Trent Schwartz: Welcome to SkyKick's podcast on the state of MSP security. Where we have industry experts discuss the cloud security industry. I'm your SkyKick host, Trent Schwartz. Today, our guest is a colleague of mine, Mark Deakin. He joins us out of the UK. Mark, thanks for joining us today. A few words about yourself?
Mark Deakin: Yeah, hello. yes, my name is Mark Deakin. as you might have guessed, I work at SkyKick. I've been here about a year, but my time in the computing industry goes back to probably about 2000 and, one, uh, when things like the cloud were just stuff that was in the sky rather than, an actual thing you could sell.
and I've been through all the changes that you would've seen from small business server over to hosted exchange, uh, and then eventually things like, uh, Microsoft. 365 and Office 365 andmy role at SkyKick is both presale, so I'll talk to partners about the opportunity that they have and they can unleash with using things like backup, migration, and in particular Cloud Manager and Security Manager.
But also once they've gone ahead and, purchased the solution, I'll also talk to them after to help make sure that they kind of get trained up in how to use it, but also make the most of it and again, kind of unleash that opportunity that's available to them. So yeah, it's a, it's a really interesting job.
I get to speak to partners all day, every day. And that's, that's the thing I enjoy doing. So I get paid to do my hobby, which is, which is always a good place to be, I think, Trent.
Trent Schwartz: That's right. We're all on the same team, aren't we? And it is quite the industry. It is. Well, well, it's great. Thanks again for joining us.
It's great to have a colleague such as yourself with such an amazing background in this industry. So very excited to, just ask you a couple questions about, the things that you're noticing in our industry and, I'll start off with, just generally, Um, you know, what recent trends are you seeing just in the cloud security space?
That could be with partners, with customers, the technology or, or all of the above.
Mark Deakin: Yeah. Yeah. So, so the thing that I see the, the most or experience the most is, is what I like to refer to as like a progression in partner maturity. So, so whereas they offered basic services in M365, like email and pretty much stop there. Uh, the next thing I guess from my my days of my previous job was they would move on to other solutions with an M365. But that that partner maturity, I think now is expanding into security itself and and that security. That's started off with maybe a partner offering reactive security or reactive monitoring.
And now like a subset of them are moving to proactive monitoring. So they're actually seeing what's going on in their customers and responding to it as they kind of need to. And whereas you've got people have made that kind of first step, there's like a second more maybe advanced tranche. And those ones are moving from proactive monitoring to actually offering a managed service.
And I kind of get, it almost depends on where that partner is in their, their life cycle and their maturity as to, to which point that they are. And, and with that, they may be offering reporting or other stuff to the, the customer that's more pro, proactive. And I think as they move through that maturity, they're starting to see more opportunity, more, more, more revenue to be made, more services revenue based on having a yes, a more difficult, but a more detailed and mature conversation with the customers. And I think probably that focus on security for those partners is partially down to the customers being the same, the customers realize that they need to, they need to worry about security as well.
So maybe one is bringing the other one along at the same time.
Trent Schwartz: Right, and that's really interesting. You're noticing more partners switch from just being reactive when there is some sort of cyber incident, uh, to actually being proactive. So it sounds like there might be a mesh between the customers really understanding that they need to proactively take action, um, and also partners being able to offer that as, as a managed service.
Yeah,
Mark Deakin: yeah, that's right. You almost like it's the obvious thing that you have to, you have to try and deliver what the customer or what most customers want, right? So, so if more of the customers are worrying about security and see it as being a concern, then as a partner, you have to think about how can I offer those services, either proactively monitoring or maybe just a whole managed service around security.
So, you know, The customer is always right, as they say, or most of the time, at least. And maybe the partners are having to move along with that.
Trent Schwartz: Right. So, yeah, the customer is always right. Well, we speak of demand, don't we? Yeah. So. That's actually a great segue to my next question, which was going to be if you're noticing any trends on the type of customers, the types of businesses that they are and the ones that are actually starting to adopt the services of an MSP to help them with their cloud security.
Mark Deakin: Yeah, so, so I guess there's, there's what you notice and what you think should happen. So, so I would say every industry should be interested, right? Every, every customer industry should be interested in, in security because it affects everybody. I think certainly enterprise customers and therefore the partners that do with those enterprises, they've been in it for a while.
