Richard Tubb's Blog, page 3

Richard recently wrote a blog on why your MSP (managed service provider) business needs to think more like a media company. But if you’re more focused on the tech side of your business, where do you start?

To help you, I’ve come up with a list of 10 content ideas you can easily try today to get you started. Hopefully, these will also inspire you to come up with some other things to do. I’ve suggested a range of content formats for different platforms, but feel free to tweak these to your own preference.

1. Create a Talking Head Video for LinkedIn

Recent TubbTalk guest and LinkedIn expert John Espirian shared that videos are performing well at the moment, particularly on the mobile app version of the platform. Plan a series of these if you’re feeling confident!

Ask a different team member each time to share what they’re working on, a recent win or a tricky ticket that they’ve finally resolved. As the owner of the MSP, sharing updates from you is a great way to show the person behind the company.

Personally, I’ve being doing a ‘what I’ve got planned this week’ video every Monday for the last couple of months. I’ve found these a really effective way of starting conversations. Plus, they’re a great way to share a bit of personality, too.

2. A Behind-the-Scenes Photo for Instagram

These are always popular, because people love to peep behind the curtains of a business. It shows your personality and makes you more relatable, and will be a great conversation starter.

Messy desk photos always go down well, or you could share your computer set-up. Alternatively, share the view from your window, the coffee shop you like to work from or even your lunch. People LOVE to talk about food on social media!

3. Share a Client Case Study on Your Blog

Finished a piece of work you’re really proud of? Helped a client to grow or secure their business? Then share it. Today’s forward-thinking MSPs know that it’s not enough to just be the ‘IT guy’ anymore. You’ve already moved away from the break/fix model, so show your clients that you’re a partner. Demonstrate that you’re as invested in their success as they are.

Show where the client or their business was when they came to you, the service you provided and the outcome for them after working with you. If you can get a quote from the client, even better. And a video testimonial is better again.

You can also create these for clients you work with on an ongoing basis. In fact, these are a great way to let potential customers know that you’re a trusted person that business owners feel comfortable working with long-term.

4. How-to Guides

Take inspiration from Marcus Sheridan and answer all the potential questions your clients have. Including why they should choose you, and the circumstances in which you might not be the right fit. Explain the process of finding the right MSP partner to fit their business needs and the sorts of questions they should ask.

Consider creating guides on things like password security and storage, how to spot a phishing email and some basic cybersecurity measures they can put in place. Of course, don’t give them too much information – the idea is that you show them how helpful you are so they choose you to work with.

5. Infographic on Cybersecurity

Done right, an infographic can be a powerful tool to share key information quickly. Because cybersecurity is always evolving, you could set up a template with the images you want to use (fully branded if possible) and update with the latest data. Include things like:

Number of companies who’ve been victims of cyber crimeCost to a business both in monetary terms and man hoursNumber of threats thwarted in a monthPatches/updates issuedCommon types of threat

6. Repurpose a Podcast You Were a Guest on

Have you been a guest on a podcast? (If the answer is no, then you need to fix that! Part of being a media company means participating in other people’s media). If you have, then share it far and wide.

Always seek permission from the host if you decide to repurpose the content rather than sharing it directly. However, most people are happy for you to this so long as you link back to the original episode. After all, it’s helping them to increase their audience too!

If you follow TubbTalk, then you’ll be familiar with some of the content I create from a single interview. We always have a summary blog post highlighting key points, shownotes on all podcast players and social media posts which go out the same week as the podcast and then at different times throughout the year.

We’ve also created audio and video snippets, used the content for round-up posts or in lead magnets, and we’ve even turned some of the shows into co-branded ebooks! There’s a lot of scope for even a short chat on someone else’s podcast.

7. Tech Stack Tools List (downloadable lead magnet)

Everybody wants to know what tools other businesses are using! This might be more relevant to others in the industry, but you’d be surprised. As well as giving a list of vendors you partner with, tool lists can be used in other ways, too.

For instance, we could create a list of the tools we use to produce TubbTalk, including Zoom for recording, Captivate for distribution, WhisperTranscribe for creating the transcript and Richard’s preferred microphone and headphones. If you’ve got affiliate links, make sure you use them!

8. Share Your Origin Story

The most compelling content has a story element to it, and what could be a better story than your own journey to becoming a managed service owner? Richard did this in TubbTalk 125, when he was interviewed by his friend Stephen McCormick.

You could do this as a series of shorter interviews, as video snippets, a connecting thread of social media snippets or as smaller, snappy blog posts. Or all of those! And remember that this is evergreen content, so you can reshare it as often as you like. If you get a lot of new connections or followers, make sure they see it too.

9. Include Blog Posts in Your Newsletter

Don’t have a newsletter? Then now is the time to start one! You can send them as frequently as you like, but once you’ve decided on your publishing schedule, make sure you stick to it. Consistency is the way to build trust with content marketing, and the same is true with your emails.

I’ve experimented with including a hyperlinked title of the blog post in mine, but recently I’ve been sharing the opening paragraphs in its own section, and then inviting readers to click through for the full article.

10. Video Demo Walkthrough (with FAQ)

We’ve got several of these on the Tubblog YouTube channel, and we always get great feedback when we share them. If you have a tool or a system that would be of interest to your fellow MSPs, then you can share that.

Alternatively, you could set up a series of demos showing your clients how to use the tools they’ve chosen from your stack. Walk them through your FAQ (frequently asked questions) and guide them through the exact steps.

The added bonus of this is that instead of answering the same questions over and over, you can just point them to your video series. This shows that you’ve considered their needs ahead of time.

Do you think you could do one or more of these? Leave a comment below – I’d love to know which ones you try!

Did you enjoy this content?

Do you want more insights like this — straight to your inbox?

Join thousands of IT business owners and MSPs who subscribe to MSP Insights — Richard’s twice-weekly email packed with practical advice, industry updates, and must-know tools to help you grow your business.

No fluff. No spam. Just real value you can act on.

👉 Subscribe to MSP Insights now

You Might Also be Interested inPodcast: The MSP’s Guide to LinkedIn Growth: Expert Tips From John EspirianHow to Come up With MSP Content Ideas Your Readers Will LoveHow Your MSP Stands out With a Unique Brand Voice

 

What if your MSP was a media company in disguise? A simple mindset shift could be your secret weapon for standing out and winning new clients. Intrigued? Let me explain!

