What do you think is the biggest driver for small and medium businesses seeking help with cybersecurity?
Would you be surprised if it wasn’t either preventing a breach or responding to a breach?
In our experience, it is neither. The biggest driver for an SMB to invest in cybersecurity is the impact on revenue. Specifically, SMBs want to reduce “revenue friction,” the slowing of the sales cycle or even the loss of sales due to time spent responding to cybersecurity requirements for themselves or their customers.
While many SMBs have their own regulations to deal with, such as HIPAA, cybersecurity requirements are increasingly part of their RFPs or contracts. In addition, if you have clients that sell to large enterprise customers, they are probably getting inundated with security questionnaires.
Here’s a scenario we see often:
Jane is the lead sales professional for her software-as-a-service (SaaS) company. Her SaaS solution provides critical market data for her enterprise clients, who would like to integrate the market data into their CRM software. She’s been engaged with a major media company on a significant sales proposal. It’s a long, enterprise-level sale, but Jane finally gets to a “yes.” She’s ready to close the sale and celebrate.
Then comes the screeching brakes on the deal: a dreaded security questionnaire with 200 mind-numbing questions about firewalls, multifactor authentication, hiring and firing practices, cyber insurance, and more. Obviously, this is not Jane’s area of expertise. So she sends it to IT, which in this case is an external MSP. After all, cybersecurity is IT, right? However, the MSP can only address two-thirds of the questions. Now Jane needs to send it to human resources, then legal, then accounting. Many of the questions are not about IT directly. They are about policies, procedures, and training.
Meanwhile, the deal Jane thought was closed is stalled. Two weeks go by, then five. Across the company, the staff filling out the questionnaire aren’t even sure if they’re doing it right.
This scenario illustrates “revenue friction.” Not only is Jane not closing the sale, she’s wasted a lot of time and is distracted from her next prospects.
For MSPs, this scenario represents an enormous opportunity. When companies have to address cybersecurity to close their own prospect engagements, the direct tie between cybersecurity and revenue is a pain point you can solve. In addition, when closing sales directly maps to cybersecurity, everybody involved is highly motivated. Best of all, the conversation becomes about business results, as opposed to software stacks or blinking lights.