Being the expert: Tips for guiding your clients through the cybersecurity journey
by Serena Raymond on Jul 30, 2020 12:00:00 AM
On The Cybercall on July 20, a question was raised: How much should MSPs be communicating with their customers? How much is too much? And when you do reach out, how do you explain the value of what you’re telling them without making them hear complete static?
This question around MSP communication isn’t new by any means. But with more people working from unsecure home networks and with online threats (and high-profile hacks) on the rise, it’s a question that you’re probably asking yourself more often.
It’s easy for both MSPs and their customers to grow numb to it. “Oh, look. Another cyber attack.”
So how can you communicate cybersecurity concerns and best practices to your customers in a way that actually gets through to them? We have some advice.
Listen to their cybersecurity concerns
If you approach a customer and start giving cybersecurity advice without hearing their concerns first, they’ll tune you out.
You don’t want to educate for the sake of it. All of your customers are coming to you with different levels of cybersecurity knowledge and awareness. If you approach every customer like they’ve never heard of antivirus software, some of them won’t take you seriously because you’re not taking them seriously.
So the first thing you need before you start sharing cybersecurity news is an understanding of what will be most relevant to each of your clients. Maybe they’re not concerned with email phishing because they exclusively use Slack. This then gives you more information around where their gaps are and what you can share to keep them more secure.
Give examples, but make it digestible
On that same CyberCall referenced earlier, Kyle Hanslovan from Huntress Labs made a good point about analogies. It’s often better to simplify cybersecurity news and present analogies instead of long-winded descriptions of cybersecurity incidents.
Your clients don’t want (or need) too much detail when it comes to cybersecurity. They don’t need to know everything. That’s your job.
Education for your customers is more about the broad strokes:
- The interesting numbers
- Cyber breaches affecting big-name brands
- General safety tips
- Foundational cybersecurity concepts
Your customers don’t need to know the intricacies of how exactly 5 million guest records were exposed after Marriott was hacked in March. It’s enough to point out that whatever protocols Marriott had in place to protect their login information failed, and hackers were able to get a hold of that information.
When you do decide to use (relevant) examples of recent cybersecurity incidents, or even share changes in software like MacOS supporting DoH in a future release, make it simple and easily understandable. Think your analogies through beforehand, and only go into the detail you have to. You do not want people to zone out during your explanations or stop reading your email halfway through.
Make it actionable, or they won’t bother
Have we touched on the importance of relevancy in this article yet?
What you share with your customers needs to matter to them. That means it needs to be relevant, but it also needs to be interesting or actionable.
Like I mentioned earlier, there’s a tendency to become numb to all of the cybersecurity news out there. In some ways, it feels like someone is shouting from megaphone constantly. And instead of getting alarmed by that, as humans we often grow accustomed to it. We have a “that’s-just-reality” mindset.
Don’t be the person with the megaphone who keeps repeating themself. Your customers will stop caring very quickly.
Instead, be the person who speaks up when you have something interesting or actionable to say. Your voice is much more powerful that way.
Never stop asking questions
You shouldn’t ask your customers questions only when they first sign up for your services. Make a habit of asking questions regularly.
This isn’t just a box you should check on your MSP communication checklist. You will really benefit from questioning your customers about:
- What tools they use most often
- Cybersecurity scares of the past
- Education their employees want
- Their trust level of the vendors they use
- Any long-term plans to move to the cloud
You’ll learn about their interests, their concerns, and their goals. All of this will better equip you to help them on their cybersecurity journey. You’ll be able to make what you share more relevant and provide insight they’re more willing to trust. It will also reveal upsell opportunities for products and services that would be helpful to recommend to them.
What is the benefit of asking a lot of questions? People feel heard. Your customers will be more likely to trust you as the expert if they feel like you’re actually listening to what they have to say every time you ask them a question.
But enough about MSP communication. What about helping them navigate their cybersecurity journey and determining where to start? We teamed up with Huntress to write an in-depth guide on just that subject. This whitepaper will give you the tools to be the expert as your customers’ business grows, including hypothetical examples to help you ask the right questions and start on the right foot.
The shift from in-office to remote work happened (quite literally) overnight. Work from home was forced onto many during the onset of the COVID pandemic, and it was astonishing how quickly people and organizations alike adapted to this new work style.
Zero Trust Network Access (ZTNA) is a cybersecurity paradigm that is rapidly gaining popularity among IT professionals. At its core, ZTNA is about moving away from the traditional network-based security perimeter approach and instead focusing on the users, assets, and resources that make up a system.
When DNSFilter was founded in 2015, we had a vision to build a product that would keep people and businesses safe and secure while they were using the internet. As a part of that vision, we have also worked diligently to ensure our growing organization maintains a high level of information security.