The MSP Zone

It has been a while since we discussed the topic of MSP talent shortages, specific to security (i.e., cybersecurity). A lot has happened since earlier in the year and I wanted to provide you all with an update on where we stand, how the industry is doing, and where we are seeing the most results.
 
Now, the first warning is do not get upset by what you hear. I am going to talk in generalities about what we are seeing across a very large profession. If something I say is troubling to you, just know that it doesn't necessarily mean it is going to happen to your practice.
 
Highlights:
Summary of cyber talent in the MSP sector
Mass tech layoffs
MSP talent sources

Here is some friendly advice for policy makers and legislators moving on the issue of MSP regulation (of any kind) next year, 2023. Since 2020, we have seen a large amount of activity in the cyber regulation area, including specific regulations calling out managed service providers (MSP).
 
Highlights:
Direction of MSP Regulation in 2023
Flaws in MSP regulation requiring a fix
What MSPs Need from MSP Regulation

With all the pressure and hype around growth-oriented MSP platforms these days, I thought it might be helpful to talk about one characteristic of the small MSP which is actually very important. Now, this does not mean larger MSP organizations do not possess this characteristic. It does mean, however, that smaller MSPs are more likely to find this type of process much easier to perform.
 
What am I talking about? Analyzing, identifying, digesting, and remediating MSP risk. While risk assessing is the duty of every MSP organization, smaller MSPs will find certain elements of the risk assessment far easier than their larger colleagues.
 
Highlights:
Review of the MSP risk assessment
Reporting and documentation requirements
Tips for remaining in compliance

For many MSP owners and operators sales is a foreign concept. Sales is acknowledged as a necessary business component for all MSPs, but very few MSPs have mastered the art form of sales.
 
Today we attempt to breakdown the stereotypes of sales in the managed services profession. We examine everything from process, metrics, business goals, and the important integration of sales into the managed services engine.
 
If you have ever struggled with sales in a managed services environment, this episode is for you.
 
Highlights:
MSP sales objectives
How to build an MSP sales engineMethodology
Metrics
Training
People
MSP sales: Myth vs reality

Last week was the MSPAlliance Inspire "peer" group meeting in Las Vegas. I say "peer group" in quotes because this group sees themselves as the anti-peer group. Born out of the frustration of many peer group veterans, they created the MSPAlliance Inspire to bring networking and leadership in managed services to a new level.
 
Here are some of the things they discussed and what I learned from observing these MSPs.
 
Highlights:
MSPs need a place to vent
Staffing remains an issue, but MSPs do have solutions
Cyber insurance is both a good and bad thing for MSPs

I recently spoke with an insurance executive and we had a very interesting conversation about risk and perceptions of risk related to cyber security and managed services. This conversation was eye-opening for a number of reasons, but mostly because it exposed me to a viewpoint I had not fully considered before.
 
This conversation is important because it represents what I believe is the larger debate happening right now between MSPs on one hand and public policy makers on the other. Is risk truly a black and white issue or is there reasonable ground to disagree? Let's dig in and find out.
 
Highlights:
Insurance view of MSPs
MSP view of Insurance
Where does risk really occur? The bad MSP and the bad client
How can we move forward?

Ransomware impacts many industries throughout the world, but today we focus on the manufacturing sector. Is the manufacturing industry facing an increase in cyber-attacks? If so, how are they responding to these attacks and what changes are they making to become more resilient to such attacks?
 
John Shier, senior security advisor with Sophos, enters the MSP Zone to discuss his analysis of a recent Sophos ransomware study.
 
Highlights
52% of manufacturing organizations were hit with ransomware in 2021 - a sharp uptick from 36% in 2020
66% of surveyed manufacturing and production organizations reported an increase in the complexity of cyber attacks
61% reported an increase in the volume of cyber attacks when compared to the previous year
Only 75% of those surveyed reported having cyber insurance - the lowest percentage across all sectors 
What lessons can we learn from cyber attacks on manufacturing organizations?
What can MSPs do to protect these types of clients?
What should manufacturing organizations be doing differently?

Weaver Outrage Meter (Low)
 
Sponsored by: Dell Expert Network
 
Any organization can experience growth. Some may have to buy it, such as through M&A transactions. Others, may be lucky enough to experience growth organically. Maybe they have a really good product, perhaps they just have an awesome sales and marketing team, or perhaps they are just fortunate to be in the right place at the right time.
 
The same is true for MSPs. MSPs, however, have to consider something when going through a growth period: how will such change impact their service delivery and security? Growth at the expense of scalability or security is just not worth it. So, what is to be done?
 
There are some steps any MSP can take to prepare themselves for any unusual growth period in their company. We will examine some of those steps today.
 
Highlights:
Planning for growth
Bulking Up
Compliance Responsibility
Knowing when to hit the brakes

There are many organizations looking to get a better handle on their IT management, including their security. For the majority of these organizations, it is impossible to do this entirely on their own. As such, these entities often seek out MSPs to resolve a variety of business, technical, and security objectives.
 
Before engaging an MSP, however, there are some things you ought to know about your MSP. Here is our list of questions you ought to ask your MSP prior to engaging their services.
 
Highlights:
Alignment between MSP and customer
Read the contract
Risk analysis
Risk Inheritance

Weaver Outrage Meter (Low)
Sponsored by: Dell Expert Network
As the economy continues to behave erratically, there are disturbing reports emerging about how the MSP sector may respond to this economic turbulence.
MSPs will respond one way to economic  tough times, reactive or break/fix providers tend to react in a very different manner. How these different providers respond may have far reaching consequences, both to their own organizations, but also for their customers.
Highlights:
MSP vs Break/fix Models Explained
How Proactive and Reactive providers respond to difficult economic times
Proactive vs Reactive Impact on clients