co-managed-cybersecurityMaybe you already are providing security services to co-managed opportunities. Maybe you are thinking about diving into co-managed because it is your blue ocean of opportunity in 2021. Or perhaps you are interested in getting your foot in the door to providing managed security offerings to prospects to reap higher margins on a select few streamlined services.

Whatever you are thinking, you probably have arrived at the practice of offering co-managed it security solutions to your prospects or client base in 2021. From learning the hard way over the course of several years, I want to go through three myths that might be poisoning your co-managed opportunities (these were the biggest misconceptions I had to overcome when developing my co-managed platform while growing my MSP).

Myth 1: As an MSP you’re not qualified to be the security expert for Co-Managed.

Time and time again I tried to sell IT directors or teams a way focused on all of the support aspects of managing a network. I would come in with an 800-page report looking to scare or overwhelm the IT team into thinking that they should augment their support.

I had thought that by overwhelming our decisionmakers (both IT and the C-Suite) with problems and issues on their networks, I would be able to get them to sign on the dotted line for a support package.

Reality: There are better ways to engage co-managed opportunities, getting everyone involved excited or interested in listening to what you have to say. One of the easiest ways to get their team—both IT and C-level—was to make security personal and relatable.

I ended up creating a penetration test specifically tailored for Co-managed opportunities that brought the conversation from cost to behavior. I was able to come out of the meeting perceived as THE expert in cybersecurity and created acute awareness within critical deficit in cybersecurity infrastructure and knowledge within our prospect’s network environment.

Myth 2: It’s better to simply resell security rather than create your own cyber stack.

When I started to really sell to co-managed solutions in hospitals, I had seriously considered selling a canned package—a ‘done-for-you’ cyber stack—that was promised to be merely as easy as turning on a light switch. These promised solutions were white glove services from ‘experts’ that would handle everything to manage and maintain the stack.

The problem that I saw with this? I had no control and less able to maintain a trusting relationship with our IT partners.

Reality: You can create and maintain your own cyber stack with far less risk than relying on a third party.

Yes, you are reselling cybersecurity products to your CoMIT partners, but you and your teams have a standard package that you’re confident in. You’ve done your homework and have tested the stack in action.

You can even present reports—Quarterly Business Reviews—and insights into improving and leveraging high margin pieces of your stack. By having a handle and understanding on their network security, your team will come off as the go-to indispensable experts rather than simply resellers.

Myth 3: Network assessments and security audits frustrate co-managed IT departments.

When I was growing my MSP I relied on network assessments to sell my services. It worked to some extent. But I always ran into problems.

In one case, the network assessment tool brought down the network I was evaluating, killing the deal entirely!

The reports were long, hard to understand and took hours upon hours of a tech’s time to create.

I ended up with several thousand dollars of investment into one deal that often was a 50-50 chance of signing (lots of wasted time and money on a not so sure deal).

Reality: Penetration testing does a WAY better job at selling your services and positioning you as expert.

Can you imagine coming at a cold deal and asking how confident a prospect’s team’s security stance is? What if you slipped the question, “how about we just do a small little test to see that your IT team is doing what you expect them to do? We can run a simple penetration test to see that everything is working.”

You run the scan on a few computers in their environment, expose flaws—both errors the IT team had made, along with major security flaws AND you win the deal (we’ve had a 91% conversion experience with penetration testing thus far).

Where Co-Managed is going?

Back when I started to figure out the formula to co-managed security, my team was able to deliver much-appreciated care to our clients and sell over a million dollars in revenue year-over-year to supporting co-managed solutions.

What I’ve realized is that many MSPs still function—like I had been functioning—in an outdated world where services were underappreciated as purely commodities. What I’ve learned over 20 years of running and growing my MSP—until I sold it in late 2019—is that listening and observing others around us that have mastered or found successes is critical to the health, success and sustainability of what I’m investing in.

The reality of 2021 will be different. That’s why I decided to invite Bob Coppedge (the CoMIT guru) to help us dive into how to make CoMIT easier in 2021, THIS Thursday (January 14th) at 12 PM Eastern.

Sign up here: www.galacticscan.com/comit/