One of the keys to being a successful MSP is staying one step ahead of today’s cyber threats. But this is a lot easier said than done. Threats are evolving on a daily basis, attack vectors are increasing, and it’s becoming more and more difficult to maintain a healthy and proactive cybersecurity posture.
With Halloween right around the corner, I thought it’d be appropriate to show you all the scary truth about the state of cybersecurity among MSPs. Before we dive in, though, I suggest that you download and read our new research report, Under Attack: The State of MSP Cybersecurity in 2019. It will give you more insight into today’s market dynamics and what it takes to defend against the threat landscape. Or, you can continue reading for an abridged version as I give you my take on what the report’s findings mean for the industry.
If there’s one thing that the above research report uncovers, it’s that MSPs are up against some serious challenges—some new, some we’ve seen before. Overall, there’s a clear demand for security services within the small- and medium-sized business (SMB) market, but MSPs are still struggling to build a bridge over the chasm that is cybersecurity.
The Main Challenges Facing MSPs
There's a Target on Your Back
We see this all the time in the news lately: an MSP gets compromised due to holes in their cyber defense system, then their tools are turned into weapons. In fact, our own research found that 74% of MSPs have suffered a cyber attack themselves.
This is a completely new complex for MSPs. You’re used to defending your clients’ businesses against attacks, but now, you are the target of said attacks. And why are MSPs being targeted? The answer is simple: access.
MSPs hold the keys to the kingdom for numerous SMB clients. Cyber criminals have recognized this goldmine and have shifted their approach accordingly. So now, the reality is that you can’t truly protect your clients if you’re not protecting yourself.
The Cybersecurity Skills Gap
While the skills gap isn’t necessarily a new challenge, it is a huge challenge, and almost every MSP faces it in some form. Just look at these stats from the report:
- 40% of MSPs say they can’t obtain and retain the skills necessary to deliver cybersecurity services.
- 67% of MSPs do not feel fully confident in their ability to defend their clients against a cyber attack.
- 1 in 5 MSPs claim they lack the technical skills, certifications and knowledge to sell cybersecurity services.
I’ll let those sink in for a moment. Essentially, inaccessibility to cybersecurity skills and resources is holding MSPs back from delivering their services, protecting their clients against threats, and even selling their solutions.
Difficulties When Selling Cybersecurity
Having a sales strategy is one thing; having an effective sales strategy is another. Our research identified that 80% of MSPs are running into barriers when selling cybersecurity solutions. Clearly, something isn’t clicking in the sales conversation between MSPs and prospective clients.
One explanation could be that MSPs tend to “techsplain” cybersecurity to SMB clients. Too often, the conversation focuses on the technical capabilities, feature sets, and breakthrough innovations of a solution, instead of its business value. And sure, it may be easy to break through to a client this way after they’ve experienced an attack, but the trick is to convince them before it even happens.
The Silver Lining
I promise, I’m not trying to scare you with these statistics. Rather, I want you to be aware of the challenges so that you can face them head-on.
Cybersecurity draws a fine line between overwhelming and exciting. If you’re unsure of what lies ahead or where to begin, it’s easy to feel overwhelmed. But when there’s a clear path in front of you, that’s where it gets exciting because you see the opportunity. In fact, our research from earlier in the year found that SMBs are willing to spend 27% more for the right cybersecurity offering.
To help you feel a bit more prepared to capture this opportunity, here are some tips for success:
- First, you must to protect your own house. Cyber criminals are trying to sneak in through your back door, so you need to ensure your own defenses are tightened up in order to do the same for your clients.
- Look to spark more meaningful conversations around cybersecurity—both internally and with your clients. Speak your clients’ language and ensure your sales pitch addresses the right business goals, as well as the right people.
- Embrace a more proactive approach to cybersecurity, not only in the tools and services you implement, but also in the team you employ. If you’re lucky enough to find cybersecurity talent, put training and programs in place to retain them and build them up as an asset for your business (there are plenty of trainings and certifications available). If you can’t get this talent in-house, look for outsourcing opportunities so you can re-position your existing staff to focus their time on revenue-driving activities.
We’ll be hosting a webinar on October 29 to dive deeper into the research findings and uncover more keys to success. You can register here. And while you’re at it, be sure to download the full report, Under Attack: The State of MSP Cybersecurity in 2019.
By Lily Teplow
By Gretchen Hoffman
By Gretchen Hoffman