You know you’re watching your customers’ backs when it comes to their cybersecurity posture, but do they? If you’re not using threat intelligence to not only explain the WHY behind your recommendations to customers and prospects but to show that you’re in the know, your competitors might be.
Threat intelligence involves the collection and analysis of data from sources such as threat feeds, dark web monitoring, industry reports, and security incidents to identify current and emerging threats, attack patterns, and vulnerabilities.
MSPs can access threat intelligence from a variety of sources, like the Global Technology Industry Association’s (GTIA) Information Sharing and Analysis Organization (ISAO), through vendors that have threat analysis centers, various news feeds, or industry reports.
Use Knowledge As a Differentiator
Here are four ways to use that knowledge to differentiate your MSP when you talk with clients about their cybersecurity needs.
1. You’re showing that you take your own security posture seriously
Belonging to an ISAO, for example, which is part of an MSP’s GTIA membership (formerly CompTIA), allows you to ask questions and share mitigation strategies with peers and cyber analysts. “We want them to ask questions, because the one thing you don’t want is to have somebody trying to solve for something on their own and then not doing it right and getting compromised,” says Wayne Selk, GTIA vice president of cybersecurity programs, and executive director of the ISAO. “So not only do we want them taking information from the ISAO, but for those solution providers that are more mature, we want them actually sharing information back into the ISAO.”
In addition, ISAO members get access to the Cyber Hub, where they can get a risk rating for their own environment so they can take steps to address any vulnerabilities. By staying ahead of emerging threats, MSPs can reassure their clients that their environments remain secure, strengthening trust and demonstrating the value of their cyber vigilance.
2. You can be proactive to mitigate threats
Threat intelligence gives MSPs “the indicators of compromise that they need to be paying attention to inside of their environment,” Selk explains. ”Use the actionable information to make sure you haven’t been compromised or your clients haven’t been compromised, and if you do find a vulnerability that somebody’s exploiting, you put a mitigation activity around that so they can’t exploit it and take advantage of compromising those systems.”
Threat intelligence will also identify hardware and software solutions that have been compromised, Selk says. With that knowledge, MSPs can proactively choose solutions without known vulnerabilities and be able to discuss that with clients.
3. You need them to know they’re a target—even if they’re small
“We’re starting to see more sophisticated attackers go after small businesses as well. That’s why security is very important for everyone,” says Greg Linares, principal threat intelligence analyst at Huntress. “One of the worst things you can think about yourself is, ‘I won’t ever be a target.’” It may not even be your client the attacker is after but one of their business partners. But if they infiltrate your customer’s environment, they can “mimic the business for a brief period of time to get access to someone else,” he explains.
By discussing actual cyber incidents and consequences, it makes the threat real. As a result, when you recommend advanced security solutions, you come across as a trusted advisor rather than another MSP trying to upsell them.
4. Use your knowledge as a “wedge” between the competition
When discussing your cybersecurity offerings with prospects and clients, use your knowledge of the latest vulnerabilities discovered or new threat actors on the scene to drive a “wedge”—a technique to sow doubt about a current provider and position yourself as an authority (see Win More MSP Sales with the Wedge Technique for specifics on the sales technique).
“Who would you rather have, the MSP that’s not paying attention to threat intelligence or the MSP that is on the pulse of what’s happening from an overall threat landscape to better protect your business?” asks Selk.
Be Smart About Your Messaging
Having access to threat intelligence allows you to demonstrate your knowledge about security trends, but it does not automatically make you a cybersecurity expert. Selk cautions MSPs to tread carefully with their messaging to stay out of legal hot water.
“The best way [for MSPs] to market this,” Selk says, “is to help show [their] clients that they’re paying attention to the threats that could be impacting [them.]”
