MSP Blog Logo

BDR

Business Growth

Cybersecurity

Help Desk

MDM

RMM

Sales & Marketing

Subscribe


Empowering Your MSP Business to Grow and Prosper—One Post at a Time

The-Ultimate-Guide-to-Success-in-Managed-IT-Services


Featured Post

The Ultimate Guide to Success in Managed IT Services

What are the fundamentals to building a profitable managed IT services business? Keep reading to discover the four key ingredients for success.

Read Now

Making Money with Layered Security: Challenges and Opportunities in a Shifting Threat Landscape

Posted October 9, 2018by George Anderson

Making Money with Layered Security: Challenges and Opportunities in a Shifting Threat Landscape

A shifting cyber threat landscape is putting increased pressure on MSPs entrusted with security services. In addition to protecting clients from an ever-diversifying range of threats, it’s often falling on MSPs to explain to their customers why simple endpoint security solutions alone are no longer a sufficient cyber security stack.

User error is quickly turning into one of the most promising avenues of attack for cybercriminals, something no endpoint solution can remedy. Additionally, attacks based on outbound web traffic—preventable at the network-level and often enabled by irresponsible browsing habits—continue to endanger businesses, especially at the network level. 

Rather than viewing these shifting circumstances as a net negative, MSP owners should recognize that the increased need for effective security offers real opportunities in terms of their offerings. Layering the cyber security protection MSPs provide their clients is the way to efficient protection and increased profitability. It simply makes sense that, as threats diversify, MSPs should expect greater compensation by offering greater protection.

Making Money with Security Training  

Research conducted by IBM found that 95 percent of cybersecurity breaches were the result of user error. According to Verizon Wireless’s 2018 Data Breach Investigation Report, 93 percent of all breaches involve some sort of social engineering. The threat represented by untrained users is real, especially where phishing attacks are concerned. By addressing the root cause of these errors—user naiveté about the threats they face online—MSPs can help their customers experience less downtime and increased profitability.

That's why many MSPs now offer security awareness training as an add-on paid service. The proven value of security awareness as a layer of defense is so high it can cover itself in terms of cost by teaching a user to avoid just a single breach. Other MSPs are including end user education as a standard component of their bundled security offerings, alongside endpoint security and patching services. With this pricing model, MSPs recoup savings from addressing fewer incidents, service calls, and remediation work after customers were enrolled in training courses and phishing simulations. Even as a part of a bundle, security training actually improves the profitability of their offerings. In either model, both MSPs and their wind up more secure.

Making Money with DNS-Level Protection

DNS-layer attacks present their own security risks for MSPs and their clients. Offering protection at the DNS layer also presents an opportunity to regulate internet usage (especially important on guest Wi-Fi networks), act as a regulatory and compliance tool, and stop malware before it reaches a network by preventing access to disreputable sites.

MSPs can rely on the same tactics for selling DNS protection as a service as described above—as either a premium service or a time and money-saving addition to their basic security package—with a few additional client (and, by extension, MSP) benefits. Blocking activities like streaming media and peer-to-peer downloading sites (torrents) helps to free up bandwidth and allow a network to function more smoothly. Preventing productivity-sapping online activities like social media and gaming sites can lead to more efficient staff. And blocking access to inappropriate or harmful content can prevent human resources issues that would otherwise be expensive, time consuming, and damaging to a client’s reputation. Network-level protection allows MSPs to save even more hours on infection-related support, while business hours realize the benefits of saving numerous hours through uninterrupted productivity.

Conclusion

The online threat landscape is changing. Protecting endpoints from inbound malware alone is no longer a sensible or effective way prevent costly infections. Vulnerabilities at the user and network levels are being exploited everyday by cybercriminals. But it’s not all doom and gloom for MSPs. As the task of providing operational cyber security grows in both complexity and importance, so too do the opportunities to grow revenue by providing these essential services.

For a deeper dive into how Webroot’s layered security approach makes you money, watch our on-demand webinar here.

 

George has spent the past 18 years in the IT Security industry. Initially in Business Development, Strategic Alliances and Marketing roles for Computacenter, Europe’s leading systems integrator. Then as Global Product Marketing lead for Clearswift and for the past 8 years he’s been with Webroot in Product Marketing where he is the Product Marketing Director for their Business division, covering Endpoint, Mobile, DNS Protection and Security Awareness Training. Prior to this, he worked in the Advertising and Direct Marketing industry where he held senior executive roles at Ogilvy & Mather Direct, McCann-Erickson Direct and other leading Agencies.

RMM 101: Must-Haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus