Email is the top vector for cyberthreats and a leading source of compromise for businesses. Despite the considerable risks of email threats, many SMBs choose to forgo adequate email protection due to a lack of resources, awareness, or both.
For MSPs, talking to clients about email security can be an uphill battle. In this post, we’ll cover important tips and strategies that can help you break through any objections and convince customers to make the investment.
Elaborate on the importance of email protection
Why is email so popular among hackers and effective against victims? Easy to deploy and scale, it gives hackers a direct path to attacking the greatest weakness in IT—users. No matter how robust your clients’ defense measures, they offer limited protection if a user clicks a malicious link or opens an infected attachment.
When talking to clients about email protection, show them what could happen if they choose to forgo the investment. Data tells a powerful story. There’s no shortage of news stories and reports illustrating the ramifications of ignoring cybersecurity best practices or standards.
Find statistics to back up your assertions and demonstrate how an email threat, such as a phishing or ransomware email, could harm your clients’ business and even bring it to a halt. The object isn’t to scare clients, but to give them a realistic appraisal of the current threat landscape and the vulnerabilities that you see with their current solution.
Understand the education gap
It’s a common mistake to assume that the average person has the same level of knowledge as those of us in IT. Devoting our careers to the field—and working alongside peers committed to the same pursuit—creates this illusion.
In reality, the average person has limited knowledge of IT and probably even less knowledge of cybersecurity or email security. Keep that in mind before discussing cybersecurity with a client. It will influence not only how you approach the topic, but also the language you use in the conversation.
Speak their language (not yours)
Using IT jargon is a good way to confuse clients. Avoid it at all costs if your client doesn’t have the background to understand technical terminology and jargon. Get to know your clients before diving into a discussion of solutions for email protection. Not only will it help you gauge their technical knowledge, but it will also help you identify areas where your client needs awareness training and education.
With this knowledge, you will learn how to avoid language and topics that will confuse them and how to talk to them in a way that they will understand.
Focus on the benefits of email protection, not functionality
Non-technical clients have little to gain from a long, drawn-out explanation of how an email security solution works or how you will deploy, manage, and maintain it. Going into too much detail about functionality risks losing the client at the outset of the conversation. Worse, it could lead them to pass on investing in email protection based on nothing more than their misunderstanding of features and functionality.
Focus instead on what the solution can do for them and their business. For example, explain that you can protect them by adding a solution that will block malicious emails and provide automated phishing training to users. No need to explain how Machine Learning, Computer Vision, or Natural Language Processing work to achieve these feats; unless, of course, the client is both interested and able to understand the information.
Show your value
As an MSP, it’s important to show your clients the value of your service. Unfortunately, cybersecurity is largely invisible until it fails spectacularly. Even though many email security solutions are transparent, there are still ways to show the value of your service. For example, Vade for M365 includes an Added Value report that shows statistics on the threats that Vade caught and Microsoft missed.
Added Value Report in Vade for M365
This report is a powerful testimonial of the value of your service. If you have Vade for M365 in your security stack, share some of the Added Value reports from other clients to illustrate the value of your service. The picture is black and white: without your email protection, all those malicious threats would have been delivered.
[Related posts] Why Users Should Report Suspicious Emails, and How to Manage Them When They Do
