Last updated August 26, 2024.
Things change fast in the world of technology. From emerging trends in cybersecurity to EDI and data integration, it’s challenging for midmarket companies to meet the technology needs of their internal and external customers.
For many organizations, outsourced IT services are the answer. But how bad is the pain, and where does it hurt most? How do you choose the right functions to outsource—and the right partner?
To answer these questions, Corsica Technologies commissioned an in-depth study from IHL Group, a leader in market research. IHL Group conducted a comprehensive survey of midmarket companies in numerous verticals to uncover a detailed picture of the state of technology outsourcing today.
In this post, we’ll examine the top 11 trends that IHL Group discovered—but there are many more. You’ll want to download the report to get the full picture: The Rise of Strategic Outsourcing in Cybersecurity and IT.
Here are the top 11 trends from the study.
1. Top performing companies invest 285% more in cybersecurity
The study separated companies with >10% sales growth from average performers and below-average performers. In terms of cybersecurity investment, the study uncovered a startling fact.
Companies with >10% sales growth invest 285% more in cybersecurity than below-average performers.
That might sound like higher-revenue companies are spending more—but companies were split out by growth, not revenue.
The takeaway is clear. Low-growth companies are spending significantly less on cybersecurity than companies that are on a growth trajectory. This makes sense, considering the fact that a data breach costs $4.45M on average (IBM). Yet even companies that aren’t experiencing growth must consider the risks of leaving cybersecurity unaddressed, as a breach can put them that much farther behind their peers.
2. Skilled IT and cyber talent is harder than ever to find (and keep)
The study revealed an uncomfortable fact: 42% of companies rated IT staff availability as a top pain point.
This isn’t too surprising. Given high salary expectations and high demand, IT professionals can choose their roles carefully. For example, the U.S. Bureau of Labor Statistics expects job growth of 32% in the cybersecurity sector between 2022 and 2032.
When it comes to specialized technologies like EDI, skilled talent can be even harder to find. EDI solutions are a unique beast. Just like cybersecurity, they require dedicated expertise—and the best EDI providers come with a strong background in both EDI and cybersecurity. This ensures your solution is kept up-to-date against the unique security risks of EDI.
The same is true of digital transformation and AI consulting skills. It’s challenging to find that comprehensive skillset that can cast a vision (and run operations) across a diverse range of technologies.
Unfortunately, specialized talent accrues toward the top-paying organizations—which are often global enterprises far outside the midmarket. This leaves midsize organizations scrambling to cover their staffing needs in technology.
In many cases, the solution is to outsource to an IT services company, also known as an MSP (managed IT service provider). The best MSPs also act as an MSSP (managed security service provider). This means they cover both IT and cybersecurity.
Whether outsourcing or hiring, the study shows that midmarket organizations really need to find a solution because…
3. Solving the IT staffing problem correlates with 125% higher profit growth
There’s no way around it. Companies that invest in technology experts see higher profit growth.
Specifically, the study uncovered a remarkable fact. Companies who reported that lack of IT staffing was not an issue saw profit growth 125% higher than those who did.
These high-performers also reported 136% higher sales growth—and they projected 90% higher profits this year.
Clearly, solving the technology staffing problem correlates with greater profitability. While the reasons for this correlation are complex, we can sketch them briefly.
- Whether outsourced or on staff, companies with proper IT resources are equipped to support business-critical systems day-in and day-out. This creates less downtime and lost revenue from technical bugs. It also keeps costs lower by providing resources and proactive triage processes rather than operating in a reactive mode when technology issues occur.
- Whether outsourced or on staff, companies with proper cybersecurity resources are less likely to experience a catastrophic cyberattack. While no one can guarantee bulletproof security, organizations that invest in cybersecurity have the systems, processes, and professional resources in place to contain a threat. This minimizes downtime, data loss, and the impact on brand reputation and revenue.
- Companies that invest in technology experts are more likely to have a clear strategic direction for technology investments. With a document in place like a 3-year technology roadmap, they can replace end-of-life systems before critical vulnerabilities occur. They can also plan for net-new technology investments, digital transformation, and data integration initiatives like EDI solutions, which correlate with greater operational efficiency and new opportunities to capture revenue.
