Top Mistakes Managed Service Providers (MSPs) Make in Cyber Security

My team spends a significant amount of time with Managed Service Providers (MSPs) throughout the year learning about their businesses, growth opportunities and discussing how we can partner together.  Along the way, we see a broad range of the challenges and opportunities selling security solutions present.

There are a variety of different types of MSPs in the market today, differentiated by their core competencies (infrastructure vs. security, servers vs. clients, etc.), as well as where they are focused (on-premises, third-party hosting, public cloud, and/or hybrid installations).  Regardless of where an MSP lands, we have found common behaviors that were preventing them from building profitable businesses in the security market.

For those operating an MSP, we have observed three common behaviors to avoid:

  1. Every customer is a snowflake – Snowflakes are each unique with no two formed the same way. For an MSP, treating customers as a unique “snowflake” with little standardization, product consistency, or common techniques results in a death sentence for your business.

MSPs seeking growth and increased margins must standardize to a set of products and services that can be executed upon efficiently, followed by constant innovation to increase customers adds at a faster rate than increasing headcount.  In the security market, it’s not only important from a profit perspective, it’s the only way to guarantee customers that an MSP can stand between them and the threat actors to protect their most sensitive assets.

  1. Hiding from the security conversation – Many MSPs, including both the traditional and “born-in-the-cloud,” do not consider security to be a core competency. As such, they don’t train sellers how to help customers address security concerns.  This results in stalled projects and lost deals when they have to compete with MSPs that decided to face the security conversation head-on and partner with security specialists.

Not a day goes by that cyber security isn’t discussed in major media outlets, online and in boardrooms.  Avoiding from this important conversation demonstrates that an organization is tone deaf to some of the most critical concerns of CEOs, CFOs and CIOs today.

  1. Picking the wrong partner – When holding true to the first two resolutions, it’s incredibly important to pick the right partner to help these new muscles flourish. It will require commitment from leadership team and a core team to wade through the 5000+ security vendors and the hundreds of Managed Security Service Providers (MSSPs) in the market today.

Reduce the aperture by honing on potential partners that have built standardized, scalable security frameworks and demonstrate willingness to invest in sales enablement and pipeline development with sales and marketing teams.

There is without question a tremendous opportunity to capitalize on the overwhelming need for organizations, regardless of size or industry, to strengthen security posture. The fact is, the need is real and pervasive, and most business leaders have an air of desperation to address cyber security. These resolutions can help MSPs be the “champion” in this situation to accelerate growth.

Resource Center

More security resources at your fingertips.

Practical Content for Security, DevOps, & IT Professionals