Phin Security

Are MSPs Growing Their Tech Stacks Too Large? | EP 51

In this episode of Gone Phishing, Connor Swalm and Nick Wolf discuss how MSPs are expanding their tech stacks excessively—particularly by using multiple overlapping tools like EDRs—which strains technicians, complicates training, and undermines expertise, arguing instead for MSPs to standardize and consolidate their vetted cybersecurity toolsets to improve efficiency, client trust, and reduce burnout caused by vendor overload and unnecessary solution selling.

Welcome to Gone Phishing, a show diving into cybersecurity threats that surround our highly connected lives. Every human is different. Every person has unique vulnerabilities that expose them to potentially successful social engineering. On this show, we'll discuss human vulnerability and how it relates to unique individuals. I'm Connor Swalm, CEO of Phin Security, and welcome to Gone Phishing.


Episode Discussion

Connor Swalm is joined by Nick Wolf from Evo Security to discuss whether MSPs (Managed Service Providers) are growing their tech stacks too large.

Are MSPs Growing Their Tech Stacks Too Large?

Nick Wolf:

  • Many MSPs are expanding their tech stacks, which can strain both existing and new technicians.
  • Vendors and MSPs should consider consolidating their product lines as much as possible.
  • Example: Instead of using multiple EDR (Endpoint Detection and Response) tools, pick one and become subject matter experts on it. This allows for better pricing, easier training, and deeper expertise.

Connor Swalm:

  • Questions why MSPs would use more than one EDR tool.

Nick Wolf:

  • Some MSPs want to be vendor agnostic and manage whatever tool the client brings, but this can be problematic.
  • MSPs should be the cybersecurity experts and define their own vetted stack for clients.

Connor Swalm:

  • Letting clients choose the tools feels backwards. MSPs are hired for their expertise, not to let clients dictate the stack.

Nick Wolf:

  • It's more beneficial for MSPs to recommend and standardize their stack. This makes the MSP more "sticky" and reduces the need for clients to shop around for tools.

Connor Swalm:

  • Shares a post from Reg Harness (Orbital Fire) listing common MSP frustrations: expectations, finances, vendor competition, being scapegoated for incidents, talent shortages, tool overload, and burnout. The root cause is often the push to sell more solutions, even when unnecessary.

Nick Wolf:

  • Cybersecurity vendor overload is a real issue. Larger vendors like ConnectWise and Kaseya are acquiring tools to offer consolidated solutions, but integration quality varies.
  • Vendor consolidation can simplify billing and tool management for MSPs.

Connor Swalm:

  • Asks if tool fatigue and vendor overload are signs of changing times or lack of education.

Nick Wolf:

  • It's about efficiency: using one tool per category saves time and money.
  • Example: Datto's success was due to offering a single platform for backup and disaster recovery, consolidating what used to be multiple tools.

Connor Swalm:

  • Notes that vendor consolidation can create a single point of failure. It's important to vet vendors for security, support, and business alignment.

Nick Wolf:

  • MSPs should ask tough questions about vendor security, liability, and longevity. Beware of "pop-up" vendors, especially those touting AI.

Connor Swalm:

  • Clients care about outcomes, not technical details. Standardizing the stack helps MSPs deliver consistent results and makes it easier to meet requirements like cybersecurity insurance.

Nick Wolf:

  • Standardization allows MSPs to check compliance boxes more easily. Avoid scenarios where clients are only partially protected due to cost-cutting.

Connor Swalm:

  • For MSPs considering consolidation, peer groups, online communities (like the MSP subreddit and Facebook groups), and resources like Gartner reports are valuable for vendor research.

Nick Wolf:

  • Use peer reviews and community feedback to evaluate vendors. Consider whether vendors are channel-only or sell direct, and look for those who understand the MSP space.

Connor Swalm:

  • Thanks Nick for joining and encourages listeners to reach out to Nick or Evo Security for more information on MFA, SSO, and privileged access management for MSPs.

Thanks for tuning in to Gone Phishing. For more on security awareness training campaigns, visit Phin Security at Phinsec IO.