2022 signalled the return of many in-person interactions and a step closer to what some of us might remember as “normal” ways of working. It also showed to a jump in cyber incidents with a 7% uptick in the current financial year, compared with the last.
As we kick off a new year and reflect on 2022, here are the top takeaways from the Manage Protect team to help managed service providers (MSPs) prepare for 2023:
1. Microsoft does not answer all the cybersecurity needs of small to medium businesses (SMBs)
Small to medium businesses have always had vastly different needs to their larger counterparts. Microsoft encourages businesses to streamline their vendors and simply rely on their native security features. While Microsoft will focus on protecting systems, there are other aspects that also need securing, such as an organisations’ people and environment.
A more holistic and broad-based approach for SMBs, delivered by IT service providers they know, and trust, is a tailored approach that will address their specific needs.
Education here is key. Help your customers understand the types of risks they’re exposed to as a small to medium business with appropriate solutions to address them. MSPs can take advantage of readily available checklists or cybersecurity audit tools, software which quickly assesses the current status of an organisation’s security, and recommend fact-based improvements.
2. Customers can’t insure their way out of cyber risks and associated responsibilities
Purchasing cyber insurance is a way that businesses recognise and take ownership of cyber risks, but it certainly isn’t going to protect or lessen the incidences of cybercrime.
In fact, in many cases, businesses taking out cyber insurance need to take adequate steps to prove that they’re mitigating cyber risks, as insurers are increasingly requesting evidence of cyber hygiene and risk management culture. While cyber insurance is a key component of cyber risk management and in minimising financial damage from cyber incidents; in isolation, it won’t prevent or limit cyber incidents.
Any business looking to take up cyber insurance should ensure they understand cyber insurance policy requirements, particularly regarding the active mitigation of cyber risks. Understand and create greater awareness among your customers when having these conversations.
3. Managed service providers (MSPs) should address the security concerns of their customers
This should be no surprise. Driven by upward trends in serious security breaches (including some of Australia’s largest and best-known companies during 2022), cybersecurity is top of mind for all businesses; large and small.
MSPs have always supported small to medium businesses, offering some level of security. They should continue to deliver services and solutions that address security concerns and risks.
The Australian Cyber Security Centre maintains the most effective means of defending cyber threats continues to be the implementation of the Essential Eight cyber security strategies.
At Manage Protect, we believe the Essential Eight is the most suitable framework to reference in Australia, and all our solutions aim to help businesses become Essential Eight compliant.
4. MSPs should regularly review and adjust their prices, particularly when looking to incorporate new offerings
The price isn’t just the cost of a product or service that customers pay. It reflects the product or service that is ultimately delivered, and the value perceived.
It’s important for MSPs to price services and products so they’re accessible to their customers, and simultaneously meet their own business goals. Commercial environments change over time and will impact either of these elements. Thus, it is crucial to review and adjust prices accordingly.
This is particularly important when a business is introducing new offerings, such as a cybersecurity service, and the associated costs of upskilling team members and other overheads.
In our opinion, MSPs should be reviewing their prices often. How often? Whenever the business is undergoing changes, or once a year at a minimum.
With planning often taking place at the start of the new year, now is an opportune time to review and implement price changes.
Support for 2023
With everything we’ve witnessed in 2022, we know cybersecurity is an ongoing concern with a growing focus this year. Manage Protect is here to collaborate with partners as these cybersecurity conversations evolve in 2023.
We also offer a range of managed security solutions to help MSPs protect their SMB customers from cyber threats.