SMBs want someone who understands their business and their risks, can devise the right strategy, analyze their security vulnerabilities and implement the right technologies. 

MSPs can close the revenue gap with a comprehensive security services package for their SMB clients. But to make the leap from MSP to MSSP (Managed Security Service Provider) and earn their customers’ business as a trusted CSO (Chief Security Officer) they should complete these four phases: 

Basic Security

At a minimum MSPs should provide anti-virus, firewalls and VPN management, and security patch management as part of their customary service offering. 

Identify risks and lower the chance of a breach

In the past companies had disaster recovery plans for manmade and natural disasters. Today they need a similar plan for security breaches, whether the plan is dictated by federal regulations, such as HIPAA or PII (personally identifiable information) or simply because the market is imposing the mandate.

In this phase MSPs can upsell services by counseling clients, developing a strategy and helping them identify risks and gaps in security.  To offer this service they should review the client’s network, provide security risk assessments and PII, and other sensitive data detection, along with vulnerability scanning and penetration testing.

Employee security training should be a part of this phase.  Include how to protect portable devices such as laptops, smartphones, tablets and USB drives – since an estimated half of all data breaches occur due to unsecured data on lost or stolen portable devices. Make clients aware of the signs of potential security breaches, such as distinguishing between legitimate emails and websites, and those designed to execute phishing scams.

Detect and react to a suspected breach

Even after implementing the right technologies to prevent a breach, a persistent hacker, or disgruntled employee can still break through.

It may not be possible to stop a hacker from entering a client’s network but early detection as well as multi-layered security is critical to protect a client’s valuable information.  By adding security information and event management (SIEM) along with intrusion detection (IDS) and managed breach response services an MSP can help detect and react to a suspected security breach.

In the event of a breach a client will look to the MSP to take action that stops it, provide forensic analysis to determine the source and extent of the breach, and assist with guidance on breach reporting obligations and protection of individuals that are affected by the breach. In addition, the client will expect the MSP to implement additional security measures to help minimize a similar breach from reoccurring.

Provide a full outsourced managed security service, assume the CSO role

An MSP can provide a Managed Security Service that positions it as a client’s Chief Security Officer by providing a full range of security services starting with basic security and expanded services that will lower a client’s chance of a breach (security risk assessments, data detection and vulnerability scanning), to breach response services (breach remediation, forensic analysis and breach notification).

Once clients recognize how important it is to protect their data, they will look to their MSPs for guidance. With the requisite services MSPs can make the transition from MSSP to CSO and capitalize on the market opportunity.

Art Gross is the CEO and co-founder of Entegration, a managed service provider.  He also founded and is the CEO of HIPAA Secure Now! and Breach Secure Now!