Friday, July 19, 2024

The Number of MSPs Offering Virtual CISO Services Will Grow Fivefold By Next Year: Cynomi Study

Cynomi, the leading AI-powered virtual Chief Information Security Officer (vCISO) platform vendor for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and consulting firms, has published the results of its first annual report, “The State of the Virtual CISO 2023”. The report, conducted by Global Surveys on behalf of Cynomi, reveals critical insights into MSPs and MSSPs’ recent shift towards vCISO services. 

The report’s key highlight is that the number of vCISO service providers is set to increase by 480% between now and the end of next year, from 19% to 86% of MSPs and MSSPs in North America. Of the current 19% that provide vCISO services, just one quarter offered vCISO services before 2022. This demonstrates the significant adoption trend over the last two years that shows no signs of slowing down.

Source: Cynomi 

The frequency of cyberattacks is on the rise, and hackers are continually targeting smaller businesses. Despite this, most small and mid-size companies cannot afford to hire a dedicated security professional to safeguard their IT assets full-time. Instead, they are increasingly turning to vCISO services, offered by rising numbers of MSPs and MSSPs. These services give SMBs access to external cybersecurity experts at a fraction of the cost of hiring an in-house CISO. 

Cynomi’s report, based on survey responses from 200 Directors, VPs and C-Suite executives at MSPs/MSSPs in the U.S. and Canada, highlights the growing SMB need for the broad cyber support vCISO services provide and how MSPs and MSSPs are moving quickly to respond to this demand. Of those not currently offering vCISO services, 84% have said they intend to do so by the end of 2024 and most of the others plan to do so at some point. 

Indeed, just one percent of the 200 MSPs and MSSPs surveyed said they do not currently plan to offer vCISO services. Before 2022, only 5% of MSPs and MSSPs offered vCISO services.

Since then, the number of providers offering this service has grown consistently, with 8% in 2022, 28% in 2023, and a projected 45% in 2024 – further evidence of the segment’s accelerating momentum. 

“Our inaugural report on the State of the Virtual CISO industry clearly shows that vCISO services are building strong momentum as one of the fastest-growing cybersecurity segments on offer,” said David Primor, co-founder and CEO of Cynomi. “More SMBs want this. The vast majority of MSPs and MSSPs will be offering vCISO services by the end of next year, and those that don’t risk being left behind.”

MSPs and MSSPs stated several reasons for their desire to offer vCISO services, with more than 40% of respondents anticipating increased revenue and higher margins and easy upsell of other cybersecurity services. By offering vCISO services, 33% of respondents also expect enhanced client engagement. 

Many of these businesses also foresee difficulties along the way: 33% of them are concerned about a lack of skilled cybersecurity personnel, and 40% are concerned about limited internal security or compliance knowledge. However, vCISO platforms negate these concerns.

“Since we started offering vCISO services last year, we have helped many businesses understand and shore up their security posture in a very cost-effective way,” said Cliff Janzen, VP Security, rSolutions Corporation. “As a vCISO provider, we have become more involved with our customers’ strategic planning and reporting to their top management, while improving client engagement and satisfaction.

They’re reassured to know they can turn to us in all matters relating to their cybersecurity needs without breaking the bank. On our end, too, the costs were lower than anticipated; it was great to add these new services through a vCISO platform to be a force multiplier for our existing team.”

Cynomi has created a comprehensive and regularly updated directory of leading vCISO service providers for SMBs to find a trusted security partner. The directory provides thorough details on the specific services each vCISO provider offers and the technology platforms they use to guide and implement their security strategies.

As the leading vCISO platform provider for MSPs and MSSPs, Cynomi intends to conduct a recurring study on the growing momentum of the vCISO role each year. To view the full report:

About Cynomi

Cynomi’s AI-driven platform empowers MSSPs, MSPs, and consultancies to offer vCISO services to SMBs at scale and to provide them with proactive cyber resilience. Combining proprietary AI algorithms with CISO-level knowledge and expertise, Cynomi’s platform streamlines the vCISO’s work while automating manual time-consuming tasks like risk assessment, compliance readiness, cyber posture reporting, the creation of tailored security policies and remediation plans, as well as task management optimization.  

Cynomi helps partners overcome the cybersecurity skill gap and scale their businesses, allowing them to offer new services, upsell, and increase revenues while reducing operational costs. Established in 2020 with the vision that every company deserves a CISO and with a channel-only approach, Cynomi now serves more than 50 partners worldwide. 

To learn more about Cynomi’s solution for MSPs, MSSPs, and cyber consultancies, visit   

Contact: Rotem Shemesh, Cynomi VP of Marketing, [email protected].


Latest articles

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,'...

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users,...

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have...

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles