When IT companies partner with Third Wave Innovations to offer more robust cybersecurity services to their customers, we often get a lot of questions about the best approach. Here are some of the common ones that we hear:

• How do I bring up cybersecurity to my current MSP customers? Won’t they wonder why I wasn’t offering to protect them in the first place?

• Will they just think I’m trying to upsell them to make an extra buck?

• What if they have questions that I don’t have the answers to?

We get it. Trying to launch a new service—even as a reseller—is challenging. But if you know how to talk to your customers about cybersecurity, it becomes a lot easier.

5 Tips for Talking to Your Customers About Cybersecurity

Talking to customers about cybersecurity doesn’t have to be difficult or confusing. As long as you understand the basics and know what their concerns, questions, and needs are, you can successfully resell cybersecurity services and grow your own business in the process.

Follow these tips to start the conversation:

1.    Educate Customers on What’s Happening

Most businesses that aren’t already committing a portion of their budget to cybersecurity simply aren’t educated on the facts. They don’t know what they don’t know. It’s your job to educate them on what’s happening and create cybersecurity awareness.

Sometimes the raw data can be helpful. Here are a few stats you might want to highlight:

• 43% of all data breaches in the U.S. target small and medium-sized businesses.
• 61% of all small and medium-sized businesses surveyed report at least one cyber-attack during the previous 12 months.
• 40% of small businesses that faced a serious cyberattack experienced a minimum of eight hours of downtime.
• 83% of small and medium-sized businesses aren’t financially prepared to recover from a serious cyberattack and will go out of business within a year.
• 43% of small businesses do not have any cybersecurity plan in place.

The numbers don’t lie. Businesses that don’t know these statistics have a lack of cybersecurity awareness and are facing serious weaknesses. Make them aware of the most common cybersecurity threats.

2.    Bring Facts to Life With Stories

Perhaps you’ve heard the old sales adage that facts tell and stories sell. Well, this is certainly the case with cybersecurity services. While the statistics listed above are alarming, they aren’t usually enough to get people to take action on their own. Facts must be combined with or complemented by stories to make the conversation meaningful.

Stories develop associations and elicit emotions. Don’t just talk about how 83% of small and medium-sized businesses aren’t financially prepared to recover from a serious attack. Find a local store or create a case study that brings this data point to life.

A great story that demonstrates the need for tight cybersecurity is the Colonial Pipeline Breach. This attack was carried out on Colonial Pipeline, an American oil pipeline system.

On May 7th, 2021,  the hacker group Dark-side shut down all of their computerized equipment with a ransomware attack. This attack ceased all company operations and was costing the company millions by the hour in lost productivity. Darkside demanded $4.4 million in order to restore the systems. Colonial Pipeline and the FBI partnered together and decided to pay the ransom within hours.

Colonial Pipeline was confident in its cybersecurity measures. Use stories like this to illustrate the importance of adequate cybersecurity.

3.    Run Calculations and Projections for Customers

Work with your client to help them understand what a cybersecurity incident could cost them in dollars and cents. You’ll obviously have to make some educated guesses when coming up with these projections, but it’s a helpful exercise.

For example, use the statistic above that 40% of small businesses experience at least eight hours of downtime in an attack. Figure out what your client’s cost per hour is and run projections based on eight hours, 12 hours, and 24 hours of network downtime.

4.    How To Handle the “Cyber Insurance” Objection

One of the most common objections business owners make when it comes to investing in cybersecurity services has to do with cyber insurance. They say something like, “Well, we have really good cyber insurance, so we don’t need as much security.”

When you hear an objection like this, press in. Make sure they understand that cyber insurance and cybersecurity go together. It’s not an either/or investment—these two approaches should be paired together to proactively protect their business and keep them out of harm’s way. Insurance should not be considered a substitute for security.

You need to meet high cybersecurity standards to be eligible for cyber insurance as well. Very few companies will offer cyber insurance to companies with poor cybersecurity measures. You need to have some level of cybersecurity to even be eligible for cyber insurance.

To think of it another way, you still need fire alarms even if you have building insurance.

5.    Involve All Decision-Makers

Our final recommendation is to involve all decision-makers in these conversations. If you’re only talking to the gatekeeper and they have to relay the message to the actual decision-makers, your pitch will get lost in translation. Set up a time for everyone to meet together. This is your best chance of closing the deal.

Partner with Third Wave Innovations for Industry-Leading Cybersecurity

Our primary objective is to provide organizations with the multilayered security they need to safely conduct business day in and day out. We do this through a combination of advanced technology, cybersecurity awareness, and industry-leading expertise that keeps you secure and compliant every step of the way.