build a profitable cybersecurity practice · • email, newsletter marketing new prospects •...
TRANSCRIPT
1
Build a Profitable Cybersecurity PracticeEven if You’re Not a Security Expert
Erick Simpson
MSP Mastered®
2
3
I once heard a security expert say:
“50% of Businesses have already been compromised….
…and the rest just don’t know it yet”
4
Security Services are
a stable revenue
source and growing
Even SMBs in key
industries must increase
security use
IT Security is a control
point & strategic client
service
Mature service
model with low barrier
to entry and delivery
High value – high
margin services
Concern of SMB Clients
Security: #1
5
Digital World Opportunity:
Security: Threat Trends
Industrialization and Automation of Cyber Crime, Zero-Day Exploits, Forensic
Government of Bulgaria
records stolen
Government of Texas
hit by ransomware
One million Swiss
residents are
victims of cyber attacks
Cost: Ultra Rapid Growth of Data and Accelerating
Over 40 ZB in 2019, growing to 175 ZB (or much more) by 2025
Source: IDC
Source: IDC
Internet of Things,
satellites, healthcare
and wearables
Autonomous
machines,
drones and robots
Computer vision,
virtual and
augmented reality
1
Complexity: Ultra Rapid Growth in # of Systems
100 B Devices, 1-2 B of them the Core – most Edge/Endpoints
Source: IDC
CORELarge datacenters, public
and private cloud
EDGEBranch offices, remote
locations, factories
ENDPOINTComputers, phones,
various devices
Complexity, Security, Cost are main driving factors outside of Core (Cloud & Large DC)
6
SAPAS
Total Cost
of OwnershipEase of Use Reliability Full Control Security
Safety Accessibility Privacy Authenticity Security
7
Acronis’ Mission – Cyber Protection (SAPAS):
Air Water Food
ShelterProtection from
elements
Cyber
ProtectionData, Applications
and Systems
1. Every Personal & Business process is now conducted with Data
2. Data, Applications and Systems Protection is the 5th basic human need:
SAPAS: Safety, Accessibility, Privacy, Authenticity, Security
3. Acronis’ Cyber Protection: Easy, Efficient, Secure
Reliable Controlled
Protect All Data, Applications and Systems
8
Identify and Prioritize Your Target Audiences
Strategy 1
9
Shorter Sales Cycles
• Technology Strategic
• Technology Dependent
• Technology Averse?
Existing Clients
Longer Sales Cycles
• Technology Strategic
• Technology Dependent
New Prospects
2 Sales Targets
10
Design Your Offering and Segment Into Bundles
for Maximum Value and Upsell Opportunities
Strategy 2
11
Security Essentials
Good
Basic SLA
Basic Security Features
Lowest Price
Security Plus
Better
Better SLA
Additional Security Features
Higher Price
Security Advantage
Best
Best SLA
Most Advanced Security Features
Highest Price
Cybersecurity Services Example Tiers and Bundles
12
Price Your Bundles For Maximum Margin
Strategy 3
13
What Is Your Cost of Service Delivery?
Labor + Overhead Burden per HourHourly Cost of Service
Delivery (HCSD)
Number of Hours Per Month To Support Customer
Projected Support Hours Per Month
Cost For 3rd Party Cybersecurity Subscriptions and Services
Cost of Subscription
= HCSD x Projected Support Hours + Cost of Subscription
Total Cost of Service Delivery
14
Determining Your Cost of Service Delivery
$58.75
4
$1,000.00
$1,235.00
Hourly Cost of Service Delivery (HCSD)
Projected Support Hours Per Month
Cost of Subscription
Total Cost of Service Delivery
15
Add Desired Markup and Price to Determine “Stop-Loss”, Then Price and Sell On Value!
