Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3


Return to ChannelPro Special Report Q1, 2024
February 19, 2024 |

An MSP’s Guide to Cybersecurity Sales

Storytelling can be a great strategy to succeed at sales in this fast-growing field. By James E. Gaskin

High-profile ransomware attacks in 2023 at Dish Network, the city of Dallas, and the Las Vegas MGM Hotel don’t seem to have driven SMB customers to be more wary of their risks and step up the need for protection.  

Jennifer Bleam

Despite the increased attention on the importance of cybersecurity services, managed services providers may be struggling to get clients’ permission to protect them. That’s where storytelling can be a key sales tool, said Jennifer Bleam, owner and founder of MSP Sales Revolution. 

“It’s important to share real-world horror stories from prospects or colleagues. I recommend you stress the impact on the business. Help your client understand the very real risks that your MSP is protecting them from.”  

Rather than just sharing the overall news, drill down deeper, suggested Adam Bielanski, CEO of MSP+OS, a full-stack consulting agency that aspires to be the Deloitte and McKenzie of the MSP space.

“Focus on similar sized businesses, not necessarily local examples. A 50-person company wants to hear stories from companies of similar size in the same industry.”

Additionally, while MSP owners often understand technical details, “businesses care about what affects their businesses,” Bielanski said.

Discussions focused on the grade of steel in the shovel blade and the type of wood in the handle miss the point for customers who need a particular sized hole. “Make sure you describe how the right measures at the right time provide protection and make it real for them.”

Explain the Threats

Objections from prospective clients may include things like being too small, their data already is backed up, or not having enough money to be a target, Bielanski admitted. Educating clients is important, especially since AI makes the security landscape even more confusing, especially for the smaller prospects.

Stories can help better explain how big of a threat cyber attacks can be, Bielanski shared. “Explain the cost of protection against the perceived risk. Examine the cost of doing nothing through storytelling.”

If the prospect claims not to know anyone who’s had a ransomware attack, you didn’t explain the likelihood or impact well enough, Bleam said. Even if they know it’s possible, they may believe they can weather the storm, perhaps because they have cyber insurance, or underestimate the financial and business impact of an incident.

That’s the time for implication questions, which usually begin with, “How would it impact your department if …” and finish with your knowledge of exploits typical of that type of company, she said. “When telling these stories, stress the impact on the business with details like leaked data, missed deadlines, and even the inability to process payroll.”

Adam Bielanski

Spelling Out Costs

Protections come at a cost, of course, so your pricing model must be transparent and include the value of each component and what can save them from a $1 million breach, said Bielanski.  It also helps to have multiple options, because not every company needs the top-tier package, he added. “I’m not putting Cisco equipment in a five-person office.”

A common method starts with a standard set of security tools and offers add ons as needed, explained Scott Beck, CEO of BeckTek in Riverview, New Brunswick, Canada, northeast of the Maine border.

“There are only three things you can do with risk: Mitigate the risk by putting protection in place, transfer the risk by way of insurance, or accept the risk and roll the dice.”

Today, however, most cyber insurance companies won’t accept clients that don’t have adequate cyber protection, he added.

“All our clients get our cybersecurity stack with one price for the package. We also offer add ons like SIEM, third-party assessments, compliance as a service, and a virtual CSO role, each with a separate price.”

John Joyce, co-owner of CRS Technology Consultants southwest of Tampa, takes a similar approach, broken down into two buckets. The first is a series of non-negotiables must-haves to partner with CRS fixed into a monthly partner agreement, he said. Examples include EDR (endpoint detection and response), monitoring, and business continuity and disaster recovery.

The second bucket includes more specialized offerings, he said, “often recommended for certain verticals such as regulated industries like wealth management, accounting, legal, and the like that employ these services out of best practices and the need for compliance.”

Scott Beck

Bring in Good Partners When Needed

There’s also a growing trend of insurance-related requirements driving adoption of various services across verticals from construction to professional services, Joyce mentioned.

“These firms are being asked by insurance companies if they employ Managed SOC, DNS filtering, and other niche security-specific services. Much like EDR just a few years ago, we predict these trends will speed up adoption and better protect those companies, although at a cost.”

Adding more services, such as one that requires 24/7 monitoring, may require an MSP to find good partners, said Bleam. Building your own SOC is costly and brings a significant risk to the MSP if built incorrectly, she said. “This is one service better left to an expert.”

Bielanski agreed, saying it’s about providing the best service and playing to your strengths.

“If you’re strong in threat monitoring, maybe keep providing that but partner with other providers for other services. Are you great at anti-virus but bad at backup? Partner with another MSP, and each of you cover what the other doesn’t do well.”

Regardless of your chosen strategy, reputation and trust in cybersecurity is critical. And storytelling is a lost art in today’s market that’s drowning in social media, he said.

“Get good at telling stories relatable to customers. It may take several stories for the message to sink in. Get back to real-world examples and stories.”

Image: iStock

Return to ChannelPro Special Report Q1, 2024

Editor’s Choice

Midwest MSPs Treated to Personal Stories, Compelling Demos, and More at ChannelPro LIVE: Columbus Show

June 7, 2024 |

Ohio technology professionals joined ChannelPro to share business best practices at the area’s first-of-its-kind event.

Asigra Makes a Splash with New SaaS App Data Backup Platform

June 3, 2024 |

Asigra’s new SaaSAssure platform offers MSPs comprehensive, secure, and easy-to-use backup solutions for SaaS apps, addressing a critical market need and providing an unparalleled opportunity for revenue.

Peer to Peer: John Kampas on Why EMPIST Thrives — Plus, 1 Mistake Too Many MSPs Make

May 31, 2024 | John Kampas

How prioritizing customer protection and technological empowerment helped EMPIST evolve into a “managed technology provider” with an international presence.

MSPs React to Comprehensive, Aggressively Priced Kaseya 365

May 1, 2024 |

Hear from MSP peers on the launch of the new Kaseya 365 program — designed to provide a crucial package of tech services at an affordable monthly price.

Related News

Growing the MSP

Explore ChannelPro


Reach Our Audience