If the past few months have taught us anything, it’s that there are no guarantees when it comes to stopping hackers, phishing schemes, and other cybercrimes. That doesn’t mean MSPs should let their clients resign themselves to inadequate internet and data protection.
Providers must keep moving forward if they wish to stay a step or two ahead of cybercriminals. Successful security professionals are offering their clients more proactive services, delivering awareness training, and developing remediation plans that minimize the risks and potential damage should a worst-case scenario occur. In other words, they keep moving the bar forward.
That’s the reality of cybersecurity in 2018. The only way to keep troublemakers and organized criminals at bay is to slow down and attempt to block their attacks long enough that they’ll give up and move on to other prospective victims. As the new year approaches, it’s a great time for MSPs to begin perfecting that approach.
New Tactics for the New Year
Proactive cybersecurity can be a major shift for clients. Most expect their systems to be a defensive wall that will effectively, if not instantaneously neutralize viruses, malware, and other threats. In other words, SMBs have been taught to expect perfection in this area of IT. Thus, the first step for providers should be to ensure everyone inside their own organization is setting the proper expectations, from their sales and marketing communications with prospects to technical and educational discussions with current clients.
Cybersecurity protection should be positioned more like a net than a wall, with no guarantees. If that wasn’t the case, the organizations that spend millions of dollars securing their networks every year wouldn’t have a care in the world. Of course, as we have seen with a litany of breaches from Target and Home Depot to the recent issues at Marriott, the best defenses won’t stop determined cybercriminals from accomplishing their objectives.
Consider this: more than 3.3 billion credentials were stolen last year according to the 2017 Credential Spill Report. Do you think they all skimped on their cybersecurity spend? Of course not. A significant number of employees from Fortune 500 organizations are likely on that list despite their companies’ massive investments in defensive technologies.
Those failures help explain the skepticism in the SMB community. Two of the most common objections MSPs encounter when attempting to sell advanced cybersecurity services are “we’re too small to target” and “why spend so much if there are no guarantees?”
That’s why a new approach is necessary. Not just to help MSPs bottom lines, but to ensure the SMB organizations that you support understand how cybersecurity has transformed and why they need advanced protections more than ever before ‒ even if there are no guarantees.
The best way to counter their objections, at least according to a consensus of industry experts, is to make it personal. Force your clients to visualize their business day without access to their systems and data.
- How long could they operate without email or access to their key account information?
- What would it cost to be offline for 2–3 days?
- Would they face significant fines or litigation for industry or regulatory compliance failures?
While proactive measures might not solve all those issues, the piece of mind and reduced legal and financial liabilities that layered security affords SMB owners make it a more worthwhile investment.
Create a More Effective Recipe
For MSPs who haven’t expanded their cybersecurity beyond the basic applications (i.e., firewall, antivirus, antimalware), it’s a great time for New Year’s resolutions. Why not make advanced protection a top priority? Wouldn’t you like your clients to have access to a full slate of proactive cybersecurity solutions in 2019 while boosting your own recurring and project revenue opportunities?
It’s as simple as offering or partnering to deliver these additional services as part of a layered cybersecurity approach:
1. Email security management
Go beyond the basics with advanced protections such as:
- Outbound filtering to prevent sharing of malicious content and confidential information
- Encryption to ensure secure delivery of sensitive information and documents
- Inbound filtering that quarantines offensive, harmful, or policy-violating content
2. Incident Response
In the event a cybersecurity problem occurs, what should your clients do?
- IR involves identifying, managing, recording, and analyzing ongoing or past issues
- Regulatory and industry compliance measures are increasingly requiring these services
- Perfect partnering opportunity with MSSPs and other cybersecurity specialists
3. Awareness Training
People are the largest security vulnerability for businesses and, with the continually shifting threat landscape, constant education is essential today.
4. Dark Web assessments and monitoring
Do you know how many of your clients’ credentials can be found in the online underworld?
- Creates a rich intelligence piece for MSPs (pre-sales reports make great door openers)
- A proactive way to spot potential issues and vulnerabilities
5. Disaster recovery planning/testing
BDR solutions are just part of the equation. Well-tested comprehensive continuity plans are essential to ensure SMBs’ data and systems can be restored after any disaster, including ransomware attacks and other cybersecurity incidents.
Of course, you have to target business owners willing to pay for this growing array of advanced protection services. There are no simple tricks for convincing price-conscious customers to sign on. Companies that don’t place a high value on their data or aren’t concerned about paying fines for compliance violations won’t make great sales prospects for advanced security services.
The good news is that group of naysayers is shrinking. With increasing compliance requirements and the rising value of information (think IoT and business intelligence), the SMB market is warming to the proactive cybersecurity message.
Is your company ready to make more money in 2019 by meeting those needs?