They kind of get the, um, it's something that affects them. Right. But I think the small medium businesses, the smaller organizations, and therefore maybe some of the, uh, the, the more smaller partners are starting to realize that actually they should be thinking about it at all. Uh, sorry as well. And I think if you take like the interesting ones, I, uh, from some conversations this way, uh, last week were schools. So schools, at least in the UK, tend to be one of those areas that maybe don't think that it affects them. But if they look at the news that's relating to their industry, they'll certainly see that, uh, it is something affecting them. And a partner was telling me how like one school, had lost out on several, several hundreds of thousands of pounds of income because there was a man in the middle attack that affected them.
So, so yeah, exactly. So I think, I think everybody needs to be worried about security or have a view on security and maybe be concentrating on it. But I think SMBs and maybe education is one of those areas that previously thought they didn't really need to worry. Uh, but it's becoming quite apparent that they're just as easy target as, as any large organization.
Uh, and for the, hacker, it's, there's just as much revenue to get out of a small company as there is probably a, a large company. It's almost easier to get into those smaller companies. So yeah, I, I think, I think everybody should be interested. But yeah, I see the smaller, smaller organizations more interested than they used to be.
Trent Schwartz: That's great. So it sounds like that's really the emerging market that enterprises sort of get it. Um, and that's no surprise because they probably have a more sophisticated internal, I. T. team that, um, has the bandwidth. So for Microsoft MSPs, um, in cloud security, it sounds like there's really, a market to go after around SMB.
Um, are you noticing, or have you any feedback from, uh, working with partners, um, any effective techniques used by those partners to, uh, really get SMBs over the line with investing in their security?
Mark Deakin: Yeah, yeah, it's, it's making the problem visible is the thing that they need to do. So, like part of the problem a number of partners will have, is it the yeah they might do such a great job of looking after that customer, um, fending off any, attacks and resolving in the thing that comes up that the customer is blissfully unaware all of this is happening and you almost, it's the curse of the MSP, right? You get to the end of the year. You go for your renewal with your customer, and they say, well, why do I need to use your services. Everything's been fine. And so making that problem visible, I think is, is important. And so you start to see some of the more mature, more advanced partners, doing like customer security reporting. So highlighting the problem, uh, showing where their, vulnerabilities or attacks, and then basically showing the need or the requirement for the service that the partner has.
So like almost the best job you could do. It's fix everything in the background and they never know and for you the worst job you could do is fix everything in the background and they never know you need some way of being able to show them some some way to report it and collate him in a way which is easy for the customer to understand and they can see you know the value of of working with that partner.
Trent Schwartz: Yeah, that's so true. Um, yeah, well, it's an industry where success is silence, right? Yeah, it's a non event. Yeah, yeah. Um, this, this is perhaps, the difficult challenge. Um, so are you noticing that, at the beginning, We sort of talked how we're noticing some partners are doing that reactive, you know, security action when there is a cyber incident.
Obviously, that's going to be very visible to the customer, uh, because they've likely reported it themselves to, uh, their MSP. So, um, for those that are doing things a little bit more proactively, Um, and, and actually, uh, more concerned with the preventative, are you noticing any patterns or, or success stories with how they are delivering this security news that isn't necessarily about incidents, but about incident prevention?
Mark Deakin: Yeah. Yeah. Yeah. Yeah. So, so that their main struggle, I guess, and the one, the way some of them are doing it successfully is doing it repeatable and at scale. Right? So, so if you're, if you're a very large partner, and you have 100, 000 employees, and you have, you know, 100, 000 customers, you're, you're okay.
There's, there's, there's a fair amount of people to do the work that they need to. However, if you're a, you know, one, or two person business, even a 10 person partner, and you've got like 100 customers being able to gather that information, uh, and then, at scale, being able to react to it, well, even just to gather it right in the first place, but then to be able to react to it to report on it.
Being able to do that at scale is really tough, uh, and I think one of the other bits that then people struggle with is actually the making sure, you have the right resource on the job. So, so if, if grabbing that information, like seeing all the alerts, for example, is a technical thing to go do, then you need quite a, you know, an advanced highly paid resource to go grab that information.
Essentially, they're, they're just grabbing, you know, messages and kind of bringing it back to, to say what's gone wrong. So actually having the right person go grab the right information and maybe react to it is important as well. So, I think partners that are able to separate out the jobs and give, you know, onboarding of a new customer, which is quite a robotic task to a more junior person in the organization and let the security experts focus on the real security problems.
That's, that's the partners that are kind of successful in delivering. So it needs to be repeatable, needs to be at scale. You kind of need the right level of resource assigned to the right job, I guess. Thanks.
Trent Schwartz: Right. Okay. And it sounds like for partners that are doing a good job really providing an ongoing managed service and retaining that customer.