What do we Mean by ‘Media Company’?

I recently had a conversation with a chap called James Blacklock, and I was intrigued with what he does. James specialises in perfecting the messaging that is hindering businesses from attracting new clients.

It got me thinking. What if the real edge for MSPs isn’t just tech skills or pricing—but how well you tell your story?

You don’t need to be on TikTok doing silly dances (unless you want to—no judgement here). But you do need to start thinking like a media company.

Why Thinking Like a Media Company MattersTrust is built before the sales call
Your future clients are Googling you, checking your website, LinkedIn, maybe even your YouTube. If you’re silent—or worse, generic—you’re missing out.
You already have more stories than you think
Case studies. Migration wins. “Saves” when you rescued a client from disaster. Show people what you actually do, and how you make businesses better.
Media makes you magnetic.
The more helpful content you put out—blogs, short videos, even voice memos shared with your audience—the more your ideal clients lean in.

You don’t need fancy gear or a full-time content team. Just a commitment to consistency.

Pro tip: Start with a 3-month plan. One blog post a month. One short video every two weeks. Repurpose, repost, reuse. You’ll be amazed what a little momentum does.

How to Stand out as an MSP Media Company

I believe that the more progressive MSPs distinguish themselves from the rest by how well they present themselves online. 

They don’t stand out by how well they manage client tickets, or which technology stack they offer. That’s because you’re not just running an IT business anymore. You’re also running a media company.

We live in a world where attention is the most valuable currency. And right now, your future clients are scrolling, clicking, watching, and listening more than they’re responding to sales pitches.

What This Means for MSPs

Those progress MSPs are winning, and that’s because they’ve shifted their mindset:

They produce content regularly. Not “when they have time,” but consistently—like a publisher would.
They show up as humans. People buy from people. Clients want to see you, not just your logo. Personal posts, behind-the-scenes videos, stories—they build trust.
They repurpose smart. One podcast becomes a blog, a quote card, a short video, a newsletter nugget… you get the idea.

The MSPs treating content creation like a core business function, not an afterthought, are pulling ahead. Why? Because attention leads to trust. Trust leads to sales.

So what do you think? Is this an approach you can see working for your MSP? Let me know in the comments!

You Might Also be Interested inMaximising Your MSP’s Marketing with Proven Social Proof StrategiesPodcast: The Ultimate MSP Guide to Becoming an Email Marketing HeroWhy Consistent Content Marketing is Key for MSP Sales Success

With a background in IT, John Espirian was a technical copywriter for many years. Having seen success on LinkedIn, he now works exclusively as a LinkedIn consultant.

He has a private community to help people get their businesses seen online, and is the co-founder and co-host of Uplift Live, a LinkedIn-focused annual conference.

An Interview With John EspirianHow to Use LinkedIn to Grow Your Business

When John was still working as a technical copywriter, he noticed that people were contacting him for work via LinkedIn. “I had built a nascent personal brand, and they were prepared to pay me 30% more than those who found me via Google. 

“The reason for that was obvious. On Google, people were looking for a solution to a problem and they’re price-sensitive. But on LinkedIn, people had been consuming my valuable content and got to know me. So they were prepared to pay a premium for my time.”

And this approach will work for MSPs too, says John. “If you rely solely on people finding you via search, you’re in a race to the bottom. But if you build a brand on LinkedIn, people will see how helpful you are and come to you for your expertise. But remember that won’t happen overnight! It’s a long-term strategy.”

John’s Advice for MSPs Who Feel Left Behind

If you feel that you’re getting left behind your competitors, John recommends looking at ways you can start adding value on LinkedIn straight away. “Map out all of the questions you get asked on a daily basis, and jot down all the answers. No matter how basic they seem to you, your audience will appreciate it.

“You don’t want your customers to feel stupid, so give them help. Show that you’re more trustworthy than someone who hasn’t said anything at all. Answering simple questions reassures them that you’re the right person to help them.

“You’ll be amazed at how many questions you can come up with. And it’s such a time-waster for your support staff to give the same answers all the time. So put them all in one place, and have a content estate that you can then share on LinkedIn. Remember that you’re the expert because you do this every day, but your customers aren’t.”

Create Helpful Content for Your Audience 

When you’re planning content that will help your audience, think about the world they live in. Go beyond the bounds of the direct service you supply into something that is related, says John.

“For instance, what makes a strong password and where should you store it? What if you need a new laptop – what should you consider before you purchase? Which computers work best on standing desks?

“It’s all the extra stuff that you’re not necessarily being paid to answer, but it shows your clients that you understand the predicaments they have to deal with day to day. If you can answer those questions, it shows that you’ve thought about that person and you’re producing helpful content for them.”

How to be a Relentlessly Helpful MSP Every Day

To be relentlessly helpful every day, you have to get to the point where you think, ‘what is the most helpful thing for this person in this situation?’ John adds: “What are their needs? How can you explain things clearly and concisely so they understand?

“Give people as much help as you can, and make it relatable and relevant. People will push back and say, ‘I don’t want to give away my secrets to how I deliver solutions’. Fine, don’t take that approach, and just hope that people pick you instead of the next guy.

“That other guy might not know as much as you do, but he’s out there talking about it on social media. You have to showcase your knowledge and try not to be fearful of people who might steal your ideas. They might, but they can’t deliver your services the way you do. So focus on what’s most helpful to your audience.”

What’s Working Well on LinkedIn Right Now

At the time of recording (June 2025), LinkedIn are pushing short-form portrait video, especially for mobile. “That kind of content has a good chance of being seen. I recommend separating videos and captions to make them more accessible, although posts with captions inside the videos do seem to perform better.

“In the US, users already have a grid-style video, which will probably roll out in the UK soon. In the mobile app the grid will have videos on different topics and you can start wherever you want.

“However, it means that if you create video, you need an eye-catching thumbnail to stand out. Polls are also performing well if you use them to ask market research questions of your audience. And then create content that talks about the results of your poll, because people love new research.”

How to Stand out on LinkedIn

As well as building your brand on your own profile, look for ways to comment in other spaces. “Comment on posts by respected leaders in the industry and you gain authority by associating with them.

“Look for ways to partner, collaborate or invest in new research. Share new research that shows you understand the importance of staying up to date in your industry. All of these confer a lot of status on you. It’s all about positioning and growing your reputation.

