“We don’t have the budget for now.”
“We’re not as profitable compared to large companies, so I think we’re safe.”
“I think it’s just not possible.”
“Our firewall is enough.”
We’ve all heard customers trying to get away from conversations about upgrading their IT security. Unfortunately, cybercriminals are getting more creative and smarter than ever before and being complacent and indifferent are not the right traits to possess in fighting against them. This is surely not the first time you’ve read something about how cyber threats have been attacking Australia’s IT systems actively for the past years. Australian Cyber Security Centre (ACSC) dealt with 2,266 cybersecurity attacks from June 2019-2020 and we will not be surprised if numbers go uphill in this year’s report. As more cyber threats are looming out of unknown sources, MSPs play a bigger role.
If there are bad actors out there, then you have to be a good director – Be that “Trusted Advisor”. Point them in a direction that will make them realise the value of IT security.
If you feel like you’ve run out of strategies to change your clients’ mindsets, here are a few ideas to try.
1. Understand your customers and their requirements
Different customers from different industries have varying needs. A real estate firm’s security measures could be entirely different from a legal or accounting firm. You must know your customer verticals to be able to come up with comprehensive cybersecurity proposals.
Ask them about their priorities and objectives when it comes to security. Some companies may want to focus more on data protection while others just want to create a more secure remote working environment.
Additionally, know what devices, software or applications they use on a daily basis and identify the important areas that could extremely affect their business once a cyberattack occurs.
This could be done perfectly by preparing a checklist that includes all essential elements of every business such as the following:
- Email Accounts
- Communication Devices e.g. VoIP, Mobile Phones, ETC
- Networks
- Endpoints
- Websites
- Data
- Collaboration Software
- Storage
- Other systems
Once you’ve identified their top priorities, you can then build a good security measure that you can offer to deploy to their systems. Your security safeguard offering may include Credential Management Solutions, Backup as a Service (BaaS), Secure File Sharing, Virtual Private Network, Anti-spam Filters, Data Encryption and a lot more.
2. Tell them facts but don’t drive fear
The internet is teeming with horror stories about cyberattacks and you don’t want to be another ghost to scare your customers.
It’s easy to come up with disturbing reports on how much it would cost to recover from a cyberattack and how susceptible SMEs are to cybercrimes. But there’s a thin line between being a source of information and just plainly arousing terror whenever the topic of cybersecurity is being discussed.
Presenting relevant data is important but being a reliable educator will win your clients’ trust. Continuously educate them about the most active threats in the IT ecosystem – the whats, whys and hows. Cryptomining, phishing, ransomware and Trojans are just some of the top cybersecurity threats that your customers should be informed about. Don’t scare them with threatening data but focus more on making them understand the value of keeping a secure IT environment. Turn cybercrime jargon into simple ideas and inform them about the long-term benefits of investing in IT security not just in terms of cost, but also in time, manpower and other aspects of their business.
3. Don’t be a fake hero
You probably know this already but we’re still going to say it: There is no such thing as 100% security. So be honest and don’t guarantee your customers absolute security. Let it be known that creating 100% attack-proof IT networks is not possible.
Instead, help them be prepared for the risks brought by cyberattacks and how to build a strong fortress to be prepared whenever threats arise.
Moreover, to be a trusted security consultant, you must do regular checks within your team too. Is your team equipped enough to manage every type of cyberattack? If you aren’t confident enough with your answer, try to reflect and identify all the knowledge and skills gaps as well as process loopholes in your cyber attack strategies. Only then you’d be able to come up with firm plans to address these efficiencies.
Moving Forward
Cybersecurity is no longer a distant land. More and more businesses are becoming aware of the tremendous number of cyberattacks, but unfortunately some are informed incorrectly.
An MSPs purpose lies beyond just selling cybersecurity solutions but to be constant advisors to their customers of the importance of being protected in a world full of cyber threats. To be able to do this, you must communicate with them persistently and consistently improve your MSP’s expertise and skills in finding efficient ways on how to combat cybercrimes.
Also, make sure to familiarise your team with the news and resources that can be found in Australian Cyber Security Centre’s website
Here are some essential read that can guide you in building efficient cyber security offerings:
Our team is more than just this piece of content. If you need more help in positioning cybersecurity to your customers, we’d be very glad to have a conversation with you. If you are not one of our partners yet, go ahead and register to become one below.