Divide By Total Users To
Get “Per User” Cost/Price
$1,235.00
$617.50
$1,852.50
Total Cost of
Service Delivery
Desired Markup
+ 50%
Retail Price –
Monthly
16
Develop and Execute Your Marketing Strategy
Strategy 4
17
Divide By Total Users To
Get “Per User” Cost/Price
Identifying New Prospects
Before finding out about this
technique, I would teach my
clients to find a potential lead,
setup a meeting, then run
a “security assessment”
But sometimes, they wouldn't find
an urgent breach, or additional
service work wasn’t that impactful
Now, we can run Dark Web Scans
against our prospect lists, then
prioritize the results, and reach
out to those prospects with “hits”
Then, we can immediately sell them
something to monitor the breach and
to fix the problem moving them up
the value ladder
18
Divide By Total Users To
Get “Per User” Cost/Price
Run a Scan to Uncover Qualified Prospects
19
Reach Out to Prospects
• Urgent Letter Envelope
• Direct Mail Letter
• Dark Web Scan Results Report
• Phone Script
• Voicemail Script
• Email Template
20
Existing Clients
• Calendar Meetings for QBRs Calls
or emails to calendar meetings, invite
to Webinars and Lunch n’ Learns
• Email, Newsletter marketing
New Prospects
• Build Trust Multiple, diverse touches
to schedule appointments, invite to
Webinars and Lunch n’ Learns
• Direct mail, email, social media,
LinkedIn marketing
• Call-downs
• Webinars
• Lunch ‘n Learns
01 02
2 Marketing Approaches - Campaigns
21
Develop and Execute Your Sales Strategy
Strategy 5
22
Existing Customers –
FOR SOLUTION
Warm Up – Ease them into opening up
Qualify – Immediate pain AND latent needs, build
buying temperature through implication questions
and explore budget
New Prospects –
BUILD TRUST
Preparation – Web Qualify
Warm Up – Ease them into opening up
Qualify – Immediate pain AND latent needs, build
buying temperature through implication questions
and explore budget
2 Sales Approaches
23
Step 1 of the 7 Step Sales ProcessProspecting & Preparation
24
Dark Web Scan –Send Urgent Mail
Letter/Email
Know your prospect before
you call them
“Web Qualify” them
Study their Website
D&B, Hoovers
Press Releases
Social Media
General Internet Search
New Client Preparation
25
Reach Out to High Value Prospects
Social MediaE-mailVoicemailPhone Call
26
Develop Killer Appointment-Setting, Voicemail
and Email Scripts
Strategy 6
27
Phone Call Script
Hi Erick – this is David from Security-Safe, and I’m following up to make sure you received the Urgent Mail Letter I sent you about your company’s breached accounts and compromised passwords we discovered being sold on the Dark Web – the criminal side of the Internet. Do you have a minute for me to share what we found?
Great, I’ll start by saying that Security-Safe regularly runs dark web searches to identify companies that may have been exposed to a data breach. This is one way we identify potential customers to help with our services.
Well, we did find some breached accounts and compromised passwords for your company. This is the information I sent you in my letter.
Based on the information we obtained, I would put you in a high-risk category, as your information is already being marketed on the Dark Web.
Did you know that these types of credentials can be purchased by cybercriminals for as little as one dollar? I know it sounds crazy, but this is the world we live in today.
The good news is, we can help mitigate your immediate risk and long term risks to help guard against this type of thing happening to you in the future. Would it be alright if I stopped by this week to show you what we found, and spend some dedicated time for me to get some more information from you and share some strategies?
28
Hi Erick – this is David from Security-Safe, following up on an Urgent Mail Letter
and security breach report I sent you a few days ago, to make sure you received it.
I have some additional sensitive information to share with you that cannot be left
on a voicemail system for security purposes, so please return my call at
(000) 000-0000.
Thanks, I hope to hear from you soon.
Best regards,
David
Voicemail Script
29
Hi Erick;
As a security-focused organization, we routinely run dark web searches to identify companies that may have experienced a data breach, and found some breached accounts, as well as compromised passwords for your company.
I’ve reached out via phone and left a voicemail to go over the specifics contained in the Urgent Mail Letter I sent you and your risk and have left you a voicemail.
I’m available ______________ for a quick chat to discuss what risk these findings expose you to, and steps you can take to minimize your liability.
Please reply to this email so that I know you received it and confirm your availability for a short dialog. I promise it will be worth your time.
Thank you,
David
Email Template
30
Execute a Consultative Sales Process
Strategy 7
31
Step 2 of the 7 Step Sales ProcessThe Sales Warm Up
32
Divide By Total Users To
Get “Per User” Cost/Price
Sales Step 2: Warm Up
Relax, the decision
maker is just a person
Be prepared, know what you’re
going to say, and when you’re
going to say it
Utilize your data from
Preparation
Find common ground
to break the ice
Take your prospect’s
mind off of the sale
If you look like an IT person,
you’ll be treated like one –
dress like the Trusted Advisor
33
Step 3 of the 7 Step Sales ProcessSales Qualifying
34
Divide By Total Users To
Get “Per User” Cost/Price
Sales Step 3: Qualifying Using the QBS* Approach – PAS vs. SPA
Step 4: Introduce Solution
Be prepared, know what you’re going to say,
and when you’re going to say it
Step 2: Identify NeedUse Issue Questions to discover if there are Active
or Latent Needs and to make Client aware of Need
Step 3: Connect Implication
Let them know you can help
Step 1: Establish Credibility
Use Implication Questions to create Emotional
Connection to Solution and Build Urgency
35
1. What security systems are in place today?
2. What regulations and standards apply to you?
3. How do you demonstrate compliance?
4. Is all of your sensitive data identified and
protected?
5. What are your high-risk systems and
platforms?
6. Do you provide security awareness
training for staff?
7. Do you manage security in-house,
or do you outsource?
Diagnostic Questions Establish Credibility and Initiate Needs Development
36
1. What’s the most significant business issue
you currently face, as it pertains to security?
2. What would you like to accomplish as
a result of strong security?
3. To what extent is your business growth
affected by your security concerns?
4. Do you have to ask your MSP to advise on
improvements needed in your security
posture, or is your managed service provider
proactively offering them to you?
5. For what reasons are you looking to hire a
security partner now? What triggered your
decision to hire a new security partner?