“It will take time and energy, and you should standardise your media kit so that all of your images are on brand and so on. But to stand out, work on your personal brand, comment everywhere and share new research. If you can do those things, you’ll seem like a bigger player than you are.”

How to Connect With John EspirianEspirianConnect with John on LinkedInJoin Espresso+How to Connect With MeSubscribe to TubbTalk RSS feedSubscribe, rate, and review TubbTalk on iTunesSubscribe and rate TubbTalk on SpotifyFollow TubbTalk on iHeartRadioFollow @tubblog_msp on InstagramMentioned in This EpisodeRichard’s previous interview with JohnLinkedIn Conference: UpLift LiveLinkedIn Company Pages expert: Michelle RaymondLLM/AI company: OpenAIContent expert: Juma BannisterLinkedIn expert: Louise BroganBook: John Espirian:Book: Bob Burg:Content marketing expert: Mark SchaeferLunchtime LinkedIn event: UpLift Live NanoYou Might Also be Interested inTravelogue: Uplift Live 2025How to Leverage Your MSP’s Personal Brand for SuccessPodcast: How to Use Personal Branding to Boost Your MSP’s Reach

Tubbservatory Round-Up #42 – Tools and Resources for Your MSP

Welcome to the June edition of the Tubbservatory Round-Up – your monthly compass to navigate the ever-shifting MSP landscape with confidence and clarity.

All month long we’ve been scouting the industry’s most valuable resources. We’ve carefully selected the best essential tools, thought-provoking insights, and strategic resources specifically designed to propel your MSP business forward in today’s competitive environment.

In this edition, you’ll find:

→ Why you should do a QBR for your MSP
→ How to beat email overwhelm
→ Why you need to enforce DMARC
→ How to build a life of significance

Are you ready to transform these insights into action? Explore our complete June collection and take the next step in your MSP’s growth journey!

Tubbservatory: The June 2025 Round-Up Video

Tubbservatory Round-Up #42: June – Week 1#1 How Hackers are Compromising M365

If you’ve not come across Traitorware yet, here’s a video that explains how hackers abuse legitimate apps to hijack Microsoft 365.

Matt Kiely of Huntress explains that Not all threats come from malware—some come from legitimate apps.

Traitorware – a type of Rogue Apps – is what OAuth application abuse in Microsoft 365 is called. The video is the ideal watch for MSPs wanting to learn more and keep their clients safe.

#2 SuperPod: The No-Filter MSP Podcast from SuperOps

Looking for a new listen? Then check out SuperPod: The No-Filter MSP Podcast from SuperOps – Richard highly rates it.

There are some amazing episodes featuring Rob Rae, Pete Matheson, Matt Solomon and so many other top names from the Managed Services industry.

#3 Why Your MSP Should do QBRs

Quarterly business reviews (QBR) are a staple of successful MSP businesses, so here’s a useful resource – a template for a QBR process for all MSPS.

It’s a resource we’ve put together on Tubblog – The Hub for MSPs, and it’s free to use! We highly recommend taking at least half a day to review the past quarter and planning for the next one.

#4 Alternative PDF Editing Software

Think you look silly juggling costs and features with your current PDF software?

Richard loves this short video from Foxit, who offer an alternative to the traditional expensive PDF editing software.

#5 Not-to-be-Missed Marketing Conference

And finally, the huge Atomicon event came to Newcastle-upon-Tyne on June 10th 2025.

Touted as the world’s most epic sales & marketing conference to skyrocket your business, this year’s Atomicon features speakers such as Fearne Cotton, Geoff Ramm, Laura Belgray, hosts Andrew & Pete and many more!

Team Tubb were there, and I highly recommend this event. Tickets for next year – both virtual and in-person – are now on sale, so grab yours now and and we hope to see you in the Toon!

Tubbservatory Round-Up #42: June – Week 2#1 Is Your MSP Losing Money?

Is your Managed Service Provider business losing money without even realising it?

In my experience, this is much more common than you’d realise — and so Graham Pierrepoint‘s latest article on 14 Ways Your MSP is Losing Money Without Realising It is a valuable resource.

Spoiler — the no. 1 reason your MSP is losing money? You’re not charging enough. Read the article to find out more.

#2 Toxic Clients and Red Flags

Here’s a powerful video that caught Richard’s eye. Toxic Clients and Red Flags: Know When To Say Enough is Enough.

Awful clients can zap both your bottom line and your will to be in business, so in this video, Justin Esgar and Eric Anthony run down the red flags you can look for, and know when enough is enough.

#3 The Future of MSP Talent

Here’s a powerful resource: “What Does the Future of MSP Talent Really Look Like?”

Jane Matthews of Wildcat Careers has put together an amazingly valuable article aimed at helping MSPs understand when, and how to recruit the best talent for their business.

If you’re an MSP employer, this is well worth reading.

#4 Beat Email Overwhelm

If you ever find yourself feeling overwhelmed by email, then here’s an app Richard highly recommends.

Sanebox is email management software that uses AI to work with your inbox to prioritise important emails, file away newsletters and sales spam, and help you achieve email zen.

Richard has personally used Sanebox for many, many years, and says it’s a real game changer for your email-fu.

#5 The GTIA Awards

June 26th 2025 saw the UK & Ireland Community Forum & Spotlight Awards come to Manchester, UK.

Hosted by GTIA, attendees were treated to a full day of big ideas, bold connections, and then an evening of brilliant celebration of the leaders shaping our tech future. 

If you missed this year’s event, make sure you get involved in 2026!

Tubbservatory Round-Up #42: June – Week 3#1 Insights From One of the UK’s Most Innovative MSPs

Earlier in June, Richard sat down with Chris Pottrell of Nebula IT who share insights on leveraging tools like Huntress for cybersecurity, Pax8 for cloud solutions, and the importance of cybersecurity awareness training.

This is a wide-ranging and powerful insight into how the great MSPs differentiate themselves from the pack. As the podcast manager, I found this a really interesting chat. Building a diverse tool stack that integrates is key for running a more efficient MSP.

#2 When Cybersecurity Fails

Now, cybersecurity is everyone’s business — and when it fails, the consequences can be devastating.

In a sobering video, John Macdonald of EBC Group sits down with Paul Abbott, former director at Knights of Old.

