For ConnectWise and its partners security is both a giant threat and a giant opportunity.
The opportunity lies in what, according to McKinsey, is a $2 trillion global market for cybersecurity technologies and services. The threat stems from the growing volume of concerted, and sometimes successful, efforts by cybercriminals to penetrate RMM solutions and other line-of-business tools used by MSPs.
One of the key ways ConnectWise is working to help MSPs seize the opportunity part of that equation is the IT Nation Secure partner program it introduced in 2020, which currently has over 2,000 members. Any transacting ConnectWise security partner can join free of charge and gain immediate access to not-for-resale licenses to the vendor’s security products and a portal packed with training resources and marketing collateral, along with three playbooks offering detailed step-by-step guidance on getting a security practice up and running.
Jay Ryerse, who as vice president of cybersecurity initiatives at ConnectWise leads IT Nation Secure, has also been rapidly hiring people tasked with offering MSPs personal assistance in launching a security business since last summer. The most successful security providers, he told ChannelPro last week during ConnectWise’s 2022 IT Nation Connect event in Orlando, have dedicated personnel with in-depth experience. Newcomers to the field don’t.
“You can’t go hire somebody until you’ve got some revenue,” Ryerse notes. “We’re helping them fill the gaps where they need them.”
Members of Ryerse’s team can assist in drafting operational procedures, documentation, and policies, he explains, adding that a 14-person marketing team stands ready to help partners generate leads.
“We help them build their content and help them update their website and search engine information to make sure everything is all the way it should be to tell their story,” Ryerse says.
Others on the team support “lunch and learns” and other pipeline-building activities. “I’ve got two full-time people now that go on the road and speak at partner events,” Ryerse says. A separate set of security sales engineers and architects helps partners develop and deliver demos, and a team of sales associates teaches MSPs how to pitch security solutions to end users.
There’s money available to program members too in the form of market development funds and “earned cooperative marketing funds” that partners receive in exchange for purchasing ConnectWise security solutions.
“As they spend more on security, we give back a percentage of that spend,” Ryerse explains, noting that partners have pocketed $2.7 million in earned coop funding this year.
New to the program as of last week is a similar set of people and resources specifically dedicated to business continuity and disaster recovery. “We’re going to help partners run backup events and help drive more business value there,” Ryerse says.
All of that investment is producing results, he continues. “Partners that are in the program are growing with us between 4 and 5x faster than the rest of our partner community in security,” Ryerse says. Partners have collectively grown revenue somewhere between $57 and $74 million by virtue of being program members, he adds.
Ryerse’s counterpart for protecting MSPs from attacks on their RMM and other solutions is Patrick Beggs, who was named ConnectWise’s chief information security officer in February and has spent the months since then expanding an already substantial “infosec” initiative launched some three years ago.
“As long as I’m CEO, that will always be my number one priority,” said ConnectWise CEO Jason Magee in a conversation with ChannelPro last week. “We make tremendous amounts of investments every year and it continues to grow and grow and grow.”
Examples introduced by Beggs this year include a new set of product security response teams embedded within ConnectWise product groups to point out current and potential vulnerabilities. “They’re going to be graded for that,” says Beggs, who is also building a security “red team” to hunt down weaknesses those other resources miss.
Both of those units are part of a larger “cyberfusion framework” Beggs is pursuing in which threat intelligence experts, security operations center staff, incident response specialists, and others cooperatively block as many attacks as possible and limit the impact of those that inevitably get through.
“I want to be able to work with external researchers as well,” says Beggs, pointing to the warning ConnectWise got from security vendor Huntress last month about a potentially serious vulnerability in its R1Soft backup management solution as a “great example” of the collaboration he hopes to promote. In fact, the only thing that went wrong in that episode from his point of view is that the independent researcher who first discovered the flaw told Huntress about it only because he couldn’t get ConnectWise’s attention.
“The researcher brought it to [Huntress] and they came to us,” Beggs says.
ConnectWise will launch a new email-based hotline to make reporting security gaps easier for outside experts this week. “The doors are open to talk,” Beggs says.