What’s made this so urgent or important now?
Issue Questions Identify Active and Latent Needs
37
1. How adversely would a security breach
affect your business? Company Morale?
Customer Relationships, businesses and
personal lives?
2. What if your company and customer data
were stolen and available on the dark web?
3. What kind of a PR nightmare would that type
of breach create?
4. What’s the worst that could happen if you
did nothing to address these issues?
Implication Questions Build Buying Temperature and Urgency
38
Budget Questions Inform Solution Development and Pricing▪ How do you handle budget considerations?
▪ Whose budget will support this initiative?
▪ How will our engagement get funded?
▪ What sort of budget do you have in mind?
▪ Are funds allocated, or must they be requested?
▪ What is your expectation of investment required?
▪ Does your budget to solve these problems match
the severity of the problems?
▪ What is your range on this? In a perfect world, what is the
minimum amount you would like to see this handled with?
Then, what is the maximum you could possibly put into the
solution, if it became absolutely necessary?
▪ For other clients about your size with similar security
challenges, we’ve budgeted between x and y. Of course,
that’s not an apples-to-apples comparison, but if it were,
would you be able to find that kind of budget for us to address
your security challenges for you and give you peace of mind?
39
We Can Help
40
Next Steps After Qualifying
▪ If your prospect isn’t qualified for your MSSP
services, move on
• Need
• Budget
• Cultural Fit
▪ If your prospect is qualified, move to the next step
• Deliver your Security Assessment Form and
Qualifying Notes to your sales engineer
• Request an onsite engineer or technician perform
a Security or Technical Assessment of your
prospect’s environment
▪ All of this information will inform the sales engineer’s
pricing and proposal development strategy
41
Waiver for Security Monitoring and Alerting Services
42
Non-Intrusive
Security Scans
The Security
Assessment Scan
includes external vulnerability,
user behavior, permissions, logins,
deeper dive internal vulnerabilities,
PII scanning and more
End User Phishing
Simulations
Tests end users through automated
attack simulations to report on
user-initiated threat potential
External PEN Testing,
Port Testing
Discover and validate
vulnerabilities in websites,
edge and perimeter assets
and network infrastructures
Security Assessment Testing
43
Step 4 of the 7 Step Sales ProcessThe Sales Presentation
44
The Sales Presentation Process
Warm up! Has anything changed?
Transition to Presentation
Remind prospect/client of value information
gathered during 1st visit
Conduct a few “Tie-Down” questions during presentation
Allow dialog – check in with prospect
No technical terms –focus on business and
personal outcomes only!
45
Step 5 of the 7 Step Sales ProcessOvercoming Objections
46
4 Steps to Overcoming Objections
Step 1: Identify Objection
(Minor, Major, or Conditional)
01Step 2: Acknowledge Objection
(I understand Mr./Ms. Prospect…)
02Step 3: Qualify Objection
(Ask more questions)
03Step 4: Answer Objection
(Clarify the misunderstanding)
04
47
Step 6 of the 7 Step Sales ProcessClosing the Sale
48
Sales Cycle Step 6: Closing
▪ Closing is not the most important step
in the sales cycle, it’s the 6th step…
▪ Assume the sale – keep moving until they
say stop
▪ Don’t oversell – listen for the buying signs
to close
▪ Don’t stumble through your closes –
Practice, Practice, Practice
▪ Remember your “value info” from
your prospect during qualifying
▪ Ask for the business!
49
Step 7 of the 7 Step Sales ProcessSales Follow Up
50
Sales Step 7: Follow Up
▪ This is the easiest step to get you more business, don’t skip it…
• Ask for referrals
• Continue marketing to your prospect while you close
• The more you touch your prospect, the better chance
you have of winning the business
▪ Use a variety of follow up methods
• Postcards
• After Action Emails
• Phone Calls
• Thank You Cards
MSP Mastered®
51
Interesting Sales Facts
Lead nurturing – 66% of buyers reported that consistent and relevant communications from the company was a key influence to buy from that company. Set up and execute a solid lead nurturing workflow to move your buyers through their natural sales funnel.
First impressions – When making a first impression, 55% is how you look, 38% is how you sound, and only 7% is what you say. Prepare for that first meeting to make a lasting positive impression.
Ask questions and listen – 95% of buyers state that the typical salesperson talks too much, and 74% of buyers said they were much more likely to buy if that salesperson would simply listen to them. Ask great open-ended questions and actively listento your buyer.
Ask for the sale – 48% of sales calls end without an attempt to close the sale and the national sales closing rate is 27%. Learn how and when to ask for the sale.
*Source: webstrategies.com
52
Get My Dark Web
Prospecting Kit!• Urgent Letter Envelope Link
• Direct Mail Letter
Browse to: www.ericksimpson.com/darkwebkit
Use Coupon Code: Acronis!
• Phone\Voicemail Script
• Email Template
53
54
www.acronis.org
Building new schools • Providing educational programs • Publishing books
CREATE, SPREAD
AND PROTECT
KNOWLEDGE WITH US!
Building a more knowledgeable future