IT and Business Insights for SMB Solution Providers

Repeat After Me: I Am in the Security Business

The final installment in our 2018 series on preparing yourself for long-term growth looks at scaling the security practice you already have without knowing it. By Colleen Frye
Reader ROI: 
MOST MSPS already offer basic security, but can profit from adding advanced security solutions as well.
EDUCATE YOURSELF or your staff on the cybersecurity landscape, or acquire the talent through hiring, outsourcing, or partnering.
TAILOR YOUR OFFERINGS to your target customers’ security and regulatory needs, and what they are willing to pay for.
DEVELOP DEEP EXPERTISE by targeting verticals or specialties, and scale from there.

THINKING ABOUT getting into managed security services? The first step is recognizing you’re already there.

If you’re protecting your SMB customers’ data against loss, theft, or unauthorized access with foundational security like firewalls and anti-virus, you’re in the security business, says Mike Semel, president and chief compliance officer at Las Vegas-based Semel Consulting LLC. The question now, he says, “is how do you take what you’re doing and reframe it, but also expand on what you’re doing in a way that makes sense?”

Tread carefully down the road to scaling a security practice though, advises Michael O’Hara, a cybersecurity expert and head of MikeOSecurity, in Sparta, N.J. “There’s a real temptation to jump into that business without really knowing what you’re getting into,” he says, adding that the consequences of being ill-prepared are twofold. First, you could put your clients at risk; and second, you could harm your firm’s reputation.

No doubt there’s plenty of opportunity in security. The number of attacks targeting SMBs, including phishing, advanced malware, zero-day, and ransomware, is rising, according to the 2018 State of Cybersecurity in Small and Medium Size Businesses study, conducted by the Ponemon Institute and sponsored by Keeper Security. In the last 12 months, 67 percent of SMBs fell victim to a cyberattack and 58 percent experienced a data breach. Plus, nearly half of respondents say they have no understanding of how to protect their companies against cyberattacks.

That’s where you come in. Here’s how to get started and grow.

Get Educated or Bring in Talent

The first step is to educate yourself about the cybersecurity landscape, says O’Hara. “You don’t have to be the one to get that education, but make sure you have somebody on your staff [who] understands what the real threats are, understands foundational security, understands policies, procedures, and awareness—that’s your bedrock.”

“Make sure that you have reinvestment strategy because cybersecurity is not set it and forget it.”


This doesn’t have to be a difficult or expensive process, says Semel. “You don’t have to fire your old staff, and you don’t have to hire all new staff, but maybe you have to take your techs and your engineers and put them through something like CompTIA Security+ training.” He also suggests acquiring the CompTIA Security Trustmark+ certification and using it as validation that people can trust you with their most valuable data.

Terry Cole, CEO of Cole Informatics LLC, an MSP in Parsons, Tenn., who’s in the process of building a security practice shares Semel’s belief in the power of security credentials. “My intention [is] either to become CISSP [Certified Information Systems Security Professional] certified, or hire that, or both.”

Acquiring knowledge of the Linux world helps as well, according to Rory Sanchez, CEO of True Digital Security, a security, governance, and IT management company with an office in West Palm Beach, Fla. “There are so many open source tools that can really help an MSP or an MSSP [managed security services provider] get their game to the next level at not a lot of expense,” he says.

About the Author

Colleen Frye's picture

Colleen Frye is ChannelPro's managing editor.

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.