“The attacks are getting more sophisticated, it's a changing landscape”: N-Able Data Cove Protection SVP on the challenges facing MSPs
Chris Groot spoke to CRN Australia about the “double-edged sword facing” MSPs and MSSPs.
MSPs are constantly feeling the pressure, from talent shortages, rising costs, and now a memory shortage to add, there is no doubt that they’re spinning multiple plates.
Another important plate to balance is cybersecurity, as the old adage goes, it’s not an “if” but a “when” for cyber breaches.
This means MSPs and MSSPs need to be on top of their cybersecurity offerings to ensure their customers are as safe as possible.
But, as Chris Groot, SVP, Data Cove Protection at N-Able pointed out to CRN Australia that MSPs are in a bit of a “dilemma” when it comes to cyber risk.
“If you are doing your job at its finest, it means that the customer is never experiencing any negative emotions towards their computer,” he explained.
“The end customer then is asking themselves, why am I paying all this money when, like, like, these guys aren't doing anything.”
On the other hand, Groot noted, “If that end customer is experiencing problems, security issues, or disruption of any sort, then the MSP’s work is much more evident. But, the owner is saying, ‘why am I paying this MSP? I'm having all these problems’.”
Groot explained the only way to manage that in the middle is by demonstrating the value that you're delivering on a consistent basis.
“That's really part of an XLA, it's about setting expectations, following through, and understanding the education on why that is a requirement in today's landscape.”
Read the full interview with CRN and Groot from N-Able below.
CRN: Does a breach equal a loss of a customer for an MSP?
Chris Groot: I would say that it depends on the response more than about the situation. Prevention is the first stop on the train. It is widely accepted that any organisation can experience that these days.
The attacks are getting more sophisticated, it's a changing landscape. When you build a 10 foot wall of business resilience, the bad guys eventually are going to come with an 11 foot ladder. That's the game that we're playing.
Then it comes into, how fast can you identify, mitigate it contain and that's where we've seen the growth of the XDR and MDR solutions. Monitoring everything, all the points where there's any potential signals. Then when those signals arrive, containing it.
The foundation of it all is behind that is should anything happen, can you bring it back to life and how quickly can you bring it back to life?
One of the changes, I would say, in terms of that experience for the customer, of course, is like wrapping around the communication and the setting expectations.
Then it's not just about meeting an SLA, but it's what we're talking about is about the XLA, the experience in terms about how you recovered, but how it made you feel through that experience.
That's the difference where some MSPs lose and some MSPs win customers for life because of how they navigate those, those tough times.
CRN: What do you want your customers to get out of the new Data Cove Protection updates?
Chris Groot: As an MSP priority number one you need to retain your customers. What's the fastest way to lose your customer? Have something go wrong with your where you're in a situation where you can't restore a customer's data, or they have a major outage and you can't recover the whole business.
The security controls in place that we're in we've introduced with the critical configuration changes the honey pots and more, is the key to making sure that all the security and compliance controls are in place.
That becomes even more of a challenge when the MSP gets larger, and has multiple locations. Having control over all the policy, security and compliance requirements, that's the key to retaining your customers by not making mistakes.
Most solutions do have a clear means of controls over that area, they just don't have that capability. Whereas Cove makes it very like pure in terms of that observability.
Second thing that MSPs care about is around growing their business. If you talk to any organisation, growth is always the number one challenge that they have difficulty solving. It's not gotten any better in the last three years in terms of MSP growth rates.
There is two ways you can do that, you can add new customers, or you can expand your existing customers. What we've observed, through many interactions is even the best in class MSPs are only adding two, three, maybe four clients a month. That would be a good average for these very large organisations, where the real growth is coming from expanding services across their customer base.
With Cove, specifically, the foundations building out the full observability, and so it's easy to control, but then it's adding what we're adding on are, I would say, expanded service level offerings that they can, in turn, deliver to those.
Later this year, we'll be bringing out a full DRaaS (disaster recovery as a service solution) that's going to be differentiated with a service wrapper that will allow the customers to go MSPs and end customers to build out full scale recovery testing of sight loss and simulating recovering from a cyber attack.
CRN: You said one of the challenges that MSPs have is growing their business, why do you think that is?
Groot: Ten years ago, it used to be for MSPs, there was still green field opportunity in terms of businesses. Most groups that I've spoken to, when I asked the question, it's more like a red ocean or they're taking business from another MSP, so they're trading customers.
A few years ago, it was much more oriented towards, there was still organisations that were earlier in their digital transformation, and they were just exploring an MSP for the first time.
That's a macro issue in terms of the challenge of growth. I would say the role of the MSP has changed, and people are still trying. Let's say MSPs are varying degrees of maturity on that change. Whereas used to be just about productivity, people come to work their computers need to work and not have downtime and the tradition to business resilience is that is the conversation today.
But in terms of leveraging that for growth, organisations are still, you know, maturing in the way that they do that and that's certainly the new frontier where we're going to see a lot of further change is on the artificial intelligence front.
Both MSPs learning how to take advantage for themselves, yeah, to make their operations more efficient, and investing in that front but also their customers are having the same questions, and one of the natural places they'll turn is someone that's in the technology negative technology provider.
CRN: Looking at the Australian market for N-Able, what excites you at the moment?
Groot: The groups that I've met over the years certainly are world class in terms of how they think and operate, like it's the level maturity of the service delivery and what they're providing to clients is on par, ahead of any place in the world that I spend time. That's a real tip of the hat.
My real personal experience is there's a lot of warm and very nice people that care, in terms of just the general culture of Australians. But very sharing, open, warm. It's just a refreshing place to come and hang out in terms of those values that exist.
CRN: What do you want to accomplish within the Australian market?
Groot: For customers, educating them on the investments that we've been making from a cyber or a resilience perspective, the cyber resilience of the backups specifically. It's about educating them on best practice to ensure that they are putting their themselves and their clients in the best position to practice before the game.
As an example, in terms of this ‘practice before the game’ concept, we do offer a master class, which is a one hour investment. But through that, the outcome that if you are in the class, if you want to pass the class and become a true master of disaster recovery, you need to run a test recovery scenario of full environments. The fact that we can teach that in an hour and have people complete it in just in a few minutes afterwards to show that proof.
This interview has been edited and condensed for clarity.