They were a well-established logistics firm based in Kettering that, tragically, closed in 2023 following a catastrophic ransomware attack.

This is a powerful watch. Kudos to John and Paul for speaking about a topic many shy away from.

#3 Enforce DMARC!

And talking of cybersecurity, here’s a powerful, short primer on why you need to enforce DMARC.

Cybercriminals love email. And in 2024, Google and Yahoo cracked down on DMARC enforcement, forcing companies to rethink their email security.

The ones that didn’t? They’ve been dealing with deliverability nightmares, customer distrust, and a bigger risk of phishing attacks.

#4 Turn it off and on again…

Apart from being Roy’s catchphrase in The IT Crowd, this really is good advice.

Our friends at Mann Consulting are back with another fun, MSP-focused video, telling your MSP clients what every help desk wants you to try first before submitting a ticket. Turn it off and turn it on!

#5 Festival of AI 2025

Mark October 24th 2025 in your diary as the Festival of AI comes to Leicester, UK.

A day of real-world strategy, tactical walkthroughs, and plug-and-play tools you can start using immediately in your MSP business.

Organised by former MSP, Matthew Hughes, and featuring speakers such as Heather Murray and Kristian Downer, tickets for the Festival of AI are on sale now!

Tubbservatory Round-Up #42: June – Week 4#1 Uptime Announce New Events for MSPs

MSP owners: how does a week in Sri Lanka for business and fun sound?

With MSP operations specialists Uptime becoming so popular among IT business leaders, founders Jason Kemsley and Bradley Munday will be hosting 20 MSPs in Sri Lanka between 18th-22nd August. If you’re interested in being a part of this, contact Uptime directly.

And if you can’t make it to Sri Lanka, mark 25th September 2025 in your diary as Uptime Live comes to London. Tickets are flying out, and you should expect an announcement on the huge (and I do mean BIG!) keynote speaker soon!

#2 How to Create a Business — Create a Life — of Significance!

Go-Giver author Bob Burg sat down with MSP legend Arlin Sorensen, Jeff West and Kim Angeli for his latest Bob & Friends episode.

Arlin covers topics such as his journey from Iowa farm boy to global peer group founder, Why hard work does not necessarily equal business value, and why we’re all in the people business—no matter what we sell.

This is a brilliant video I’d highly recommend to any MSP leaders.

#3 Get Better Leads

If you want more qualified leads, and less time-wasting calls with prospects, then check out ScoreApp – the scorecard marketing platform.

ScoreApp helps Managed Service Providers attract and qualify high-value leads through interactive online assessments.

It’s become a very popular MSP sales generation tool, and Tubbservatory listeners can get Get 50% off the first month using the discount code “Tubb”.

#4 Create Better SOPs

MSPs are built on good Standard Operation Procedures (SOPs). But if you’ve ever experienced the frustration of creating SOPs, only for your staff to ignore them — then here’s a video for you!

Layla Pomper at Process Driven shares “5 Reasons Employees Don’t Use Your SOPs (and how to fix it!)” — and I’d recommend this video to any MSP!

#5 TitanHQ and Redstor Merger

And finally, big news from the cybersecurity world as TitanHQ and Redstor have announced they’ll be combining to deliver an integrated cybersecurity and data protection platform.

The new platform, CyberSentriq, will be formed through the acquisition of TitanHQ and its merger with Redstor, a Bregal Milestone portfolio company.

John Hales, Managing Director at Bregal Milestone, says Sentriq stands ready to lead the next wave of cybersecurity innovation, providing MSPs and their clients with a complete cyber offering for offensive and defensive security, threat mitigation, and recovery.

Links to the Resources Me ntioned in this Round-Up

Week 1:The Traitorware videoSuperPod: The No-Filter MSP Podcast from SuperOps Do a QBR for Your MSPFoxit explainer video Marketing conference: AtomiconWeek 2:Is Your MSP Losing Money? MSP Red FlagsThe Future of MSP Talent article How to beat email overwhelmFind out more about the GTIA awardsWeek 3:Podcast: How to be an Innovative MSP OwnerWhat happens when cybersecurity fails?Why you should enforce DMARCVideo: Turn it off and turn it on again The Festival of AI eventWeek 4: Uptime MSP eventsBob and Friends ScoreApp for LeadsCreate SOPsTitanHQ and Redstor mergerHow You Can Help

As we wrap up Tubbservatory Round-Up #42 and you prepare for the summer break, we’d like to ask you to contribute to the Tubbservatory!

Got something great to share? Whether it’s a handy tool, a standout article, or a clever tip, drop it in the comments below. Let’s keep the knowledge flowing—your input is priceless!

You Might Also be Interested inPodcast: Rob Rae: How to Break Barriers and Build MSP EcosystemsVideo: How to Defeat Phishing Attacks with TitanHQ10 Handy AI Resources to Help Your MSP Clients to Grow Their Businesses

Over the past couple of years, I’ve noticed the growing trend of internal IT teams collaborating with MSPs for Co-Managed IT support.

In fact, the Co-Managed IT Model may be the opportunity your MSP has been looking for to engage with larger businesses that have previously preferred to keep their IT in-house.

But in addition to Co-Managed IT, I’m also seeing a growing trend for the Chief Information Security Officer (CISO) within larger organisations to now seek out MSPs, too.

So, why are CISOs looking to work with MSPs and MSSPs?

The Relationship Between CISOs and MSPs

Being a Chief Information Security Officer (CISO) has undergone significant changes since its inception.

CISOs currently handle much more than their traditional security monitoring responsibilities. CISOs manage compliance requirements while handling third-party risk assessments and supply chain audits.

They also manage business continuity needs and present to boards of directors while defending systems from escalating security threats.

From what I’m seeing, organisations are demanding security leadership from CISOs even though their teams maintain insufficient staff levels and inadequate skill sets.

As a result, CISOs now increasingly choose to partner with Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) because they need help to fill security gaps.

The Lack of Cybersecurity Skills

For CISOs, the lack of cybersecurity skills represents an insurmountable challenge instead of a minor nuisance.

Organisations face two major challenges when trying to hire cybersecurity specialists: the scarcity of qualified professionals combined with high recruitment expenses.

The process of employee retention stands as a major challenge after organisations successfully hire new personnel. The continuous evolution of security creates a never-ending cycle of burnout while requiring organisations to adapt at a rapid pace.

