Upselling Existing Managed Services Customers with Cybersecurity

Be Different. Deliver Excellence.


Sep 29, 2020

Video Above: Jeff Blount, vCIO at Cobb Technologies, shares with Zach Wilcox, Strategic Business Advisor at Collabrance, how they are capturing more opportunities positioning themselves as a managed security services provider (MSSP).

Expanding Your Customer Reach with Cybersecurity

We’re seeing many of our MSP customers strategically put a pause on seeking new business, and increase focus on upsell opportunities within their existing accounts. Jeff Blount, vCIO at Cobb Technologies, has been closing deals with existing managed services customers, specifically around cybersecurity upsells. In this short interview, Jeff shares his insights with the industry on how they are helping customers and growing their managed services business with cybersecurity.

Can you give us a high-level overview of what you’ve been doing over the last 4-6 weeks that has really spurred this new activity?

In our Quarterly Business Reviews (QBRs), I’ve been very intentional about reaching out to our customers and scheduling those reviews - using Zoom or Microsoft Teams to have the meeting online. I’ve even done one or two in person.

I'm trying to be very diligent about staying in contact, letting our customers know we are here for them. But also having a clear expectation on what I am going to talk about and how I am going to try to highlight, specifically, some of the cybersecurity features we can offer them.

If we didn’t have certain features available at the time we brought on some of our more tenured customers, we are able to introduce them in the QBRs.

How are you positioning cybersecurity in QBRs with existing customers? Is it something they’re asking about? Is it something you are proactively bringing up to them? What does that conversation look like?

During the QBR process I try to always have a “Technology Enhancements” or “New Features” portion where we talk about new products and services which might help that particular business. In some instances I will send a blog or video we have produced in advance of the QBR so the customer will already be familiar with the products I plan to discuss. This results in moving the conversation farther along than an introduction to the product during our time together, and we can really talk about how it will help their business, and why it is so important to add on security products.

Cybersecurity is something I’m proactively bringing up as a trusted technology advisor.

I’ve done quite a bit of the Dark Web Monitoring in the past, and now I am focusing on the Security Awareness Training. At Cobb, we’ve done some blogs and some videos on both of those topics. So I am doing a lot of assignment selling – you know, “They Ask, You Answer” – Mark Sheridan stuff. It’s been more proactive – me going to the customer and saying “Hey, here’s a great new product” specifically with the Security Awareness Training, and how it’s one of the few things we have on the human side of cybersecurity that we are able to offer to a customer. We can put as many firewalls, antivirus, spam filters and all that stuff out there that we want, but as soon as an employee clicks on one of those emails, a lot of that stuff goes out the window. So the Security Awareness Training is one of those things we can do on the human side to help educate, train and teach users what to look for. It’s been accepted a lot by our customers!

Are the cybersecurity items you’re proposing, items you’ve discussed with your clients in the past? Are they more receptive now than they have been in the past? Or is this something you’re bringing up to a lot of them for the first time in the current climate?

I have talked cybersecurity features before, but quite honestly in the past it was more of, “By the way, we have this new service now,” without much emphasis on it.

Today, I’m more proactive bringing up cybersecurity, almost telling customers it’s a necessary thing you have to have as part of your overall holistic security approach now.

I really don’t get very many objections at all, with just about every organization and employee getting phishing emails these days, the topic of Security Training is a very easy to discuss. Not to mention the price point is relatively low for a product that helps address a very common problem. We're taking the approach of educating and speaking in ways the customer can better understand, like “Let me tell you about this new service we have. I’m sure you get phishing emails or spam emails and all sorts of stuff. You probably got one this week.” Of course everybody gets one almost every single week so it’s a pretty easy conversation to have.

Are there certain industries or verticals you are seeing who are more open to cybersecurity enhancements? Or are you seeing an increased embrace of this security feature across the board?

You know, there’s really not.

We have a fairly wide range of verticals and cybersecurity applies to every customer.

Every customer uses the internet. Every customer uses email. As far as Dark Web monitoring, Security Awareness Training, Password management – all those things kind of tie together and go hand–in–hand. It’s a pretty easy conversation to bring up because so many people experience those phishing emails, and have spreadsheets with all their passwords on it. It’s almost like they are setting it up on a platter for me to talk about cybersecurity with them. Just about every organization uses the Internet and email, so every organization has some information on the Dark Web and gets phishing emails no matter what industry or vertical. I try to upsell these products to all my customers.

Are there certain products you think are a good place to start with these conversations, or do you take it on a case-by-case basis?

I usually take it on a case-by-case basis.

I’ve been more focused on the Dark Web Monitoring and Security Awareness Training, mainly because the cybersecurity price point on those are easier to sell.

You’re not asking for a huge uptick, not moving the needle a ton on their monthly contract to add these things. Dark Web Monitoring is not hard to upsell. I usually give customers an example, and I run a Dark Web scan for them to show them and ask, “Do you know this is out on the Dark Web?” and it piques their interest. Like I said, doing more than just saying “We have this offering, let me show you what it does;” but rather an approach of, “Let me show you how it can help your business,” makes it an easier conversation and discussion.

What do you recommend for MSP peers?

I believe my main mistake in the past was just mentioning we have these IT security products, but not properly communicating how they could help the customer.

Be diligent to schedule consistent QBRs; if I only schedule a QBR when I want to sell a new product, my customers catch on pretty quick.

By having educational content like blogs or video’s to share in advance, and by having a section in the QBR dedicated to showing new products and how they can help protect and become a part of their whole cybersecurity posture, my customers have been much more open to discussion, and an upsell.

Upsell Customers with Collabrance MSSP Offering

Checkout our award-winning white label cybersecurity offering to see if you have an opportunity to grow your business with Collabrance!


Category: Technology

About The Author

Zach Wilcox

Zach Wilcox, Strategic Business Advisor for Collabrance, is responsible for helping Managed Services Providers grow their business through customized coaching, training, and planning sessions. Zach graduated from Cornell College with a B.A. in Economics and Business.