A new year brings with it a new set of security challenges. From the escalation of ransomware and social engineering to the Internet of Things and the continued security headache that presents. Keeping pace with these challenges and staying one step ahead of cyber crime will be critical for security vendors but it also has a significant knock-on effect for the channel.

We spoke to Avecto’s channel team to get their three predictions for the year ahead.

Ananth Appathurai, VP of Strategic Alliances

The cyber security skills gap is well documented and the chasm between supply and demand for expertise is widening by the day. The need to enhance cyber security technical skills will be essential for resellers, MSPs, large system integrators and outsourcers throughout 2017 and beyond.

I expect there will be further acceleration in the transition of the channel business model. Moving from transactional reselling to an outcome based, consultative, services model. This will, in turn, drive additional consolidation and acquisitions in the reseller space.

Finally, I see cyber security vendors and ISVs moving away from a channel breadth model to a channel depth model. The objective will be about deepening relationships, partner technical skills and go-to-market execution with a limited, yet focused set of channel partners.

Mark Peters, Head of Channel (Northern Europe)

For me, the key drivers in the channel market for 2017 have been consistent for the past few years. The first is something of a given. We know that hackers don’t simply rest on their laurels, they are constantly looking for new, ever more sophisticated ways to bypass the solutions of security vendors, particularly those relying on reactive technologies. Vendors must up their game this year.

People will continue to be the weak link in an organization’s chain of defense. Whether through social engineering, malicious insiders with over privileged accounts, or simple human error, organizations must do more to mitigate those risks.

Lastly, I think the introduction of General Data Protection Regulation (GDPR) will be a major driver for security officers’ thinking if not their spending. Most organizations protect personal data to the best of their ability; however, they often don’t have the technology in place to understand where the data resides and the risks it is exposed to. This is often hindered further by antiquated systems that would never comply with the GDPR.

Mark Gilchrist, Head of Strategic Alliances (EMEA)

Over the course of 2016 I think we saw a notable shift in how cyber security was positioned at a board level. It moved from an A.O.B agenda item to many organizations’ primary concern. Of course, many had their hands forced due to increased regulation and compliance, or acted in the hope of not being the next TalkTalk or Tesco Bank. The challenges of the digital enterprise are clear but many still don’t have their house in order. I see 2017 being the year cyber security was finally taken seriously.

Many of today’s breaches or malware infections can be mitigated. In general, breaches occur because many organizations still have poor IT practices in place. An overreliance on reactive technologies like antivirus or too many over privileged users for example. These can easily be remedied if the necessary housekeeping measures are carried out. I think this will be a consistent message from vendors and resellers alike.

Finally, in a similar vein to my other points, the way in which organizations respond and react to breaches will become ever more important. Customer and market sympathy or respect for organizations are hit hard following a cyber attack but, if the response is swift and communicated clearly, much of that damage can easily be repaired.