MSPs and MSSPs deliver an invaluable benefit through their immediate access to experienced professionals along with specialised tools and established processes that internal teams typically cannot match. Many CISOs view this strategic move as their primary solution to fill their security needs.

What Services Are Ripe for Outsourcing?

If you’re a CISO, then you should consider outsourcing operations which have repetitive tasks that need specialised tools and continuous monitoring.

Here are a few examples of tasks that MSPs and MSSPs can readily take on:

SIEM and log monitoringThreat intelligence feeds and analysisVulnerability scanning and patch managementEndpoint detection and response (EDR)Firewall and network security managementCompliance tracking and audit support

The infrastructure of an MSP, along with their skilled teams, enables efficient delivery of these services across large scales. The advantage for CISOs is rapid results without needing to establish everything from beginning to end.

What Should Stay In-House?

However, there are aspects of cybersecurity that, in my opinion, the CISO together with their internal team must maintain overall direction control of.

For instance, security governance and strategy is one area that CISOs may prefer to keep in-house. MSPs can provide execution along with insight but internal teams possess the complete business understanding that MSPs do not have.

It’s also important that working with MSPs or MSSPs isn’t seen as an opportunity for CISOs to abdicate responsibility for risk ownership and accountability. The job of executive reporting and board engagement should remain with the CISO, as well as any business-aligned decision making.

Conclusion

The partnership model between CISO and MSP/MSSP represents a strong approach for security needs.

But organisations must strike the right balance between outsourcing and in-house security capabilities.

The most successful CISOs develop security models that blend internal strategic leadership with external operational outsourcing to MSP or MSSP partners who offer extensive capabilities and quick results. This new sustainable security model will become prevalent in upcoming years.

For MSPs, do not overlook the opportunity to offer services that assist CISOs in filling their security skill deficiencies.

And for CISOs, rather than carrying the weight of all modern cybersecurity challenges yourself, instead look to benefit from MSP or MSSPs collaborations.

I’m intrigued to hear your thoughts, whether you’re an MSP, MSSP or CISO. Leave a comment below or get in touch.

You Might Also be Interested inPodcast: Co-Managed IT, Cybersecurity and Imposter Syndrome: Top Tips for MSPsThe Easy Way to Transition Your MSP to an MSSPThe MSP’s Survival Guide to Co-Managed IT Services

Gerald Beuchelt is Chief Information Security Officer at Acronis, a company protecting millions of endpoints across 54 data centres, many of them managed by MSPs just like you. They protect against cyber criminals and AI threats.

He’s led security through IPOs, a $5 billion merger, and now heads up the Acronis Threat Research Unit, or TRU. And that’s a team uncovering wild cyber threats that potentially pose a risk to all MSPs and their clients.

An Interview with Gerald BeucheltThe Acronis TRU

The Acronis threat research unit (TRU) is a virtual team within the organisation, made up of team members from different departments. They include threat researchers, a security team and specialists in the marketplace.

The team works together to understand the threats MSPs and MSSPs are facing, and they do a lot of research with companies of all sizes, and refer to existing research such as the Verizon breach report. Says Gerald:

“We focus closely on what we see through our own endpoint agents. That’s not only new threats coming up, but also any issues facing the MSP community, such as ransomware or email security. We also provide analysts to our partners who can assess an MSP’s cyber risk and that of their clients.”

What is a Cyber Snake?

Sidewinder ATP, an advanced persistent threat group that has been active since at least 2012, continues to pose a threat to MSPs across the globe. Recently, they targeted high level government institutions in Sri Lanka, Bangladesh and Pakistan.

“What was interesting about it was that they were using very targeted spear phishing emails to go specifically after the location of the infected clients. If a spear phish ended up in one of those countries, the entire kill chain and the payload would deploy.

“The threat actor is going to considerable effort to target specific organisations in certain regions. They have also focused on an old Microsoft Word vulnerability from 2017. This is significant because it means out of date software is still being used regularly. MSPs need to ensure their clients aren’t doing the same.”

The Return of the ChaosRAT

RAT stands for remote access toolkits or remote administration toolkits. Gerald explains that once installed, the attacker can interact in meaningful, damaging ways with the infected machine.

“You can thing of like evil remote management software which can cause chaos to networks. They’re very similar to a traditional RMM (remote management and monitoring) tools, which is worrying. It means it’s not easy to detect whether it’s genuine or not.

“At Acronis, we work hard to provide our MSP partners with tools to detect ChaosRATs. They can cause problems across operating servers, so both Linux and Windows are vulnerable. The more you can do to protect against them, the better.”

Cyber Threats MSPs Should be Aware of

Gerald highlights a couple of things today’s MSPs need to be aware of. “Attack scenarios such as ransomware are still a major concern, and they impact businesses of all sizes today.

And not only do extort companies to pay for their data to be released, they threaten them with a releasing the data and even getting companies sued by the regulator for doing so. And ransomware as a service is really growing, too.

“So as an MSP, you have to be more prepared than ever to understand the ransomware threat in your environment. Make sure you have a disaster recovery plan, and follow the legal advice to not pay if you can avoid it.

Criminals are using sophisticated-looking emails that look entirely credible, so better email protection is important. Finally, we need to encourage employees and client teams to be more aware of the threat potentials and try to minimise the risks.”

What is a Security-First MSP?

A security-first MSP is just what it sounds like. It means, says Gerald, prioritising security. “That means including security concerns, threat assessments and the appropriate countermeasures in your portfolio from the beginning.

“Security cannot be just tacked on at the very end of defining a product. You don’t wait until the anti-malware is installed and add a firewall. Security needs to be embedded from the beginning, and you have to adapt to changes all the time.

“So to be security-first, security has to come in at the ideation of a product. Ask what could go wrong and how can you prevent that? You don’t have to spend a lot of money, but you DO need to develop your architecture to make it less susceptible to threats.”

How Criminals are Using AI to Generate Real Time Attacks

MSPs need to understand that criminals are now using AI in order to carry out real time attacks. Gerald says: “The CEO of Acronis was actually deep-faked – his voice was used for a social media attack, and he has barely any online presence. So it just goes to show that any footprint is there forever.

“The trust in digital media is going to erode very quickly as deep fakes become more convincing. We’ve seen what happens when prominent people are put into seemingly unfortunate situations that are actually AI-generated.

