An Interview with Andrew Morgan and Rachel Rovegno
In this interview, I talked all things cybersecurity with Andrew Morgan and Rachel Rovegno.
Andrew is founder at The Cyber Nation, a community built specifically for MSPs and MSSPs.
And we were joined by Rachel Rovegno, sales business development manager at Cisco.
Andrew is a cybersecurity focused solution strategist. In addition, he’s worked at ConnectWise, Logic Monitor and TruMethods.
And Rachel is responsible for leading the global orchestration and execution at Cisco. Firstly for partner managed services. As well as the security go to market strategy.
The Current Cybersecurity Market for MSPs
Andrew said that in his opinion, there are two types of MSPs (managed service providers). The first treat themselves like client number one. And take cybersecurity within their own business very seriously, for instance.
As a result, they’re then able to communicate its importance to their own customers and prospects.
And they support them to find the right security solution for their needs.
So for these MSPs, they’re seeing a significant increase in profits.
But some MSPs don’t know enough about cybersecurity. And they aren’t able to ask the right questions of their clients.
So, they’re not confident about selling solutions or helping customers to implement them.
How Cisco Helps MSPs to Keep Their Clients Secure
Rachel explained that at Cisco, for instance, “We want to focus on the people. And the processes and the technology that our MSPs are working with.”
So firstly, they’re active in IT communities. And secondly, they’re transparent about investment opportunities.
In addition, Cisco also work to protect and secure MSP clients’ technology. And support them to offer the same protection for their end users. Furthermore, Rachel added that education is key.
And they strive to have global conversations. So everybody knows what Cisco can do. Therefore, cybersecurity is a major part of those conversations.
How Cybersecurity has Changed in Recent Years
Rachel says there have been major changes. Firstly the increase of users connecting to networks and they’re using more devices, increasing the ‘attack surface.’
And in the years since she started in the IT industry, cybersecurity risks have increased hugely and it’s become more complex.
Cisco are aware of the challenges MSPs face in keeping themselves and their clients safe, and work to support them with that.
So, they’re a software-driven company. And have comprehensive systems in place. In addition, they support networking, security and collaboration.
They look at how their solutions are built and operate with a focus on protection.
So how they secure networks is top of mind. In addition, they want to support remote workers.
And they constantly monitor for changes in technology and solutions.
Not sure how to define what cybersecurity actually is? Here’s a great article on What Is CyberSecurity?
The Cybersecurity Questions MSPs Should Ask Their Vendor Partners
Firstly, Andrew shared advice from John Strand of Black Hills Information Security.
“So, ask vendors what their current application security programme looks like. And how do they manage bugs, vulnerabilities and security?”
Firstly, a vendor with a good security programme should be willing to share it.
So if they say it’s proprietary and they can’t discuss it, MSPs should certainly be wary.
However, they don’t have to go into too much detail. But, they could ask you to sign an NDA to protect themselves.
In addition, ask to see a letter of attestation from their most recent third-party pen test.
And again, they don’t need to share specifics. But on good faith they should be transparent. And disclose any problems.
The Cybersecurity Opportunity for MSPs
So Rachel says that cybersecurity presents a huge opportunity for MSPs. Because it’s a necessity for both businesses and individuals.
So, she says MSPs should look to educate their end users on technology, too. And that way they understand it better.
However, everyone within an organisation needs to have training.
Certainly CEOs need this as much as staff, so they understand vulnerabilities, risks and how cyber criminals exploit weaknesses.
And, user training should sit alongside the cybersecurity protection the MSPs supply because this will make it more effective.
Furthermore, it will help clients protect themselves. Most importantly, it reduces the risk of cyber attacks.
How to Connect with Andrew Morgan
How to Connect with Rachel Rovegno
How to Connect with Me
- Subscribe to TubbTalk RSS feed
- Subscribe, rate and review TubbTalk in iTunes
- Subscribe, rate and review TubbTalk on Stitcher Radio
- Subscribe and rate TubbTalk on Spotify
- Follow TubbTalk on iHeartRadio
- Follow @tubblog on Twitter
Mentioned in This Episode
- The CyberCall
- The CyberCast
- Threat Modeling Workshop
- Black Hills Information Security Training
- Wes Spencer
- Ryan Weeks
- Phyllis Lee
- Kelvin Tegelaar
- John Hammond