3 Prerequisites to Managing Cyber Risk (PLUS: Hot take on MGM attack!)

Power Up by Empath Cyber

In today's rundown:

• 🔥 So the cat’s outta the bag on Empath!

• 🤖 3 Prerequisites to Managing Cyber Risk

• 🧠 Hot take on the MGM Cyberattack

Read time: 7 minutes 👇

Sooo… cat’s outta the bag!

If you haven’t seen it, we just announced that Empath Cyber is becoming much bigger. Just a few months back when we started this whole thing, we knew one thing:

We need to help MSPs get better at cyber. Especially non-technical folks that don’t have a background in this stuff.

And so that’s what I started out doing. Fast forward just a few months, we’re way over 100 members and growing fast. We’ve got hours and hours of courses, content, and an amazing community.

But so much more is coming. Empath is moving into all areas of MSP/MSSP. Finance, operations, revenue, technology and so much more are in the crosshairs. Led not by Wes, but by an army of incredibly knowledable creators around the world.

There’s more to say but not for now. Other than check out this incredible promo video we got out today!

3 Prerequisites to Managing Cyber Risk

The future for MSP goes way beyond managing IT. Gone are the days that MSPs are just selling computers and keeping printer queues free. We’re now managers of cyber risk, and more things are coming down the pipe for us too, like business transformation, compliance as a service and more.

And every piece of that means more revenue for you. If you know the secrets. If you can learn to build consistency and mastery in those topics.

So speaking of getting better at managing cyber risk for your clients, here’s the three prerequisites that I find every MSP needs to accomplish to find success (and revenue!) in selling your cybersecurity offering:

1. You’ve got to eat your own tacos. If you’re not practicing good security, your clients won’t either. You need to build confidence in front of the client that investing in mature cybersecurity isn’t just a necessary thing, it’s critical to sustained growth.
   
   And if you’re not leading the way by building better security yourself, you’re already at a loss. Remember last week’s Power Up about “The Secrets of the Rope”?
   
   You can’t push a rope, only pull it. Leaders pull their clients to where they’ve already gone. So eat your own tacos first.
   
   Need help with that? The first taco you should eat is NOT joining Empath Cyber (though that’d be mondo cool)… it’s following a security framework. Did you know I’ve put in over 48 hours in creating an incredible podcast on the CIS Controls just for MSP/MSSPs? And it’s free? (And maybe I suck at making money now that I think about it??? 😭).
   
   Here it is. Go listen to it. And it’ll make you much more smarterer on the blueprints to a cyber framework: https://www.thecybercast.com 
   

2. You’ve got to be patient. Did you know it takes over seven interactions for someone to build recognition with a brand? Yep. Because the human brain is just wired up to forget nearly everything we encounter during the day.
   
   Don’t believe me? What did you do during the hour of 11am today? See. Gotcha.
   
   So we need reminders. We need to take more attempts. Don’t expect a client to just “click” with cybersecurity the first time you mention something. It takes time. And repetition.
   
   So the next time someone comes up to me and says: “Wes how do I get my clients to care about cyber?”
   
   I’m going to ask them: “How many times have you talked with them about it? Because if you tried once and gave up… I’ve got bad news for you. Get ready to fail at it six more times, minimum.”
   
   So get creative. Find exciting ways to teach and showcase cyber without beating them up with it. Create a podcast like Bob Coppedge. Make a short video like Adam Evans. Be goofy and hilarious like Imperial Technology Partners (sidenote: his videos are not just hilarious but he deserves more views and likes. Go give him the ol’ Empath Hug n’ Hello and smash some like buttons on his page! Let him know Empath Power Up loves us some David Adress!)
   

3. Be an educator. I’m stealing from #2 because it’s part of it. And I’m also stealing from another post I made right here because it’s late and I’m that kind of lazy.
   
   But we need to be educators. We need to focus on learning not teaching. There’s a huge difference. And the data shows it.
   
   MSPs that commit to learning and education on average at least double their margins over a year and grow far quicker in revenue that their peers. And they have better client and employee retention, too!
   
   So go educate. Commit to it. Find sources (like Empath!) to seize on it. And lastly… for goodness sake, make sure you enable your MSP folks to go learn. An hour a week. That’s all it takes.
   
   Heck it’s so important, why don’t you just create an education ticket type in the PSA and commit you and your employees to learning! There’s a novel idea!

Hot Take on the MGM Cyber Attack

“Stuffs about to get real, friends.” Yep. This MGM Cyber Attack is nothing short of crazy. And awful.

Look, I’m no fan of casinos. But I am a fan of people, and the folks that work in them. Imagine being out of work. Imagine the revenue loss. Imagine the impact on vacationers (yes, I know… only psychopaths think a trip to a desert is ‘vacation’ but to each their own.)

Just look at the two photos I’m showing below. It shows how real and visceral a cyberattack can be. Often times people just don’t care about cyber until it affects their livelihood. Or their wallet.

It’s our job to help them see the risk before it hits either of them. Yikes. Take a look:

Oof. Yikes. Money down the drain.

But here’s my hot take. Let’s not bash MGM. The same could happen to you and your business. And sometimes we get a holier than thou attitude towards this stuff.

HOW COULD YOU LET A HACKER CALL YOU AND GET ACCESS TO YOUR NETWORK?!?!?

Well I’ve seen it happen before and I’ve seen way worse than that. So let’s not pile on. Let’s analyze. Let’s discuss. Let’s learn. But let’s also not denigrate and embarrass our industry further by being a cyber-Karen, ok?

And here’s the reason I say this. I have a very good friend that is VERY senior in IT at MGM. Like way up there. I texted him when this thing went down and I got a one sentence answer from him. And I’ll end this Power Up on that text:

That's all for now!

Did someone forward you this email? If so, you can sign up to the #1 MSP Cybersecurity Newsletter in the world right here: www.empathcyber.com/powerup

If you have any interesting projects or ideas, please reach out to us by [email protected] or hit me up on LinkedIn. As always, thanks for reading, and see you next time. 🫡

Find Empath Cyber and Wes here:

• empathcyber.com/join 

• linkedin.com/wesspencer 

• https://www.thecybercast.com/

• https://twitter.com/wes_spencer

• https://www.youtube.com/wesspencer