Managed service providers are being warned to adapt their security delivery models as new research from the Enterprise Strategy Group highlights the growing risks in fragmented hybrid multi-cloud environments.
The report commissioned by AlgoSec, The Case for Convergence in Hybrid Multi-cloud, Application-centric Networks, shows that 85% of organisations now use two or more cloud service providers while nearly half of all business applications remain on-premises. This mix is set to continue, with 43% of workloads expected to stay in traditional data centres over the next two years – creating persistent complexity for MSPs tasked with securing them.
For MSPs, the challenge – and opportunity – lies in unifying security across this sprawl. The study found 89% of organisations believe cloud-native applications require different policies and tools, but 90% would prefer to use a single vendor across their entire environment. In practice, most still operate multiple overlapping solutions from CSPs, firewall vendors, proxies, and microsegmentation providers, making consistent policy enforcement difficult and increasing the risk of misconfigurations.
Security gaps are already being exploited. In the past 24 months, 43% of organisations have suffered an attack on public cloud infrastructure, with a quarter facing multiple incidents. The most common compromises involved malware moving laterally across environments (44%), misconfigurations (32%), and open ports (26%) – all areas where MSPs can add value through proactive monitoring, policy standardisation, and zero-trust implementation.
A call for convergence and collaboration
The report recommends that MSPs help clients align security, networking, cloud, and application teams around shared KPIs and integrated workflows. Demand is growing for solutions that span on-premises and cloud with application-level visibility – capabilities that MSPs can embed into managed security offerings.
High-priority features for buyers include integration with cloud automation (43%), centralised management (38%), zero-trust support (32%), and AI-driven policy management (28%). For MSPs, these represent service differentiators, especially in competitive bids where clients are seeking both operational efficiency and risk reduction.
Commercial benefits for MSP clients
AlgoSec’s research suggests convergence can deliver measurable business results alongside improved security: 63% of organisations expect greater operational efficiency, 44% anticipate lower operational costs, and 46% predict accelerated cloud migration. For MSPs, these outcomes can be positioned as part of the ROI conversation when selling managed security services.
AlgoSec CEO Yuval Baron said: “It’s impossible to look at network security through the lens of on-premises or cloud when an application spans both locations. Organisations must rethink their security technology, strategy and team structures to adopt a converged, application-centric approach.”
For MSPs, the message is clear: the convergence of hybrid cloud security isn’t just a technical requirement – it’s a market opportunity to deepen client relationships, expand service portfolios, and move up the value chain.