Every organization reaches a point where its internal cybersecurity team can no longer meet the demands of today’s evolving cybersecurity landscape. The team may be overwhelmed by alerts and unable to support broader objectives, or may lack expertise to configure critical tools like a SIEM or broader information security systems. Whatever the limitations, the organization must choose one of two options:
- Recruit cybersecurity professionals to expand capabilities
- Partner with a Managed Security Service Provider (MSSP)
One of our customers, an API platform developer, recently faced this same conundrum. After crunching the numbers, they found the right answer for them. Let’s explore their story and the “build vs. buy” question.
Lack of Security Maturity Stifled Growth for this SaaS Developer
The API platform developer set an ambitious goal for fiscal year 2026: generate $10M in net new revenue. Their target audience was a previously untouched market of enterprise clients, but there was a problem. These potential customers demanded specific cybersecurity certifications, such as ISO, FedRAMP, and HIPAA, in order to do business with the developer.
The technical program manager explained, “[Hitting our revenue goals] is dependent on building a robust security framework that reassures our customers, both large and small, that their data is safe.” They simply could not qualify for these certifications without strengthening their security posture and that would require adding specialized resources
In exploring whether to recruit internally or evaluate MSSP partners, they encountered a few roadblocks.
Roadblocks Facing Cybersecurity Recruiters
Organizations seeking to expand their internal cybersecurity team must contend with four challenges:
- Labor shortage makes finding top candidates more difficult and expensive: Security skills are in high demand, especially for top cybersecurity roles, where it’s difficult to find the perfect candidate. For example, the United States has only enough cybersecurity specialists to fill 74% of open positions. This demand leads to higher salaries and longer recruiting times. In fact, these positions take about 21% longer for recruiters to fill compared to other tech jobs. Erik Montcalm, VP of Services and Technologies at SecureOps reinforced this data with his own experience, “It's getting easier to hire at the junior level, as soon as you reach into the senior roles, people that can implement and customize log sources, there’s very high demand.”
- High level technical talent are less interested in corporate roles: Part of the recruiting challenge for business leaders is that their cybersecurity roles, even if well paid, are not as attractive as other opportunities in the industry. These professionals may prefer to work at an MSSP rather than a corporate body, because at an MSSP, they can touch multiple projects, broaden their experiences, and pursue what’s most interesting to them.
- Recruiting for a 24/7 model is rarely cost effective: Many cyber-insurance policies require the policy holder to maintain 24/7 monitoring of their environments, however, this presents several challenges.
- Regulation in certain countries and regions, such as Europe, may require employers to compensate an on-call employee as though they worked an entire day if they respond to a call.
- The volume of work overnight is often not enough to occupy a full-time employee. This leaves the night worker with little to do, leading to boredom, disengagement, and turnover. Montcalm elaborated, saying “It doesn't matter if there's nothing to do. You promised your cyber insurance provider 24/7 coverage. You need to have somebody's eyes on glass in the middle of the night. Having a job with nothing to do is fun for a week — not for a year or more.” An MSSP circumvents these issues through a partially-dedicated coverage model. Cybersecurity analysts working overnight will monitor the environments of multiple companies, which yields a better workload and more engaged workers.
- Combined, these challenges drive turnover: A 2025 report from IANS Research and Artico Search found that 60% of cybersecurity professionals are considering a job change in the next year, double the United States national average. The survey respondents, especially senior professionals, cited a lack of satisfaction with career growth.
Recruiting for high demand roles incurs significant costs, and turnover forces your recruiting team to start the process over again. Between recruitment marketing, interviewing, onboarding, and training, each role is a costly investment in cybersecurity talent that may walk out the door within a year.
The Most Strategic Path to Reach Their Goals
Facing these challenges, the API management platform developer chose to pursue an MSSP partnership with SecureOps. One of their primary motivations was speed of deployment, which proved far faster with an MSSP. “We started the evaluation six months ago and in the next couple months, we'll have a SOC launched,” said the technical program manager. Moreover, partnering with an MSSP enabled the internal team to focus on security maturity while offloading the monitoring and maintenance. He added, “They could focus on maturing the business, standing up the threat hunting program, and improving the incident response plans, checklists, playbooks, and automations — all the fun stuff.”
Our role in the expanded security team included:
- Continuously monitoring for cyber threats, promptly escalating and resolving issues as they occur
- Overseeing and ensuring the full functionality of security platforms
- Actively enhancing defenses and improving security maturity
- Conducting vulnerability assessments to remediate weaknesses before they can be exploited
“As a leader of the team, my vision is always how can we be the best,” said the technical program manager. Together with the help of SecureOps, our customer took a big step towards that end. With expanded security resources, the developer could begin applying for the high-value certifications that enterprises expect and pursue their revenue goals.
Learn more about how this customer overcame their security limitations and built resilience in their organization. Read the full story.