SELLING SECURITY is about storytelling. Whether I’m sitting with a client one-on-one or standing on the stage in front of hundreds, telling a story from the front lines of cybercrime that has been in the media or shared by my vendor partners makes security more relatable to businesspeople. When you can help customers make that connection between what the risks are and what that means to their business, you can see the light bulbs go off. That's when they start paying attention and want to know how to protect themselves.
My own ah-ha moment occurred in the early days of ransomware when my peer group encountered CryptoLocker. Since then, BeckTek has done two things: We transformed to a security-centric MSP, and I transformed myself into a sought-after public speaker on the topic. That combination has changed our business over the last six years and accelerated our growth.
MSP vs. MSSP
BeckTek purposefully chose to be a security-centric MSP versus a managed security services provider (MSSP). Rather than build out a security operations center (SOC) and put a team in place to support it, we evaluated and tested existing solutions to determine what would make sense for our clients' price points and required security levels to give them peace of mind.
We built out a stack of solutions and, like an orchestra conductor, we ensure they all play well together. We are also the “one throat” for our clients to choke if there is a problem.
Our security offering includes three main platforms: SOC-monitored advanced endpoint protection, breach detection and response software, and a universal threat management firewall featuring intrusion detection/prevention services. We also use a third-party email security solution to clean email before it hits the client’s email servers, and offer employee education and training along with dark web scans. All these different layers go into making our security “cake.”
Not everybody requires a seven-layer cake, of course, so we customize the stack to a client’s needs and acceptable levels of risk. At a minimum, we require clients to have our RMM solution along with our advanced endpoint protection and breach detection and response solutions.
Clients really don’t care about which tech solutions you’re using, but they do want to hear that they’re protected. So over the years I've worked very hard at becoming a public speaker and telling stories that help people understand why security is a business solution. Stories are powerful tools, and if you offer free, valuable information and establish yourself as an authority, people will want to engage with you.
Becoming a Storyteller
You can become a security storyteller even if it doesn’t come naturally to you. Back before BeckTek, when I was a radio DJ, I found it quite scary just turning on the mic and knowing there were people listening, despite being in a room by myself.
But about seven years ago, I heard a speaker at an industry event talking about security, and my wheels started turning. I thought, "Yeah, I can talk for an hour on security.” So I approached my local chamber about doing a free seminar. It went well and I branched out through other local service organizations. Once I got the first couple under my belt I got more comfortable. Then other organzations started approaching me. My first local radio spot led to a TV spot, which put me on the radar for speaking engagements, and inclusion in the movie Cyber Crime, a documentary (available on Amazon) featuring me and other security experts.
To go down this road, you must get uncomfortable in front of an audience before you get comfortable. Also, recognize that everybody makes mistakes and something always goes wrong. I’ve learned that if you can joke about yourself, you put people at ease and they'll forgive any little mistakes.
Once you turn your own mic on, prospects who reach out because they’ve heard you speak are already prequalified and pre-sold on the concept that they've got a security problem. That has opened a lot of doors for me.
Photography: Denis Duquette