2024 MSP State of SaaS Security Report Shows Cloud Vulnerabilities Exceed Ransomware as Top Customer Threat

MSPs with SaaS Alerts experienced fewer account compromises, generated higher annual MRR.

ALLENTOWN, PA — October 23, 2024 — SaaS Alerts, a cybersecurity company delivering an automated software-as-a-service (SaaS) security platform that enables managed service providers (MSPs) to detect and stop unauthorized activity in client SaaS applications, today announced the findings from its State of SaaS Security 2024 report.

Channel Mastered, a leading source of insights and services for building profitable MSP channels, conducted the report for SaaS Alerts, based on data from from 2,804 providers of IT services, including 724 users of SaaS Alerts software, in April and May of 2024. The findings reveal how the widespread use of SaaS applications has impacted MSPs both for better and for worse. 

 Among other key findings, the report shows that: 

•     Cloud vulnerabilities have surpassed ransomware on a long and growing list of cyber threats.
•     SaaS security is imposing time-consuming and expensive operational burdens on MSPs.
•     SaaS security is generating substantial amounts of incremental monthly recurring revenue.

Financial Impact of SaaS Applications

The rising use of SaaS applications by SMBs is affecting more than security for MSPs. It’s also disrupting their on-premises revenue streams. More than 30% of MSPs said they’ve been moderately impacted by the shift to software as a service and 22% have been significantly or extremely impacted.

However, many MSPs anticipate higher MRR this year when rolling out security applications, with 65% of the MSPs surveyed collecting at least $50,000 of incremental MRR last year from offering SaaS security solutions such as SaaS Alerts and 44% collecting at least $100,000.

Higher Operational Impact

Although SaaS security has been a source of fresh income for managed service providers, it’s also been a source of added operational expenses. Fully 45% of MSPs in the survey devote at least five hours a week to monitoring and managing SaaS security applications, and 20% dedicate at least 10 hours weekly. Policy configuration management and reporting were cited as being especially time-consuming.

 New Cloud Vulnerabilities

The survey identified cloud vulnerabilities as the third largest security threat end users face, comfortably ahead of ransomware. Nearly 40% of MSPs called cloud vulnerabilities one of the top security threats their clients face. Only phishing and business email compromise attacks scored as larger dangers. Since both threats involve SaaS email applications, they are arguably cloud vulnerabilities too.

MSPs armed with tools such as SaaS Alerts, designed specifically to address SaaS security challenges, experienced fewer account compromises, experienced higher annual MRR, and were more confident about their ability to keep clients secure.

“The report provides clear third-party validation; MSPs using SaaS Alerts are markedly more effective at securing cloud environments than those who aren’t,” said SaaS Alerts CEO Jim Lippie. “Our partners experience greater confidence in their security stacks and services, as well as higher MRR. They expect their revenue from security services to continue growing in the years ahead.”

To download a copy of the full report, visit https://info.saasalerts.com/2024-state-of-saas-security-report.

About SaaS Alerts

SaaS Alerts is a cybersecurity platform for managed service providers (MSPs) to detect and automate the remediation of SaaS security threats. The platform provides unified, continuous monitoring of core business SaaS applications to protect against data theft and malicious actors, including Microsoft 365, Google Workspace, Salesforce, Slack, Dropbox, Okta, Duo and Microsoft Defender. 

SaaS Alerts uses machine learning pattern detection to identify breaches, create instant alerts, and lock affected accounts, providing MSPs with valuable time to respond before further damage can occur. It also enables users to terminate dangerous end-user file sharing activities and automate essential security tasks, enhancing efficiency and overall client security. Learn more at www.saasalerts.com.