“That also creates a challenge for businesses, because how can you prove what’s real and what’s not? A criminal could target you, create a compromising deepfake and whether you pay the ransom or not there’s a risk to your credibility.”

How to Connect With Gerald BeucheltAcronisFollow Acronis on LinkedInLike Acronis on FacebookFollow Acronis on X‘Connect with Gerald on LinkedInHow to Connect With MeSubscribe to TubbTalk RSS feedSubscribe, rate, and review TubbTalk on iTunesSubscribe and rate TubbTalk on SpotifyFollow TubbTalk on iHeartRadioFollow @tubblog_msp on InstagramMentioned in This EpisodeWindows domain networks directory: Active DirectoryComputer programme: KerberosThreat knowledge base: MITRE ATT&CKVerizon breach reportCRM software: SalesforceCyber threat: Sidewinder ATPSpeaker and author: Karl PalachukDark web: Digital UndergroundMSP event: MSP GlobalCyber event: Infosec LondonCloned Richard podcastYou Might Also be Interested inChampioning the Cybersecurity Right of Boom and the MSP RevolutionPodcast: How to Turn Employees into a Company’s Biggest Cybersecurity AssetComplement Your Cybersecurity Strategy with Security Awareness Training

I’ve been chatting with a few MSP owners lately and noticed a recurring theme: their clients’ tech environments are a mess.

Not broken. Not insecure.

Just… cluttered.

You know the kind of thing:

Outdated apps still running in the background
Duplicate files clogging up storage
Unused SaaS tools still being paid for
Employees working around clunky folder structures because “that’s how it’s always been”

But let’s be honest: nobody ever calls the helpdesk to say, “Our digital workspace feels chaotic.” But it is chaotic — and it’s hurting productivity, morale, and even security.

And that’s where the opportunity lies.

Three Ways to Turn Digital Clutter into Monthly Recurring Revenue

I believe that this challenge represents a real opportunity for modern MSPs who are always looking for way to add value to their clients. You probably know their systems better than they do, so you’re best placed to help them clean up.

1. Offer a “Digital MOT”

A one-off health check to assess digital sprawl across storage, apps, and workflows. Position this as something that will:

Tighten securitySpeed up processesEliminate duplicationSave them money on resources they’re not actually usingIdentify gaps in their solutions2. Regular Clean-ups as a Service Add-on

We all know that the easiest way to increase revenue is to sell more to existing customers, right? So when you’re already providing regular services, then it’s simple to bundle clean-ups into existing managed service agreements.

Suggest  that you carry out the clean-up quarterly or bi-annually. This works well because after a period of three to six months, they’ve probably accumulated a lot of digital rubbish that needs removing!

3. Tie Decluttering to Cyber Hygiene

Outdated logins and legacy apps are often security risks waiting to happen. And that means that it’s low-hanging fruit. Most clients don’t know what they’ve got lurking in the background. You could be the one to shine a light and sort it.

This is also a good opportunity to discuss password management and even cybersecurity awareness training for staff. The latter is also an opportunity for recurring revenue, as new employees will need to cover this as part of their induction process. Plus, all staff need to stay up to date with threats.

So what do you think? Can you see the possibilities for your MSP? If you decide to introduce a digital declutter service, we’d love to know!

You Might Also be Interested in11 Planning and Productivity Apps to Help You Make the Most of Your Year AheadPodcast: SaaS Management and Security: What MSPs Should Know to SucceedSuccessful MSP Relationships: How to Find and Nurture Them to Make Them Last

We talked recently about the importance of a personal brand for your managed service provider (MSP) business. In that blog, we looked at what makes you different from everyone else, how you deliver your service and your business values. We also touched on branding visuals. 

This time, we’re going to be looking at your brand voice, which is another key piece in how you stand out and stop being generic. It’s not as complicated as it sounds, I promise! But it is important to think about it. 

What is Your Brand Voice?

Your brand voice is how you interact with the world in person. It’s also your digital personality, and it should be consistent across every platform where you have a presence. That includes social media, your own website, anywhere you make a guest contribution, in paid ads, your email newsletter and more. 

It’s also how you demonstrate your vision, mission, values and your USP, even if you don’t talk about them specifically in your content. If one of your values, for instance, is ‘fun’, then your tone of voice can be light-hearted. 

Your brand voice needs to not only reflect you as a business and as an individual, but it also needs to resonate with your target audience. If you’re selling luxury timeshares, don’t borrow buzzwords from your eight year old! 

You need to think about the words you use, and those can be your favourite words you use frequently in real life. They might be short phrases that you’ve coined that are specific to one of your services or how you deliver them. 

As an example, my friend Susanna Reay describes herself as an ‘authority architect’, helping people to define frameworks to reflect their own authority. TubbTalk guest Kennedy’s business is called “Email Marketing Heroes” and not only is it visually branded with superheroes, every person in his team signs off emails with ‘kapow!’

Consistency is Key

No matter what industry you’re in, if you’ve got an online presence, the places you show up will be busy. In order to be memorable, you have to give people a reason to think of you first. 

So once you’ve decided on your brand visuals, messages and brand voice, you have to stick to it. Yes, you can have a rebrand at some point, but people need to be able to recognise you when your content appears in their feed or in their inboxes. 

When you first start out, it might be handy to pause before you press publish and check over your content. Does it reflect your brand voice? Have you used key words, phrases or even emojis? Does it sound like the post you put out yesterday and last week’s email? 

One quick note on brand voice and tone of voice, which I think is an important distinction. Qualtrics explain that ‘brand voice’ is your personality and ‘tone of voice’ is how you shift what you say to the situation you’re in. Just as you sound different in a business meeting and in the pub with friends, your online brand voice changes depending on the circumstances. 

(PS – scroll down the Qualtrics post to find a video from our old friend Col Gray. I didn’t know he was there until I spotted the beard!) 

Be the Same Online and in Person

Once you’ve defined your brand voice, the words you’ll use, your taglines and key messages to share, make sure you sound exactly like that in real life! We tend to meet people digitally before we encounter them in person, and it can be quite jarring if we feel we’ve got to know them only to find they’re like a stranger. 

What often happens is that people think they need to be professional at all times online, and this translates to a stiffness and formal language that they assume will attract customers. But most of us don’t really talk like that outside of work, so it confuses people. 

