviving the Competitive Market: Becoming Trusted Advisors

As cybersecurity becomes increasingly more complex and technical, it’s no longer realistic that someone with only a theoretical understanding of security can develop a comprehensive cyber defensde strategy. While some applications will stay on-premises, the transition to SaaS means that tools and configurations that previously needed months of development can now be provisioned and deployed in a relatively short amount of time. The adoption of everything-as-code is making it even easier to transfer configurations from one environment to another. Since the integration work that previously took two to three years to complete can now be done within about four months, system integrators are now forced to either increase volume or diversify their services. Acquiring more customers in today’s competitive environment is harder than retaining existing ones, so all forms of cybersecurity resellers are actively turning into holistic cybersecurity reseller providers as well.

The VAR model is transforming into a cybersecurity reseller, and those who want to remain in the game five to ten years from now need to pivot their business models from just selling someone else’s products to selling security expertise. Plus, the more cybersecurity matures as an industry, the more different types of so-called “channels” are now blending into one. Customers are looking for one-stop solutions that are offered by cybersecurity reseller providers that are both strategic and deeply technical, and able to operate with them across their entire security lifecycle.

In the future, cybersecurity resellers and service providers who have survived the competitive market will be seen as trusted advisors. They will have to add value  by understanding the business, the risks in their customer’s environment, and establishing systems and processes including custom threat detection to address the unique risks of the organizations they serve.

Veeam’s Approach to Cybersecurity and the Value-Added Reseller (VVAR) Program

Veeam’s investment in SaaS technology, Microsoft 365, and Salesforce provides partners with unparalleled up-sell and cross-sell opportunities that help VVARs grow their business and stay at the forefront of the digital landscape.

The Veeam Competency Program allows partners to be more well-versed in specialized areas, including cybersecurity, and raises their profile among prospects. See how ProPartners have benefited from increasing their competency in regions such as  AMER, EMEA, or APJ. Veeam ProPartners, as part of  our ProPartner Network, can also take advantage of VeeamIQ to receive the latest training and certifications on a wide range of relevant industry challenges.

Cyberthreats are always evolving, as are the most up-to-date approaches to achieve cyber resiliency. Veeam’s Value Added Resellers (VARs) Program evolves and modernizes constantly to provide partners with the latest tools and resources and help them address their customers’ most pressing needs and achieve the best outcomes.

Related Resources

Similar Blog Posts
Business | July 4, 2024
Technical | June 14, 2024
Business | June 13, 2024
Stay up to date on the latest tips and news
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam’s Privacy Policy
You're all set!
Watch your inbox for our weekly blog updates.