TubbTalk 140: How To Transform from an MSP to MSSP for Business Growth
In this episode, Richard Tubb speaks to Mark Taylor, the founder of Chorus, a Microsoft-focused MSP. Chorus has since evolved into a leading MSSP (managed security services provider).
They provide channel-focused MDR and MXDR services built on the Microsoft security stack. This enables MSPs to rapidly offer advanced managed security services to their clients.
Mark currently acts as the Chief Technology Officer and focuses on keeping up with the ever-increasing pace of change around cybersecurity, artificial intelligence and whatever is next.
An Interview With Mark Taylor
Why Mark Pivoted his Business to Become an MSSP
Mark explained that the need for security has changed in recent years, and every business needs help with it. After ransomware attacks such as WannaCry, he realised that cybersecurity protection would shift from a nice-to-have to a core requirement.
And, he says: “We noticed that Microsoft were developing a lot of solutions in that ecosystem. As we were already using those tools, we saw them in action early on. I saw that there was a future in security and Microsoft had a solid offering we could use.”
How Clients use Both MSP and MSSP Solutions from Chorus
Mark explains that while he keeps the two sides of the business separate from each other, there are often clients who make use of both types of services. “When we engage with a new partner, we have a predefined process we go through. So that helps us work out what they want from us.
“Often we can see where there’s a need for the other services we offer, both MSP and MSSP solutions. Or, it comes up into conversation with a new client – they want help with cybersecurity but something else comes up.
“There’s a natural flow to the discussion – we don’t mention other things we can help with when they approach us with a specific need. But often a client already uses Microsoft products, and realises that it can do a lot more for them. And we’re the obvious partner for that.”
The Approach Chorus Take to Security Breaches
The Chorus analysts work 24/7/365, so they can quickly respond to breaches. Mark explains that an early part of the partner engagement process includes a chat about what it is they need.
“So if we get an alert at 3am, they might want us to contact them, or they might prefer us to fix the problem and let them know afterwards. That’s all established all up front.
“We clarify that we’re pre-authorised to take action and isolate the problem. We let them know, and then they decide what to do next. And we make recommendations on what those next steps are.”
Things to Think About Before Becoming an MSSP
If you want to move to an MSSP model, the first thing to do is to see what solutions your clients are already using, says Mark. For instance, if they’re using Microsoft, there’s an opportunity to educate them on the security tools they already have.
“Are you providing SOC (security operations centre) services and what does that look like? Have you got the capacity to be available 24/7 or do you need to partner with another MSSP? Think carefully about what your offer will look like.
“I often find that MSPs want to build their own MSSP solution and realise it’s harder than they thought. That’s why it’s worth considering how you’ll respond to breaches. Will you just send an alert to the client, or will you fix it for them too?”
The Biggest Mistake MSPs Make with Cybersecurity
Often MSPs get caught up in the day job and don’t keep up to date with the latest cybersecurity trends. And the market shifts constantly and so rapidly that they skip the research step to ensure they have the right security solution in place.
“I’ve spoken to so many people who’ve come up with a cybersecurity solution which is no longer fit for purpose just two or three years down the line. It’s worth taking the time to explore the options so you’re not overwhelmed.
“It’s totally fine to change your mind about the vendor that you use to help you with cybersecurity. Just make sure you explain to your client why you’ve picked it, and exactly what support they’re going to get.”
What AI Means for MSPs and MSSPs
Mark says that we’re at the point where AI (artificial intelligence) is not just the latest hyped-up tool. “It raises as many questions as it answers, but I think it can be helpful, especially in the security space.
“For example, analysts have to rapidly assimilate a lot of information. And we know that AI is good at taking large quantities of data and distilling it into something usable.
So, I think AI will help analysts to do their job more effectively and save them time on the information crunching. Microsoft are introducing Co-Pilot, which is an AI assistant.
“It indexes your entire tenant and provides you with relevant data which is easier to manage. I don’t believe that AI will take roles away from people, I think it will enhance them.”
How to Connect With Mark Taylor
- Follow Chorus on Twitter
- Follow Chorus on LinkedIn
- Connect with Mark on LinkedIn
- Follow Mark on Twitter
How to Connect With Me
- Subscribe to TubbTalk RSS feed
- Subscribe, rate and review TubbTalk in iTunes
- Subscribe and rate TubbTalk on Spotify
- Follow TubbTalk on iHeartRadio
- Follow @tubblog on Twitter
Mentioned in This Episode
- Cloud computing solution: AWS
- IT distribution company: TD SYNNEX
- Communities network: Reddit
- Flight club: Gravity Industries
Plus the following Microsoft tools:
- Business apps: Dynamics 365
- Security solutions: Defender
- Secure device and app management: InTune
- Zero Trust policy engine: Microsoft Entra Conditional Access
- Cloud security solution: Sentinel
- Conference: Ignite
- MISA (Microsoft Intelligent Security Association)
- MXDR Verify
- AI assistant: Co-Pilot
- Online office tools: 365
- Collaboration tool: SharePoint
- Cloud storage: OneDrive
- Video conferencing: Teams