Yesterday, I attended a meeting of the California Society of Association Executives - Cal SAE, a part of the American Society of Association Executives. I went as Executive Director of the National Society of IT Service Providers.
Pretty much everyone at the meeting was either an Executive Director, Assistance Executive Director, or CEO of a nonprofit association. As "associations," the members represent a variety of professions, such as physicians, libraries, restaurants, pest control companies, and so forth.
They were business people and represented business people.
As I introduced myself around, the key question was either what does your organization do or why does your organization exist. (I think Simon Sinek would be delighted that so many conversations started with the "why" question.)
As a technical person who has run technical companies for a few decades, I am very used to people not really understanding what we do. You've been there: If you say, "We design, build, and support secure networks for small businesses," someone will respond that their cousin makes graphics for SnapChat. Okay. Whatever.
I didn't have that problem yesterday. When I said that we are a collection of technology consultants who are facing tough challenges and want to make sure that our side of the story is heard, the most common response was, "Oh. You folks are under attack." People in small business actually know that we (IT consultants) are fighting a war on ransomware and cybersecurity. They can name Colonial Pipeline and Solarwinds, even if they can't give any details. They know cyber insurance is going through the roof, and they know that government agencies are looking to regulate us.
Literally, for the first time in my life, I introduced myself and people had a very good idea of what I was up to.
I find it very ironic that many people in our own industry do not yet see the same thing.
Right now, today, as I write this, I am preparing notes to record a podcast on the recent announcements from NIST, CISA, and the Federal Acquisition Regulatory Council. Regulation is everywhere. Check Wired.com
or your favorite news channel and there's probably a cybersecurity news report from the last day or two. And, obviously, insurance rates and requirements are being overhauled for all businesses.
The Good News is: I believe your clients understand some of what you're going through. All businesses and industries discuss cybersecurity and cyber insurance rates on a regular basis. And while regulation might not be top of mind, business owners are regularly clicking on articles about cybersecurity and insurance only to find that they're also reading about the regulation of our industry.
If you are not discussing these topics with your clients you should be. You don't have to make it political. You don't have to take a stand. Just talk about the elephant in the room.
Your clients are talking to anyone who will listen about their insurance rates, and their cybersecurity policy - if they can get one. If nothing else, listen to them and sympathize. Have the discussion.
Obviously, it's easier to talk about ransomware and cyber threats. But here, too, listen to your clients. What are their real challenges, from their perspective? Consider how you might help.
Remember, your relationship with your clients should never be an "us" vs. "them" environment. You and they are in this together, in a symbiotic relationship that is part of the larger small business ecosystem. You and your clients are going through these challenges together.
Just be aware: Many of your clients are tuned in. They understand what's going on. And I'll bet they sympathize with the challenges your business faces today.
-- -- --
Side note: One woman spoke at great length about the challenges they have with cloud services and letting people spread company data all over the place with various services that are not part of the officially sanctioned corporate cloud service. Many people nodded their heads in agreement.
This is another example where business owners understand the challenges you deal with. I believe they are eager and ready to have meetings with you about how they can address these challenges. It's a great time to be a consultant and not just wait for something to break so you can remote in and fix it.
It's a great time to nurture your role as a technology consultant and not just a fix-it company.