Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3

News & Articles

Return to ChannelPro Special Report Q1, 2024
February 16, 2024 |

The Marketability and Revenue Advantage of Cybersecurity Bundling

Experts share the benefits and best practices of integrated cybersecurity solutions in IT services providers’ offerings.

Security is no longer an add-on service for MSPs, and bundling these services is a good strategy for those looking to grow revenue and be more marketable.

Erick Simpson

That said, it takes a lot of time, effort, and investment for MSPs to develop these bundles of products and services, and to deliver them themselves, noted MSP expert and influencer Erick Simpson, CEO of MSP Mastered and Channel Mastered.

“For many MSPs, it makes more sense to partner with a vendor who has a comprehensive suite of services focused on strengthening the security posture of their clients and the MSPs themselves.”

In the past year or so, there’s been a trend of MSPs working with resellers and security vendors who select the products and services an MSP should offer in a single solution, and resell them in that bundle to the MSP, according to TeraCloud President Eric Long. This includes SIEM (security information and event management) and SOC (security operations centers), he added.

“They bundle that together — and it’s usually expensive — but not everyone can act as an MSSP (managed security services provider). The alternative is for the MSP to go out and secure the individual services on their own and build their own stack.”

Best Practices on Bundling Cybersecurity Services

When combining services, MSPs should have at least one to two offerings, including basic security services like DNS filtering, antivirus, anti-malware, and ransomware protection.

None of the minimum core services should be a la carte, recommended Shawn Walsh, a partner and senior consultant at Encore Strategic Consulting.

“You can’t really offer a true managed service without that as the minimum. You’re setting yourself up to be sued by clients who experience a security incident. It’s not a reasonable risk.”

He recalled a law firm client that experienced a data loss, and when the company pulled the backup tape, it was broken. Walsh got called into “a tense meeting” with the firm’s partners, he said.

Eric Long

“One growled at me and said, ‘Why did we have data loss? We pay you a lot of money every month.’” Walsh reminded the client that during contract talks, the company chose to handle backup themselves.

“He said, ‘You should have insisted,’” Walsh recounted. “We never allowed a client to choose their tech stack again.”

For clients, the MSP is the expert that needs to be able to make the case for spending more on additional security offerings. “They’re not qualified to make the decision.”

Additionally, MSPs should partner with resellers who have a good portfolio of products to help build a comprehensive set of offerings, Walsh advised.

TeraCloud mainly offers bundled security services at three different tiers. Bundling services enables the company the flexibility to change the vendors they do business with, Long said.

The upside of bundling is that the MSP doesn’t have to think about what services they should provide.

“There’s nothing worse than a proposal with 15 different products,” Long said. “They’ll look at each line and say, ‘I don’t need this or that.’ This negates having that conversation.”

Factors to Consider When Designing Bundles

Deciding what cybersecurity products and services to include in a bundle comes down to the client’s risk profile, Walsh said.

Shawn P. Walsh

“In the MSP industry, we have a bad habit of just copying what everyone else does,” he said, which makes it hard to stand apart from the competition. If all the pitches looked the same to the client, it will go with the lowest bidder, Walsh observed.

However, costs and vendor sprawl must be controlled when designing a security bundle, Long explained. Don’t create overlap by signing up for the latest widget when you already have a widget in your stack, he said.

It’s also important to have a growth strategy in place for adding new clients, Long said. And the MSP should make sure they are being billed correctly by the vendor.

MSPs also must show compliance when a client files a cyber claim, stressed Simpson. Many claims were denied by insurance carriers when a customer had experienced a breach because they did not comply with the policy’s minimum requirements, he said.

MSPs should understand the total cost of delivery of services, and include a forecast of labor hours, then add in the cost of all their third-party tools, said Simpson. Once they figure that out, they can add their desired profit margin. He suggested a markup of 60% to 70%.

“I recommend longer-term agreements when you can get them because of high growth profit margins.”

Image: iStock

Return to ChannelPro Special Report Q1, 2024

Editor’s Choice

Introducing ChannelPro’s Top 20 MSPs for 2024

June 18, 2024 |

These companies lead the way in building up the IT channel, as well as ensuring that their clients run thriving businesses.

Midwest MSPs Treated to Personal Stories, Compelling Demos, and More at ChannelPro LIVE: Columbus Show

June 7, 2024 |

Ohio technology professionals joined ChannelPro to share business best practices at the area’s first-of-its-kind event.

AI-as-a-Service Takes Shape for 3 MSPs

June 4, 2024 |

AvTek Solutions, LAN Infotech, and PCH Technologies share how they are working with the new AI-as-a-Service platform in their day-to-day business.

Related News & Articles

Growing the MSP

Explore ChannelPro


Reach Our Audience