Um, is there a third role that you see emerging where it's not necessarily that, um, that first person who, who did those repetitive onboarding steps, but it may or may not also be that super technical person who, can dig deep and find out the ways that incidents were prevented. And so in sort of retaining customers and reminding them of the heroism going on in the background, what sort of people actually have that customer conversation?
Mark Deakin: Yeah, so, so, so I think that conversation is done by, they'll have different names, but it'll be like an account manager or a customer success manager, something along those lines, right? Uh, and that person, when they go speak to the customer. These needs to be armed with the right information, right? They need to know all the incidents that happened, but we're fixed in the background.
They need to know what needs to be done next in order to improve the customer security. But, but typically that sort of, um, That sort of role, that sort of person is not the right sort of person that knows how to go into the, the M365 admin center, go to the alerts tab and kind of go and find that information, right?
And so, so I think that that third type of role that is not the security expert and is not the kind of repeatable task, the third sort of person in any organization is an account manager and they need to be armed with the right information. But they need to be able to get to it. So they need a way in which they can easily draft that report. Uh, and then the think they're great at is then having that, that conversation with the customer and kind of translating what is down in that report into some reality that the customer can understand.
Trent Schwartz: Yeah, that makes sense. So it sounds like a team of three is sort of, um, in theory, the best way to offer a true managed service around cloud security, to customers that are invested.
Mark Deakin: It's it's almost, you need someone to onboard them. You need someone to make them safe while they're there. And then you need someone to tell them that you're making them safe, which is the account manager, right?
Trent Schwartz: To Prove it.
Mark Deakin: So yeah, it's a pretty bit exactly, to prove it. Move them in, make them safe. Have someone prove that the other two did a great job. So yeah, it's like a magical trio.
Trent Schwartz: Well, that's great. I guess my last question is, uh, if you have any good, recent success stories or good learnings, around, around this model.
Mark Deakin: Yeah. Yeah. So, so they, uh, uh, the interesting or the funny one that comes to me, which is a partner in the UK, that's a good partner that we work with. So, um, before they were using a cloud manager and security manager. Uh, they effectively had their son come in, uh, to the office over the summer, and he would log in to each of the tenants.
He'd note down the secure score, right, for that particular customer. They had, like, you know, several hundred customers. So he'd note that down, uh, and then he'd note anything else that was kind of, uh, important that he'd been asked to, put into a spreadsheet, close down that particular admin center, go into the next customer.
And I think he got, I think it was like 50 pounds a day or something similar to that. Right. So he's paid over his summer break to basically collect secure scores and a few other bits of information. Um, customer moved over to using uh security manager. That's all done within like, you know, two minutes, basically.
Once you've added the customers. Unfortunately, so that's good for the customer that the partner now, but they're able to do that. But this guy's son has now had to go find a job somewhere else, but not good for the son. Yeah, exactly. So, so I imagine the partner likes us. Maybe the son, not so much, but that's a, that's like a very simple and true, you know, success story, right, of someone very quickly, being able to, uh, uh, see value in, in using that solution to, to do a task that would have taken ages, like took all summer, right, to, to grab this information and within five minutes, they're able to see, see what they need to do to be able to prioritize the, uh, customers that they need to work with, figure out which ones they need to focus on first, and then go off to that opportunity, right?
So if you've got, if you've got a hundred customers, you don't want to waste your time on the ones that, are relatively secure. Um, and, there's less opportunity you want to start at least with the ones that have that that bigger opportunity. They have a lower secure score in comparison to the max.
That's that's where the opportunity is for the partner and maybe that's where they start. So yeah, bad for the sun. Good for the partner in this option.
Trent Schwartz: Hopefully, hopefully long term good for the son as well.
Mark Deakin: Yeah, yeah, I'm sure, I'm sure you're going to do something more interesting, right?
Trent Schwartz: Right, exactly. More, more, uh, more valuable.
Mark Deakin: Exactly.
Trent Schwartz: But, you know, for MSPs, you've got to be mindful of cost in this industry. Yeah. And also, the clock is ticking. You know, every moment that every customer is not secure is a moment where they are vulnerable to cyber attacks.
Yeah
Time is of the essence and, um, yeah, we've got to manage those internal costs. Um, so that's a, that's a great story. And, uh, we alluded a few times, uh, here at SkyKick, we are aware of a technology that has been created by, well, us, uh, in, uh, Security Manager. And, um. Uh, we won't spend too much time, uh, talking about our product.
This podcast is available as will all of our podcasts be available on our main site, along with a wealth of information about Security Manager, Mark, I really want to thank you for your time today. Very insightful. And, listeners, thanks for listening and stay tuned for more.