Want details? Download the full IT Outsourcing Report now →
4. Top performing companies are 29% more likely to use an MSSP for cybersecurity
This should be no surprise.
Given the challenges in hiring talent and the importance of cybersecurity, top performers know they have to find a solution. For many midmarket companies, that means outsourcing IT security services to an MSSP (managed cybersecurity services provider).
But that simple fact isn’t the whole story.
There are two big reasons that top performers seek out MSSPs to handle cybersecurity.
- They rate the importance of an MSSP having a physical SOC (security operations center) 36% higher than average performers.
- They rate the importance of an MSSP taking full responsibility for cybersecurity 25% higher than average performers. This includes critical functions like threat detection, response, mitigation, and cleanup.
The devil is in the details here. Top performers aren’t looking for just any MSSP. They want a strategic partner who takes ownership of cybersecurity from top to bottom, including a Cybersecurity Service Guarantee that offers free services for incident remediation (within limits). They recognize that this type of relationship empowers them to focus on their core business while their MSSP keeps them safe.
5. Cybersecurity leads among cloud spending growth categories
As new cyberthreats proliferate, one thing is becoming painfully clear. The cybersecurity controls of cloud systems are not necessarily 100% optimized by default.
In fact, cloud systems require just as much cybersecurity expertise as on-premises systems. The skillset is slightly different, but the need is the same.
It’s not too surprising, then, that cybersecurity leads among cloud spending growth categories. Here’s the full breakdown from the report.
Cloud technology spending growth by category
- Cybersecurity +7.0%
- Data hosting/storage +5.5%
- Collaboration software +5.4%
- Marketing systems +3.8%
- Business intelligence/analytics +3.7%
- Supply chain systems +1.9%
6. Legacy software is the top pain point (74%)
Midmarket organizations are suffering.
The culprit? Outdated software that can’t keep up with modern business requirements.
Whether it’s homegrown solutions that the organization can’t support, or third-party applications that have reached end of life, 74% of midsize companies reported legacy software as their biggest pain point overall.
What does this look like in real life? Here are a few examples that we see frequently.
- Broken or nonexistent EDI integrations (more on that below)
- Bespoke backend systems that should be replaced with best-in-class solutions from top software vendors
- On-premises systems serving functions that would be better served in the cloud
- Cloud systems serving functions that would be better served on-premises (Yes, this does happen! More here: Cloud Repatriation 101: What’s Right For You?)
Considering the shortage of technology talent, the pain of legacy software hits hard. How can midmarket organizations address these issues if they can’t get help from expert resources? Like so many trends here, this one is pushing decision-makers to outsource their IT support.
7. Cybersecurity issues are causing significant pain (56%)
This trend comes as no surprise, given the increasing prevalence of cyberattacks, data breaches, ransomware, phishing, and other threats.
The situation is changing rapidly for midmarket companies. Global enterprises have hardened their defenses significantly, which makes it more challenging for cyber criminals to breach them. Now the criminals are looking for softer targets. Midmarket companies offer the perfect combination of weaker cybersecurity controls coupled with enough financial resources to pay ransoms.
Just how bad is it?
The University of North Georgia estimates that 54% of companies have experienced a cyberattack in the last 12 months.
With a breach costing $4.45M on average, that’s a significant impact to any organization.
Yet it’s tough for midmarket companies to keep up with evolving cybersecurity trends. From attacks powered by generative AI to cyber warfare and state-sponsored operations, the threats against midsize companies are getting more and more sophisticated.
For all these reasons and more, it’s no wonder that 56% of respondents rated cybersecurity as a top pain point.
8. Data integration issues are disrupting operations
Business-critical systems must talk to each other—and those integrations must be reliable.
Unfortunately, the reality looks far different at many midmarket organizations. In fact, 52% of respondents cited B2B data integration issues as a top pain point.
Without proper, reliable integrations, organizations must turn to human labor to move data between systems. Whether it’s rekeying business documents, scrubbing and uploading CSV files, or some other workflow, these processes create errors and waste.
