New research from WatchGuard® Technologies reveals that while most businesses believe they are adequately staffed, the complexity, speed, and scale of modern threats – especially those powered by artificial intelligence – have outpaced what internal teams can realistically manage.
The result is a fundamental shift away from do-it-yourself security toward externally delivered, always-on protection models.
According to the study of nearly 1,000 IT and cybersecurity leaders across 20 countries, 91% of organisations are concerned about AI-driven cyberattacks, while 75% experienced at least one cyber incident in the past year. At the same time, 54% say they lack the ability to deliver continuous 24/7 monitoring and response, and 67% need additional support to meet growing compliance demands.
Together, these pressures are forcing organisations to rethink how cybersecurity is delivered – and who is responsible for it.
From Internal Function to External Service Model
Despite investments in staffing and tools, internal IT teams are reaching their limits. The research shows that cybersecurity challenges are no longer driven by a lack of awareness, but by an unsustainable operational burden.
Nearly half (48%) of organisations already rely on managed service providers (MSPs) to supplement their internal teams, signalling a broader shift toward MSPs as primary cybersecurity partners rather than secondary support.
“This is not a skills gap; it’s a capacity gap,” said Joe Smolarski, CEO of WatchGuard Technologies. “Organisations understand the risks. What they lack is the ability to monitor, detect, and respond at the speed and scale required today. Cybersecurity is moving beyond what internal teams can handle alone, creating a massive opportunity for MSPs to step in as true security partners.”
AI Reshapes Both Threats and Buying Behaviour
Artificial intelligence is accelerating both sides of the cybersecurity equation, making attacks more sophisticated while also driving demand for smarter defences.
The report finds that 44% of organisations are willing to pay more for AI-powered detection and response, highlighting a growing expectation that security providers deliver not just protection, but measurable outcomes.
At the same time, organisations are shifting how they evaluate cybersecurity partners. Traditional metrics like uptime and service delivery are giving way to outcome-based expectations such as:
Faster incident detection and response
Proactive threat prevention
Reduced operational complexity
Improved overall resilience
Nearly half of respondents now view their provider as a strategic advisor or proactive partner, underscoring the evolution of the MSP role.
Global Markets Vary, But Demand Is Converging
Cybersecurity adoption models differ by region, but the underlying challenges are increasingly universal.
Mature markets like the United States and France show higher reliance on managed services, while regions such as Mexico continue to lean on value-added resellers, and Canada demonstrates stronger adoption of consulting-led approaches. Despite these differences, organisations across all regions are converging around a shared set of priorities: 24/7 monitoring, faster response times, AI-driven capabilities, and compliance support.
Spending Accelerates as Security Becomes Mission-Critical
Even amid economic uncertainty, cybersecurity investment is rising. 75% of organisations expect their cybersecurity budgets to increase over the next two years, with spending focused on services that deliver continuous protection and clear, measurable outcomes.
This shift reflects a broader market reality. Cybersecurity is no longer a periodic investment and is now becoming a continuous, operational requirement.
A Defining Shift for the Cybersecurity Industry
The findings point to a fundamental change in how cybersecurity is delivered. As threats grow more complex and continuous, organisations are moving away from fragmented tools and reactive approaches toward integrated, always-on security services.
For MSPs, this represents a significant opportunity to evolve from IT support providers into full-scale cybersecurity partners, delivering the speed, intelligence, and operational scale that modern organisations require.