And unfortunately, it sometimes makes them distrustful of you, too. If your online voice and in person voice aren’t the same, how can they be sure that your values, services and delivery will be the same? 

You might need to be brave and build up to using more of your unique brand voice, but look at what you’ve written before you share something. Ask yourself: “Would I use that word in real life? Could I find a shorter way to say that?” And beware of using industry jargon! MSPs especially can be guilty of that. 

Brand Voice Matters Regardless of Company Size

If you’re just starting out, then brand voice is a great way to establish yourself in a crowded marketplace. Use your voice to attract peers, collaborators, vendors and ultimately clients whose values align with yours. This is how you’ll see success as an MSP. 

As your business grows, it’s a good idea to have all of your branding visuals, brand voice, business USP, values and even preferred fonts and email opening and sign off lines all ready to share with new employees. 

Even if you just decide to outsource your emails or social media to a freelancer, you must make sure that whatever they create sounds like you. Any sudden shifts in language, tone or messaging will be noticed by your audience, and just as with your online/offline personality, they’ll be suspicious of differences. 

If you’re part of a large organisation with offices in multiple locations, ensuring a cohesive brand voice is just as important as the other elements of your MSP’s branding. 

In case you don’t already have brand guidelines, now is the time to set these out, share them with department heads and ensure that all teams in all locations sound the same.

And don’t be afraid of letting employees post on their own LinkedIn profiles. If you lay the ground rules and ask them to follow the guidelines, they can be great advocates for your business. 

Swearing in Your Brand Voice

Finally, a note on swear words being part of your MSP’s brand voice. Personally, I would avoid it. In my experience, business people do tend to swear in social settings and even meetings, when they’re comfortable with the people they’re talking to. 

However, in online social updates and blog posts, it’s not quite as common. A few businesses do use swearing as an effective part of their brand voice. It allows people to self-disqualify themselves as potential customers and saves the company time on wrong-fit clients. 

If you want to do this, please proceed with caution! Words can easily be misconstrued online, and people can be hurt by reading or hearing language they’re not comfortable with. Why risk isolating and offending people before you’ve even started a conversation? It’s always better to give a good impression.

What do you think? Do you have a brand voice for your MSP? Have we inspired you to think about it?

You Might Also be Interested inHow to Leverage Your MSP’s Personal Brand for SuccessPodcast interview with Kennedy on email marketingWhy Consistent Content Marketing is Key for MSP Sales Success

Melissa Hockenberry is the owner of First Things First Training and Consulting, and she brings over thirty years of industry insight to her work.

She’s spent two decades in the MSP space and an impressive eighteen plus years at Autotask and Datto. Melissa is passionate about helping MSPs strengthen relationships, retain customers, and unlock sustainable revenue, all while staying true to her values.

An Interview With Melissa HockenberryWhy the Human Connection is Important to Melissa

Melissa says that the human connection is what drives her in business. “I was asked to do a keynote recently and had to include my ‘why’. I put one bullet point on a slide that said ‘serve people’. That’s a motto I’ve lived by all my working life.

“I spent six years in retail, and I realised that my best days were when I left someone in a better state than I found them. Even when I was training people to effectively take over my job, I was helping them and making their life easier.

“My mom taught me to never leave a compliment in your head. If you think someone looks nice, tell them. When I started doing that, I had some really meaningful conversations with people. You never know where it’ll lead if you make a connection.”

What Melissa did When her Job was Eliminated

In 2012, Melissa was the Director of Customer Experience at Autotask. One day her boss told her they were eliminating her position and she had to decide if she wanted to leave the company or take a role she’d done in the past.

“I thought about it, and I realised that the title was being taken away. And titles are nothing. What you bring in the value of your work and the integrity of who you are, that is the only lasting thing.

“I realised that I wasn’t ‘less’ because I was going back to being a Senior Product Support Specialist. Nothing was taken from me. My value, my knowledge, everything was still there. What I could do and bring to the role and the company were what mattered.”

The Human Side of an M&A

There are a lot of mergers and acquisitions (M&As) happening in the tech space. Melissa experienced one when Autotask was acquired by Datto in 2017. She says that while the buyer looks at the growth opportunities of making an acquisition, the human element sometimes gets forgotten about.

“What happens to employee retention after an M&A? What about clients? Will the new owners be able to keep them and maintain the positive relationships built before? And importantly, what about the CEOs who are about to lose their jobs?

“I’ve seen some CEOs shaken by an M&A but keep their cool. That’s when good leaders realise that they have something to offer and with the right support can find new, better opportunities. Your knowledge and experiences are definitely transferrable.”

The Benefit of Having Peer Support

Melissa explains the concept of a ‘mirror partner’ – somebody who reflects back the best of you. “They hold you accountable because they know your strengths and weaknesses and see your potential. It does help if they’re in the same industry or have a similar position.”

Melissa goes on to explain that she’s never met her mirror partner and they were connected online by someone who thought they’d be a good fit. “We talk to each other, she hears me mention things that I don’t think are valuable and she points them out. She spots the opportunities that I don’t.

“And she would say that I do the same for her. She wanted to get back into technology so I shared some ways I thought she could do that. Those were things she hadn’t thought of, but she acted on my suggestions and now she’s in the tech space again.”

Why we Need Better Representation in the MSP Space

The lack of women and other minorities in tech is something that starts early on in life, says Melissa. “A study was conducted where children were taught coding. After an hour or so the boys had a lot of coding to show on their screen and the girls had nothing.

“But the researchers were able to record everything the girls wrote, even if they deleted it or didn’t share it. There’s often a belief that boys and girls are good at different things and they’re not encouraged to try something that’s not a traditional subject for them.

“We need to tell young women that they can do jobs that involve STEM. If they’re interested in it, they should be encouraged; guided to find a mentor. And I think tech needs to be taught by people who aren’t naturally good at it but have worked hard to learn it. That’s inspiring and shows what you can achieve when you put your mind to it.”

One Thing Melissa Loves and One Thing She’d Change About the Tech Space

Like many others in the tech space, Melissa highlights the welcoming community. “People are embraced for who they are and they make genuine connections. I was taught not to help competitors, but that’s just not the case in the MSP industry.”

However, Melissa points to a negative aspect to the community that things have always been done in a certain way and that should continue. “It’s often people who are at the top of the tree. They’re the innovators and they believe that what worked for them is the only way to run a business.