What systems are we talking about?
Here are some of the common ones we see.
- Inadequate (or nonexistent) EDI integration. While the organization has a self-service integration solution to send and receive EDI documents, that solution isn’t cutting it. There’s no integration to backend systems (ERP, MRP, SCM, etc.), and EDI is causing significant pain. Even if an integration to backend systems exists, when the backend system gets an update, it can break the connection—which requires expertise to reconfigure, redeploy, and test the integration.
- Disconnected internal applications. A system doesn’t have to be customer-facing to create problems when it isn’t integrated. Any internal application that can’t share data appropriately creates lost productivity and the potential for data errors.
- Disconnected ecommerce. No matter the industry, an ecommerce solution is a liability if it doesn’t integrate with backend systems. This can lead to lost revenue, rekeying information, growth in order errors, and damaged customer relationships, as a broken integration can affect customer experience and product availability on the site.
While self-service integration solutions exist to connect virtually any system to any other system, such solutions can’t always keep up as integration requirements become more complex. Typically, we see self-service tools covering 20% of a client’s easiest data integration requirements. The remaining 80% generally fall outside the scope of self-service integration tools.
In these instances, midmarket companies are increasingly turning to IT outsourcing companies who provide data integration solutions and services.
9. Network speed and reliability are hampering productivity
44% of respondents selected network speed and reliability as a significant pain point.
This is concerning, as modern organizations can’t function without secure, reliable network connectivity—especially in the age of remote work. Yet downtime, poor wireless coverage, congestion, and interference all combine to make networking challenging for many organizations.
Combine this with the difficulty of hiring IT talent, and network usability becomes a serious issue.
Once again, we’re seeing organizations outsourcing their IT support to solve this problem. Managed network services cover the skills gap in your organization, ensuring every team member gets the connectivity they need.
10. Data security and connectivity is the #1 technology priority
Zooming out a little, the survey asked respondents what their top technology priority was for this year.
62% chose data security and connectivity.
This makes sense, as it encapsulates nearly everything we’ve covered so far. Network speed and reliability, cybersecurity, and data integration were all significant pain points, so it stands to reason that midmarket companies would make them the #1 technology priority.
But there’s one more thing to note here. Top performers rate data security and connectivity higher than other organizations.
In fact, companies that grew profits by 10% or more in 2023 rated this priority 56% higher than average performers. This is most likely due to the fear of not having proper security controls in place to protect rapid growth in market share.
11. Remote infrastructure management is the #1 IT function outsourced today
The survey asked respondents to indicate how they source four technology functions today:
- Hardware purchase
- Hardware installation
- Remote infrastructure management
- End user support
The options offered were “Support in-house,” “OEM/vendor service,” and “third-party service.”
Remote infrastructure management led among types of support outsourced to an IT company, with 42% of respondents engaging a trusted partner for this function.
Not surprisingly, end user support was overwhelmingly covered in-house, with 67% of respondents addressing the need this way. This makes sense, as end users typically require assistance with things like application support and understanding internal processes. In-house resources are best positioned to help with these needs, while IT outsourcing services are best positioned to handle remote infrastructure management, which requires more technical expertise.
The takeaway: Top performing companies outsource their technology services strategically
There’s one overarching theme here. Both in terms of sales and profits, top performers are outsourcing IT and cybersecurity strategically. This allows them to sidestep the tough labor market in IT and cybersecurity, as their MSP/MSSP handles staffing concerns, system documentation, 3-year technology roadmaps, and more.
Conversely, below-average performers are less likely to outsource these IT support functions. That could be for several reasons. They may not understand their needs in cybersecurity and IT, so they can’t cover those needs. They also may not realize how affordable it is to work with an MSP/MSSP. Midmarket companies can usually get access to an entire team of experts for roughly the cost of one full-time hire.
Whatever the reason, the takeaway is clear. Midmarket companies shouldn’t hesitate to outsource their cybersecurity and IT needs strategically. Those who do so consistently outperform their peers in terms of sales and profits.
Want to learn more about outsourcing IT and cybersecurity?
Reach out to schedule a consultation with our technology specialists.