- Table of contents
The author
Table of contents
Related Articles
Solving MSSP Customer Abandonment Challenges by Choosing the Right MSSP Software
If you’re in the Managed Security Services Provider (MSSP) business, landing new customers is great. What’s even better, however – and more crucial for long-term business success – is retaining existing customers.
After all, keeping customers can cost up to 25 times less than acquiring new ones, according to Harvard Business Review. Plus, given the highly competitive nature of the MSSP industry – where most companies offer a similar set of services – the ability to minimize customer churn rates and create “stickiness” in customer relationships is crucial for gaining an edge over competing MSSPs.
Unfortunately, retaining MSSP customers often turns out to be challenging. While hard statistics about customer churn rates in the MSSP and closely related MSP industry are elusive, some observers suggest that if you lose no more than 10 percent of your customers each year, you’re doing well.
That’s one metric to shoot for, but we think MSSPs can do much better than this. By adopting the right strategy, companies that specialize in providing managed security services can maximize customer stickiness and cut churn rates down to the single digits. This article explains how by discussing what MSSPs do and which approaches they can adopt to maximize the value they create for clients – and, by extension, to keep their clients around for the long haul.
Understanding the MSSP Market
In general, the MSSP industry focuses on three key types of services, each of which presents unique MSSP challenges related to customer retention:
- SOC-as-a-Service: Generally consisting of an Endpoint Detection and Response (EDR) solution plus a SIEM platform for aggregating and analyzing security data, SOC-as-a-Service is a classic component of the standard MSSP offering. Practically everyone offers it, making it difficult for MSSPs to differentiate and for customers to evaluate providers.
- Managed Detection and Response (MDR): Similar to SOC-as-a-Service but includes more advanced services, such as proactive threat hunting, incident response, and remediation actions such as takedowns. The major challenge here is that if customers don’t experience incidents frequently, they may decide that there is little value in this type of service and cancel the contract.
- Virtual CISO: This type of service helps customers meet compliance requirements, but it typically involves little engagement between the MSSP and the client apart from doing an audit and generating a report. As a result, customers may also decide that there is little value from this type of offering.
One way to try to address these MSSP challenges and remain competitive is to underprice other MSSPs. If you offer cheaper endpoint protection services, for example, or the price of your incident response services is very low, your customers are less likely to jump ship. That said, underpricing is a race to the bottom. It might improve customer retention, but at the steep price of reducing revenue.
“Cutting your prices to match the bargain bin might win you a sprint, but it won’t help you in the marathon”
as Robin Robins writes on Technology Marketing Toolkit.
Mitigating MSSP Challenges Using the CTEM Model
A better solution to creating customer stickiness and improving MSSP quality measures in the eyes of clients is to offer services that create more value than those of your competitors.
A prime example of this is helping customers implement a Continuous Threat Exposure Management (CTEM) program. CTEM is the practice of analyzing data in real time to detect and react to constantly changing threats. By offering CTEM as a managed service based on automated tooling, MSSPs can generate continuous cybersecurity coverage – and, by extension, create real value for their customers – with minimal investment.
This is especially true if MSSPs effectively prioritize threats based on threat intelligence insights. By detecting all threats in real time, then determining which ones require immediate attention and which can wait, MSSPs can minimize the cybersecurity risks of their clients without overextending their own teams.
In this way, managed CTEM services by MSSPs become a way for their clients to address the cybersecurity skills gap, a pressing and ongoing challenge. By some estimates, as many as 3.5 million cybersecurity jobs remain unfilled. This translates to deep challenges for the typical business in identifying and managing threats on its own, due to lack of adequate in-house cybersecurity staff.
By filling this gap with CTEM services, MSSPs set themselves apart from the crowd and offer more than generic endpoint protection, incident response and virtual CISO services.
As MSSP Alert puts it,
“To acquire new clients and help retain existing ones, MSSPs must present a clear, compelling and unique value proposition that differentiates their offerings in the vast sea of similar offerings.”
How Cyberint Can Help Grow Your MSSP Business
Getting started with CTEM services is as simple as deploying the right tools – which is itself a differentiator for MSSPs, given that only 11 percent of MSSPs invest in tools that enable broad cybersecurity coverage and extend beyond traditional managed security services.
This is where solutions like Cyberint come in. Cyberint, the Impactful Intelligence company, helps medium to large MSSPs by continuously detecting and mitigating external cyber threats before they have an adverse impact. The Cyberint Argos platform’s patented technology provides superior visibility through continuous discovery of the evolving attack surface, combined with the automated collection and analysis of vast quantities of intelligence from across the open, deep and dark web.
A team of global nation-state level cybersecurity experts work alongside customers to rapidly detect, investigate, and disrupt relevant threats – before they have the chance to develop into major incidents. In turn, they can create true value for their customers without undue operating expenses or overstretching their teams.
This is all the more true because Cyberint is a SaaS solution that doesn’t require any new infrastructure. MSSPs and other businesses can simply deploy it and start benefiting in under 20 minutes, with minimal onboarding or training necessary (though a full training program is provided, that is comprehensive, engaging and informative).
To learn more about how Cyberint helps MSSPs thrive in a highly competitive industry, read about our MSSP program.
