Cyberattacks are evolving fast. MSPs see it every day, but their customers often do not. IT service providers can help fill this gap.
ThreatLocker’s top executives are urging partners to take a more direct role in shaping their clients’ cybersecurity strategies. That means stronger security controls, clearer communication about risks, and more confidence in the value MSPs deliver.
Those themes surfaced throughout ThreatLocker’s Zero Trust World conference in Orlando. The annual cyber defense event has grown alongside the demand for security guidance; what began with about 80 attendees years ago now draws more than 2,000. Despite the growth, the goal of the conference has remained the same, ThreatLocker CEO and co-founder Danny Jenkins told ChannelPro in an interview.
“We created this conference with one thought in mind: How do we educate people on the right things to do?” Jenkins said. “The world is drowning. We have IT professionals who have been in the same job for 20 years, but the job has completely changed. When we started, I was dealing with I Love You viruses and things like that. Now we’re dealing with the most aggressive cyber attacks, many times from nation states or organized gangs.”
So how can MSPs defend their own businesses as well as their clients against sophisticated threat actors? Jenkins, along with his co-founder and wife, Sami Jenkins, shared their MSP cybersecurity strategy recommendations.
1. MSPs Must Be Direct With Customers About Risk
One challenge MSPs often face is convincing clients that stronger security measures are necessary. Small businesses frequently assume they are too small to be targeted. That assumption can make cybersecurity conversations difficult.
MSPs should take a more direct approach when explaining cyber risk, Danny Jenkins said. “A lot of this is fear. It’s like, ‘I don’t want to say it because the customer is going to think badly of me, as if I’m trying to oversell them.’ But if you’re a parent, you tell your kid, ‘This is what you do.’
Danny Jenkins urges MSPs to take a stronger cybersecurity stand.
“The same principle applies in business. Customers need clear guidance about the real risks they face.”
MSPs should also be confident in the value they provide, he added. “You need to be so confident you don’t care if they say no. And if that means you’re going to lose the customer, that means you’re going to lose the customer. That is the only way you can grow a business.”
Danny Jenkins said that mindset helped ThreatLocker scale. “We’ve grown ThreatLocker to a $2 billion valuation in five years. I did that by saying, ‘I don’t care if people disagree with me. I’m going to tell them how it is.’”
2. Build Security Solutions Around Real Problems
To have a winning game plan, MSPs should focus on solving customers’ woes. That philosophy helped shape ThreatLocker’s own platform, COO Sami Jenkins told ChannelPro. In fact, the company grew out of the founders’ experience running an IT services business.
“You need to start with fundamental problems. Find the problem first. Then you have to build to fix it, whether you’re building with people or with solutions to fix it,” she explained. “We had a problem when we were doing IT management and ransomware recovery, and there was no solution. So ThreatLocker was born from us asking, ‘How do we fix this?’ We tried to find solutions and could not find one. So how else do you do it? You build it.”
That problem-first approach still guides the company’s development strategy.
3. Target Credential-based Attacks
ThreatLocker also used Zero Trust World to highlight new capabilities designed to address one of the most common attack paths MSPs face today: credential theft.
The company introduced new Zero Trust Network Access and Zero Trust Cloud Access capabilities designed to reduce the risk of compromised accounts. Danny Jenkins said the company’s product strategy is heavily influenced by what its team sees in real-world incidents.
“We’re in a fortunate — or unfortunate — position in that we get to hear the stories of lots of customers who have come to us after they got hit. We get to see details of those attacks, and in many cases, we get to understand them. We’re taking all of that data, and we build around it.”
The tools are also designed to replace older VPN-based approaches that many organizations still rely on. ThreatLocker rolled out the new services alongside a significant infrastructure expansion that included multiple new data centers.
Sami Jenkins (center) advises MSPs to start by trying to solve their clients’ fundamental problems.
Cybersecurity Is Critical for Organizations of Any Size
Cyber risk does not depend on company size. Even the smallest organizations can become targets. That reality makes MSPs a critical line of defense.
“You could be managing one or two endpoints for somebody. They still need the protection because they’re still human, after all. They’ll still click on links. There’s always a chance they could get breached,” Sami Jenkins emphasized. “As long as you’re implementing the right security protocols and you’re managing them, then you should be good.”
The message to IT service providers is that cybersecurity conversations with clients need to be more direct and strategic. As threats escalate, MSPs that lead those conversations will be better positioned to protect their customers and grow their own businesses.
More Zero Trust World Coverage from ChannelPro
➡️ ThreatLocker Gives MSPs New Weapon Against Credential Theft and Phishing Attacks
➡️ Zero Trust World in Orlando Puts MSP Security Strategies Into Practice
Anjali Fluker is managing editor for The ChannelPro Network, where she covers news, trends, and best practices for the MSP community. She specializes in telling the stories that matter to IT providers serving the SMB market. When she’s not reporting on the latest in managed services, she’s connecting with channel pros at industry events across the country.
Images: Gibster — stock.adobe.com, Anjali Fluker/ChannelPro