“They forget that they were once in the same place as the young person who’s currently challenging them to do something differently. Yes, you have wisdom, but that should teach you to listen and try new ideas, because they might just work.”

How to Connect With Melissa HockenberryFirst Things First Training and ConsultancyFollow First Things First Training and Consultancy on LinkedInConnect with Melissa on LinkedInSubscribe to Melissa’s YouTube channelHow to Connect With Vera and LenkaSubscribe to the Wired for Connection RSS FeedFollow @tubblog_msp on InstagramConnect with Lenka on LinkedInVisit Vera’s website: T-ConsultingFollow T-Consulting on LinkedInFollow T-Consulting on FacebookFollow T-Consulting on TwitterConnect with Vera on LinkedInMentioned in This EpisodePSA tool: AutotaskCybersecurity software: DattoMSP conference: DattoConEmily GlassAndrew WallaceMSP conference: MSP Geek ConPSA and RMM: ConnectwiseBook: John Acuff: Start: Punch Fear in the Face, Escape Average, and Do Work That MattersCommunity software: KhorosPaul Green’s MSP Marketing EdgeYou Might Also be Interested inPodcast: Advice on Leadership and Equality from Andrew WallaceTop Tips for MSPs on World Productivity DayPodcast: Syncro: Why a More Human Business Better Serves MSPs

Conor Hynes heads up Product Management and Data Strategy at Titan HQ. The company name is probably familiar to many of you MSPs (managed service providers). They’ve recently launched an all-in-one cybersecurity platform, and their anti-phishing solution has really been making waves.

Interested to find out more, I asked Conor to give me a video demo walkthrough, which you can watch below. We explored how the tool works and what the benefits of the Titan platform are for MSPs.

A Walkthrough Demo of Titan HQ’s Intuitive Dashboard and Anti-Phishing Tool

The Solutions TitanHQ Offers to MSPs

TitanHQ started 25 years ago, initially in email security and then moving into DNS filtering. An ambitious organisation with their finger on the pulse, Conor explained that they knew cybersecurity is a fast-growing area and identified an area they could niche into to better support MSPs.

They have a unified user interface to make it easy for MSPs to manage multiple layers of security. Within that dashboard, each of TitanHQ’s products have been consolidated. Alongside those, there’s a functionality to pull in any solutions from other vendors.

The TitanHQ solution includes email security and security awareness training, along with consolidated licencing and a centralised onboarding area. This allows MSP users to apply settings for each of their clients and deploy the appropriate tools for them.

What Makes the Anti-Phishing Tool so Popular?

Conor explains that TitanHQ built their standalone product almost 25 years ago, and it remains robust, there are new types of threats coming along all the time. He says: “We know that email remains the number one attack vector when it comes to cybercriminals getting into a business’ networks, and we think it always will be.

“So we’ve spent the last 18 months refining how we do email security. We’ve evolved from basic spam and phishing protection. The email security element of the platform – Phish Titan – is very advanced and uses natural language processing.

“We know that cyber-attackers are getting more sophisticated in their approach, so se have to match that, if not do better. We’re moving into a space where it can stop those emails that can kill a business with a single ransomware attack.”

How TitanHQ Defend Networks if a Hacker gets in

Sometimes a malicious email is successful and makes it through the protective filters, so Conor explains how TitanHQ helps in that scenario. “The platform comes with an inbox add-on so the user marks any emails that they’re concerned about and alert their MSP partner.

“The user can flag the email as suspicious, or the MSP can see them flagged at their end as ‘an action is required.’ We want to make it as easy as possible for the MSP to make a decision, so we give them as much information as possible.

“The tool shows them why the email was marked as a potential danger and look at the URL to find out where it originated. Once they’ve reviewed the information, they can remediate with the click of a button. And no matter how many people have received the email, it’ll be removed from all of their inboxes.”

The TitanHQ Cybersecurity Awareness Training

In the tech space, we all know that the biggest risk to any organisation’s network is caused by human error. That’s why security awareness training is becoming increasingly important. Cybersecurity-conscious MSPs should be offering this themselves, or partnering with a company who can provide it for them.

Conor says that the TitanHQ training offering is one of the things that first draws MSP clients to them. “They know that the employees are the weakest link, so they want to mitigate against any damage. It’s essential for them to provide training to show their clients how seriously they take security.

“But we also know that MSPs are time-poor, so our training isn’t complex or difficult to implement. We offer a simple campaign set-up, where each user gets an email, they enrol in the training and the system sends out the lure email. And the MSPs can customise those to be simple or not, but they always look realistic.”

Reporting Features for MSP Clients

If and when a user does click on a lure, Conor says it’s important for the MSP to be able to educate their clients, not punish them. “You want them to know that they’ve made a mistake, and that you can provide them with additional learning. And some departments are more susceptible than others, so you can tailor the curriculum.”

The reporting function is natively built into the product, Conor explains, allowing the MSP to view each campaign each client has been enrolled in, and which modules have been sent to the users. They can also see who’s done the training and who hasn’t.

“And again, because MSPs are time-poor, we create automated reporting directly to the administrator’s inbox which can then be shared with the client. This allows the MSP to highlight specific areas of concern and work with them to resolve them.”

Scaling for Fast-Growing MSPs

The TitanHQ platform has been built with scaling in mind, says Conor. “We don’t want MSP users to worry that the platform won’t be able to keep up as their business grows and demands more from it.

“We’ve built it on modern technology and we’re constantly improving it. We work closely with out advisory board of MSP customers, so we refine the platform in response to their feedback. In fact, a couple have already reached 30,000 seats in one year.

“We track and monitor client onboarding on a daily basis, so we can see how many users MSPs are adding. And yes, sometimes that’s 20 to 25 per day. The increased numbers don’t make deployment any harder, so we’re happy that the platform technology is supporting growth and scale at a higher level.”

How to Connect With Conor HynesVisit the TitanHQ websiteLike TitanHQ on XFollow TitanHQ on LinkedInLike TitanHQ on FacebookConnect with Conor on LinkedInHow to Connect With MeConnect with me on LinkedInFollow @tubblog_msp on InstagramYou Might Also be Interested inThe Easy Way to Transition Your MSP to an MSSPPodcast: How to Turn Employees into a Company’s Biggest Cybersecurity Asset12 Ways to Attract More Profitable Clients to Your Business