The just-released 2024 SonicWall Annual Cyber Threat Report finds that overall intrusion attempts increased more than 20% in 2023, global cryptojacking volume rose an eye-popping 659%, and encrypted threats jumped 117%.
MSP Success sat down with SonicWall President and CEO Bob VanKirk and Michael Crean, founder and CEO of Solutions Granted, which SonicWall acquired last November, to discuss what the findings mean for MSPs. The executives also talked about the company’s recent acquisitions to fill gaps in its platform, the value they bring for MSPs, and how SonicWall is working to make it easier for MSPs to do business with the company. This is an edited version of that conversation.
MSP Success: Before we drill down into the report, you’ve had a lot going on since you took over as president and CEO in 2022. Can you talk about your focus on MSP/MSSP enablement and the significance of the recent Solutions Granted (SGI) and Banyan Security acquisitions?
Bob VanKirk: When I was asked to take on the role my response was, if you’re willing to allow us to expand into key areas that our partners have been requesting, like managed security services, i.e., SGI and Michael’s business, cloud native apps, cloud edge, SASE, then I would love to take on the role and work with the team, but it will take a transformation and it’s going to take an investment. Credit to Francisco Partners, the PE firm that owns SonicWall. They have been very supportive, patient, and have provided the resources to make this transformation…
The SGI acquisition and the Banyan acquisition, both of them are key, relative to what we’ve been hearing from our MSPs, that the perimeter isn’t enough and firewalls [aren’t] enough. … So, a year and a half ago, we took an outside-in approach. We doubled down on partners and listening, not talking, but listening. And that really resulted in those key acquisitions.
And the threat report, in the past years, it’s all been about reporting out data. It’s been a 70-page report. … We’re taking an intentional approach this year, which is all around how do we better enable MSPs and MSSPs and support their businesses relative to our threat data, and certainly, driving our roadmap and our solution stack.
MSP Success: Can you elaborate a bit more on how Solutions Granted fits into your roadmap?
Bob VanKirk: The great thing about Solutions Granted was that we have a common customer base, which is MSPs. Bringing to the table a 24/7/365 SOC able to support MSPs with key insight … is really, really important. We’ve provided endpoint capability solutions for years, but it’s really those managed security services that Michael and SGI bring to the table. Already we’re seeing incredible traction and it’s been something that our MSPs have been requesting.
Michael Crean: One of the things that was really important around this acquisition and coming together was, one, not losing the focus of the channel partners in the way that we wanted to deliver services and … showing our commitment by doing the no annual commits, no minimums, getting rid of the contracts and these barriers to entry. … [SonicWall] just felt like it was the perfect fit for my legacy, my company, my employees, my partners, and really to go do something at a much greater stage for the MSPs out there who truly need somebody watching their back 24 hours a day.
The pieces [of the partner programs] are coming together, but that idea of this no annual commits, no minimums, those parts of the partner program have already come together. … And the fact that SonicWall now has direct billing, where we’re able to help the partners with their billing. That’s one thing that I think has been key to this acquisition is that you can have the best partners, you can have the best people, but if you struggle with billing, it kind of sours it all.
MSP Success: And the Banyan acquisition, where does that fit in?
Bob VanKirk: We started going into the cloud area via an OEM and with as much going cloud native, and even more so, offering a hybrid approach. It became very clear that with SASE and Security Service Edge, so ZTNA and CASB and SWG, this was something we needed to have as part of our platform. And really it was managed security services, SGI, and then Banyan, that cloud native capability, that were the two gaps that we felt had to be a part of our solution set. So that drove the Banyan acquisition.
MSP Success: When you took over, you said you’d be focusing more on MSP and MSSP enablement. Can you speak to initiatives in this area?
Bob VanKirk: How we’re aligning to support our partners, the MSPs and MSPs, [is] probably more important than the solution stack itself. I’m actually using SGI and Banyan to further that transformation. I’m very proud of SonicWall’s legacy, but we need to build on it and create the next chapter. So it’s taking Michael’s monthly billing—that’s where the market’s going. That’s what our partners want; that’s what their customers want. So adopting that across SonicWall, not forcing Michael and team to move toward annual commits or three-year commits; we’re doing the opposite. So that’s one key piece.
We’ve redesigned our partner program altogether around supporting service providers more. We’ve introduced a higher level of support for our service providers so that they can immediately call in to a Tier 3 resource, not a Tier 1 or 2, but a Tier 3 that’s answered within seconds. [This is] all around, again, how do we better enable those key partners? And it’s working. We’re seeing the number of transacting partners go up. We’re seeing triple-digit growth relative to our service provider program.
We really took a step back and said, we’re going to double down on partners. We’re going to make it easier to do business with. We’re going to let them shape our roadmap. We’re going to focus on how we can enable them to provide value-add services, and it will serve us well. And it has.
MSP Success: You both mentioned the monthly billing. Is it something that’s been rolled out across all your product offerings now, or is that in process?
Bob VanKirk: It’s in process, but it’s expanding rapidly. It’s where the market is going. It’s what our partners have been asking for.
MSP Success: Let’s turn to the report. What are some of the key findings that you think MSPs really need to pay attention to? And how can they use the current threatscape to move the needle for their SMB customers?
Bob VanKirk: So at a high level, we saw an increase in intrusion attempts of 20% last year. And to put that in context, that’s on top of an increase of 19% the year before and an increase of 17% the year prior. So it’s a continual trend now. …. Where that comes into play with MSPs is, think about the cybersecurity skills gap. … Midmarket accounts, small accounts, they don’t have the IT teams. They don’t have the expertise on staff. … That’s where the MSPs can play such a critical role. We’re there to meet them where they are in their journey. … If you want to leverage our SOC to cut through the alert fatigue to identify the key threats, we can help you there. If you don’t need us to do that, we can help you in these other areas.
MSP Success: I’d like to drill down into a couple of the findings. Cryptojacking [where threat actors hijack a victim’s computing resources via malware to mine cryptocurrencies without their consent or knowledge] is skyrocketing. Is that something the typical SMB needs to worry about?
Michael Crean: Just think about the history of ransomware and how it got super focused on the enterprise and large institutions. But how quickly did it find its way into the SMB space? … So yes, for sure, cryptojacking is definitely something that’s incredibly important that’s happening to the SMBs. It’s not as destructive in nature, but it still has this damaging effect when it starts slowing your systems down, consuming your resources, and you don’t know why. And then you’ve got all of this time spent by the staff that’s supporting you, trying to figure it out. … So yes, it has a huge impact on the SMBs.
MSP Success: Finally, what are your thoughts on the role that AI will play in cybersecurity going forward, both for the good guys and the bad guys?
Bob VanKirk: SonicWall identified a couple hundred thousand never seen before attacks [in 2023]. So that equates to around 800 or so a day. The only way we’re able to keep pace is because of machine learning and AI. We’re already using that from a support standpoint. We’re using it in our threat detection and our cloud sandbox. But don’t think for a second that the bad guys aren’t using it on their side.
