MSP cybersecurity client conversations get easier

Convincing customers to invest in cybersecurity has become less like pulling teeth, according to MSP executives; other IT channel news.

MSP cybersecurity conversations with clients have become a bit easier due to the rise in incidents and some inadvertent assistance from cybersecurity insurance salespeople.

MSP executives discussed the current security landscape at MSP Xperience, an online event hosted by business availability vendor Axcient on Oct. 26. The event also covered scalability in MSP cybersecurity practices and the importance of building a "mental health stack."

In the MSP security market, the traditionally difficult task of convincing clients to invest in security is going more smoothly. "It used to be an issue when you were trying to talk to clients about security and the importance of things like business continuity," said Luis Alvarez, president and CEO at Alvarez Technology Group, a managed security services provider based in Salinas, Calif.

"But for better or worse, the world has changed," Alvarez said. "People now are just as anxious to have that conversation as we are to engage in that conversation. They may not want to spend the money, but at the end of the day, they get it."

MSPs no longer need to provide abstract examples of cyber attacks and their aftermath to get customers' attention. Such incidents have become all too familiar for many, if not most, SMBs. "Everybody knows somebody who has gotten hit or knows somebody who is in the process of recovering from a ransomware attack," Alvarez noted.

A Deloitte report released this week found that 98% of U.S. executives said their organizations experienced at least one cyber event in the past year.

While the visibility of cybersecurity incidents helps MSPs with their client discussions, MSPs also benefit from the unexpected pre-sales work of cyber insurance sellers. "I think the best thing that happened to us from a security standpoint, as a group, was insurance salesmen pushing these cybersecurity policies -- because we are the second phone call," said Jason Holbrook, owner and security consultant at Empower Information Systems, an MSP based in Newport News, Va.

Stephen Tracy, director of managed services at Entech, an MSP based in Fort Myers, Fla., also cited the role of insurance in advancing cybersecurity discussions. "It is getting easier to have those conversations, partly because of the cybersecurity insurance [and] being able to map out, whether it is the risk assessment or just your managed services, to those specific cyber insurance requirements," Tracy said.

The policy gives customers something tangible that points the way toward improving security, in addition to an MSP's recommendations. Such customers can say, "Now I've got multiple people telling me that I need to do this," Tracy noted.

With the ice broken, MSPs typically offer a risk assessment as the first phase of a client cybersecurity engagement. Customers, however, may want to skip this step and move on to specific security products or services.

"A lot of times, people will jump up from A to Z and don't really think about the in between," said Ben Nowacky, senior vice president of product at Axcient.

Organizations may want to move immediately to a security operations center or adopt a security information and event management tool, but lack the insight in what it takes to get there, Nowacky added. The risk assessment, however, helps by "painting the picture of where the gaps are" and then establishes a roadmap toward operational excellence and cyber resiliency, he said.

Other customers may assert a prior risk assessment, such as one performed five years ago, is good enough, believing the security measure to be a one-time event. "We live in a very dynamic, changing world," Alvarez said. "A risk assessment is something we do annually with our clients. It's not going to be a we're-done-in-30-days type of exercise."

Coretelligent gets new PE owner

Coretelligent, an MSP based in Westwood, Mass., has new ownership following VSS Capital Partners' sale of the company to Norwest Equity Partners.

VSS, a private investment firm, initially invested in Coretelligent in 2016 and is now a minority investor in the company. During its five-year ownership, VSS drove an acquisition strategy that resulted in the purchase of Soundshore Technology Group, United Technology Group and SoundView IT Solutions. Those deals let Coretelligent expand in the Southeast and other markets, according to VSS.

Trent HickmanTrent Hickman

Outside of those deals, Coretelligent has seen organic growth in the mid-teens to 20% range, said Trent Hickman, managing director at New York-based VSS. Going forward, a consolidation play is layered on top of that growth, he added. "We still see quite a bit of fragmentation out there and a really good consolidation opportunity," he said.

Growing the Coretelligent MSP platform with an annual add-on acquisition will provide the baseline for inorganic expansion, Hickman said. "We'd love to accelerate [that pace]," he noted.

Future deals will have an industry flavor as the company aims to bolster its presence in its core financial services and life sciences vertical markets. More than half of Coretelligent's business stems from the financial sector and about a quarter from life sciences, Hickman said.

MSP platforms have become a focal point of private equity investment.

Partner roster update

  • Vade, a threat detection and incident response vendor based in Lille, France, added partnerships with channel companies such as Arrow, GSN, DIS, Networld, TD Synnex, Takachiho, IIM and Daiko Denshi Tsushin. The company also cited its "co-sell ready" status with the Microsoft One Commercial Partner program.
  • SCADAfence, a cybersecurity vendor, will partner with BDO, a business advisory firm. SCADAfence, which focuses on operational technology and IoT, in October 2021 launched a partner program for channel and technology companies.
  • Distributor Ingram Micro inked a strategic alliance with NightDragon, a cybersecurity investment and advisory firm based in San Francisco. Ingram Micro's Emerging Business Group works with NightDragon's portfolio companies on how to create a channel and distributor strategy.
  • Cybersecurity vendor Alert Logic expanded its partnership with Sungard Availability Services. The latter company will provide Houston-based Alert Logic's managed detection and response (MDR) offerings to customers in North America and Europe.
  • Commvault, based in Tinton Falls, N.J., added Veristor, GM Sectec and Data Management Professionals South Africa to its Metallic MSP ecosystem.

Other news

  • Sysnet Global Solutions, a cybersecurity and compliance solutions provider based in Dublin, acquired SecureTrust, a division of managed security services provider Trustwave. SecureTrust, based in Chicago, specializes in payment card industry compliance. Sysnet has been active in the managed services market in recent months, having acquired the Managed Compliance Solutions division of ControlScan, an MSSP, in late 2020.
  • Presidio, Inc., a digital services and solutions provider based in New York, unveiled an MDR offering. Presidio MDR includes customizable deployment and managed services.
  • Uniphore, a conversational AI company based in Palo Alto, Calif., launched a partner program. The Uniphore Unite program covers a range of partner business models, including referral, resell, managed services, co-selling and services. The program consists of an entry level reseller/business process outsourcer tier; an intermediate level for companies that have participated in sales and technical training; and a top tier for partners that consistently collaborate on sales, marketing and training.
  • Registration is open through Nov. 12 for CompTIA's Apprenticeships for Tech Accelerator Program. Employers interested in participating in the program's winter cohort may register with the industry association.
  • MSP360 added Immutable storage for AWS to its Managed Backup Service. Other features include a new backup format and restore verification for image-based backups. The Pittsburgh-based company provides backup and IT management products for MSPs.
  • Crayon, an IT services provider based in Oslo, Norway, cited a surge in channel business as it reported a 29% year-over-year increase in third-quarter gross profit.

Market Share is a news roundup published every Friday.

Dig Deeper on MSP business strategy