Two-Thirds of MSSPs Say Customers Have Asked for Dark Web Threat Intelligence as Demand Surges in US and UK

Survey identifies more than half of MSSPs have started undertaking dark web monitoring to protect customers and unlock new revenue streams

Washington DC, US & Portsmouth, UK – February 14 2023

Searchlight Cyber, the dark web intelligence company, today released its report A Guiding Light in the Dark: How MSSPs Are Using Dark Web Threat Intelligence, showing a surge in customer demand for dark web intelligence and a gap between demand and delivery. The report, which analyzes the findings of a survey of more than 500 Managed Security Service Providers (MSSPs) in the US and UK, found that over half (56 percent) say they are undertaking dark web monitoring, and over two-thirds (67 percent) reporting that their clients have requested threat intelligence from the dark web.

The report combines survey data and insights from leading MSSPs, providing an in-depth look at how MSSPs in the U.S and UK use dark web intelligence, what they are using for it, and how it benefits their customers. Report findings show that many MSSPs are embracing dark web intelligence to meet client needs and those who have undertaken dark web monitoring have unlocked new opportunities to help boost revenue. Key findings include:

  • Nearly two-thirds (65 percent) of MSSPs said that their customers have asked for threat intelligence from the dark web and, of those, 74 percent said their customers’ interest has been increasing.
  • This demand was driven by customers looking to identify vulnerabilities affecting their organization (39 percent), to find out if they are currently being targeted on the dark web (38 percent), and to gather intelligence on threat groups including ransomware gangs (38 percent).
  • More than half of MSSPs have started to address customer demand – 56 percent say they are undertaking dark web monitoring.
  • When asked about the benefits of using dark web intelligence, 37 percent of MSSPs report that it helps them identify customer details on the dark web, closely followed by giving them new products and services to sell to customers (35 percent) and making their current services more efficient (33 percent).
  • The main barriers to adopting dark web monitoring reported by MSSPs were perceived complexity (35 percent), while 29 percent believe it isn’t relevant to their service offering, and 18 percent believe they can’t sell it.

Commenting on the findings, Matt Hull, Global Head of Threat Intelligence at NCC Group said: “As threat actors increasingly publicize and claim responsibility for ransomware attacks, leak breach data, and target executives on hidden sites and forums, there is an increased requirement from organizations to understand how they may be exposed and what they can do to mitigate risk. Effective and safe research across the dark web requires a degree of skill that is not often present within your average organization and as such, they are turning to us for help in understanding the threats emanating from the dark web.”

Andy Bates, Practice Director – Security at Node4 commented: “Planning and preparation are key to any project or business. Yet in cyber we have been conditioned to expect an attack out of the blue and respond. Over the years we have all moved from fire fighting to fire prevention, from looking after our hearts rather than dealing with heart attacks. In cyber we can now move ahead of the criminals for the first time by listening to the dark web. To be able to do this without funding criminals or becoming like them is an important moral standpoint in this necessary shift in modern day cyber combat.”

Ben Jones, CEO and co-founder of Searchlight Cyber commented: “It’s great to see more MSSPs in the UK and US capitalizing on the value of dark web threat intelligence in response to rapidly increasing demand. We see a huge opportunity for MSSPs that are able to integrate dark web intelligence into their services. As this topic grows in prominence, those that have started to build out their capabilities, data sources, and understanding will be able to benefit as more customers look for guidance on the dark web, giving them an advantage in the competitive market of managed security services.”

Click here to download the full report, A Guiding Light in the Dark: How MSSPs Are Using Dark Web Threat Intelligence.


About Searchlight Cyber

Searchlight Cyber provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks. To find out more visit or follow Searchlight Cyber on LinkedIn and Twitter.