9 Essential Do’s and Don’ts to Selling Managed Cybersecurity

Cybersecurity should be a year-round focus on educating partners and prospects and improving and evolving your offerings to protect your clients better.

Dos and Donts

Gone are the days where, when asked about cybersecurity, the majority of people might just picture a villain wearing a black hoodie in the dark surrounded by computer monitors. Cybersecurity is now inescapable in the mainstream news, with high-profile attacks happening with increased frequency and severity.

While cybersecurity is a topic around the dinner table these days, it’s been a top priority for those in information technology for years. As organizations scramble to address growing cybersecurity worries and evolving security requirements, managed service providers (MSPs) are in a unique position to offer their expertise to IT leaders and take on full or co-managed IT service contract arrangements. To help MSPs make the most of this selling opportunity, here is a quick list of essential do’s and don’ts for selling managed cybersecurity.

The Do’s

1Have A Separate Cybersecurity Offering

Having a separate cybersecurity offering makes sense for a variety of reasons. For MSPs with existing clients, it provides the opportunity to add something new and in-demand into their services. For new clients, it presents an all-in offering that encompasses different elements they are certainly looking to have managed by an expert.

2Sell Clients the Same Security

Selling the same security offering makes things simple and allows you to become an expert in that offering. With one offering to learn, sales and marketing teams can ramp up faster, and support teams can easily apply their expertise to remediate issues and hand-off tickets.

3Don’t Sugar Coat the Reality

Clients today need to know what the real cyber risks are. This can’t be sugar-coated. There is a reason our president has issued an Executive Order on the matter. It’s essential to be grounded in the reality of cybersecurity—a lot of risk and uncertainty exists, and a lot can go wrong if steps aren’t taken to address this area.

You should also educate clients and prospects on every aspect of cyber risk that exists. There are too many confusing cybersecurity acronyms to go into each specific one, but you’ve got to let clients know what they’re up against. Our interconnected world is open to cybercrime, from the most prominent enterprises to the smallest local business.

4Discuss The Competition

It’s not like you can hide your competitors, so you may as well address them head-on. Be real in addressing competition directly when prospects bring the topic up. Be fair, cite your strengths, third-party validation, focus areas, and explain why your strengths matter to them and why you’re the best at what you do.

5Take Advantage Of Cyber Buzz

Every October is Cybersecurity Awareness Month. Add to this Data Privacy Week in January, and the big cyber-attacks hitting the headlines every few weeks. The opportunity exists to join the discussion on cybersecurity and show clients and prospects that you’re the expert they can turn to for help.

The Don’ts

6Don’t Let Clients Refuse Security Offerings

Your business reputation is at stake when clients refuse security services. Push for any Managed Services Agreement to include bare minimum security requirements for partnership, such as 2FA for administrators and managed patching. If the client or prospect refuses this, make sure you’ve recorded the opt-out to protect your business in the case of a breach.

7Don’t Say “Unbreachable”

We can’t make promises we can’t keep. Even with the best cybersecurity offerings, breaches and hacks still happen. But be sure to mention what the program entails, the effort put in, and what can be promised.

8Don’t Call Yourself an MSSP

For most clients, it won’t matter if you say you’re an MSP or MSSP or any other acronym. Some clients may be looking for specialized services and expertise, but the majority won’t know the difference between MSP and MSSP, so focus less on the added S and more on the actual Security.

9Don’t Be Held Back by the Day-To-Day Grind

The day-to-day technical work is a lot to focus on as it is. Selling cybersecurity is an added challenge. But it’s a huge opportunity right now, and it’s only going to become a bigger one. So make the time to focus on developing your offering and growing your business.

The Bottom Line

Cybersecurity is too critical and complicated a topic to only be answered with a simple “do” or “don’t.” Instead, it should be a year-round focus on educating partners and prospects and improving and evolving your offerings to protect your clients better.