December 5, 2025

What It Really Takes To Build A Good MSSP

Category: Community, Go To Market, Security Market — Tags: – @ 7:33 am

Everyone is suddenly looking at MSP and MSSP rollups. Investors, strategics, even VCs. The logic is obvious. Fragmented market, recurring revenue, sticky customer relationships. But the reality is that only a small subset of providers actually operate at a level worth scaling. The difference between an average MSSP and a good one comes down to a few fundamentals.

Start With Focus

Most MSPs never defined who they serve. They grew organically, took whatever customer showed up, and built a toolkit around individual fires rather than a repeatable model. A strong MSSP starts with clarity. Who is the ICP. What problem is being solved. What the operating model looks like for that segment. When this is missing, everything becomes random. Different tools. Different service quality. No leverage.

In practice, the most important segmentation is not the MSP itself, but who the MSP sells to. An MSP serving restaurants or spas has a fundamentally different security maturity, willingness to pay, and regulatory exposure than one serving regional banks, healthcare, or regulated SMBs. Treating them as one market leads to mispriced risk and churn.

Understand the Economics

Many MSPs think software licensing is their main cost. It is not. Labor dominates the model. At ConnectWise, our Service Leadership dataset showed that roughly 20 percent of MSPs were not profitable because they simply did not understand their own cost structure. The best ones hit around 20 to 25 percent EBITDA. They standardize. They price correctly. They run the business with discipline instead of firefighting.

The real margin killer is not the license costs. It is the technician minutes required to install, manage, respond, document, and bill every tool. Every additional product increases operational drag, even if the license is cheap.

Standardized Security Bundles Win

The MSSPs that scale do not let customers choose their own adventure. They define a required stack. If you want to be a customer, you adopt their bundle. This gives consistency, predictability, and actual security outcomes. A typical bundle includes:

• Patch and vulnerability management
• Endpoint protection
• Email security
• Security awareness
• Optional SIEM or MDR depending on the segment

Without standardization, you cannot maintain margins or guarantee service quality. You also make incident response dramatically harder because every environment looks different.

In reality, the bundle is usually sold at a fixed price like $50 to $100 per user per month. Any new security tool must fit inside that number. If it costs $2 to $3 per user, something else must be removed or margin gets cut. This is why getting into the bundle is harder than most vendors expect.

Service Quality Is the Product

SMBs want to be secure. They want minimal disruption. And when something goes wrong, they want a real human who knows what they are doing. Not tier 1 scripts. Not delays during an active incident. Good MSSPs prepare the customer during onboarding. They map critical systems, define escalation paths, understand what can be taken offline, and capture credentials and architecture details. They remove the guesswork from the moment the incident starts.

Billing Needs To Be Simple

One of the fastest ways to lose customers is confusing invoices. Customers want to understand what they pay for. Surprises create distrust. The MSSPs that retain well keep billing predictable, transparent, and boring.

Own the Response, Not Just the Alert

An MDR or MSSP that only notifies customers creates frustration. The provider must take the customer through remediation. For SMBs, response often means restoring operations, identifying the entry point, and closing the gap. If the MSSP cannot do this internally, it must have reliable partners.

How Rollups Actually Create Value

Rollups only work when there is a clear thesis. Some focus on platform unification and a single delivery model. Others focus on professionalizing the business with better hiring, benefits, pricing, and operational rigor. Both paths can work. But they require patience and real operating muscle.

The fastest way to build a defensible platform is often not direct MS(S)P sales but embedding into existing security vendors that already sit in the bundle. Winning a technology alliance with an EDR, MDR, or firewall provider puts you into hundreds of MSPs without forcing each of them to make a new buying decision

Cross border rollups in Europe introduce more complexity. Language and local relationships matter. Regulation varies. Centralizing delivery is possible, but customer interaction often stays local. A standardized platform can still work if the ICP is consistent across regions.

The Microsoft Factor

Many SMBs already own security features through M365. Ignoring this leads to bloated stacks and poor pricing. Smart MSSPs align their offering with what customers already have and fill the real gaps.

The Bottom Line

Building a strong MSSP is not mysterious. It requires a defined ICP, a standardized security bundle, disciplined delivery, true incident readiness, transparent billing, and the ability to take customers all the way to resolution. The providers that do these things consistently are the ones worth scaling. Investors often chase the rollup story, but the real value sits inside the boring operational fundamentals that most of the market never gets right.

September 4, 2025

Go-to-Market Strategies for Small Security Companies

Category: Go To Market, Uncategorized — Tags: , , , – @ 8:29 am

Bringing a new product to market is hard—especially for small companies with limited sales resources. While large players can rely on global sales teams, most startups and scale-ups need to be smarter in how they approach their go-to-market (GTM) and route-to-market (RTM) strategies.

Recently, I walked through a set of practical approaches for some of the companies that I work with as an advisor and board member. I wanted to share these lessons more broadly as they might be useful for others as well. These lessons apply broadly to any small technology firm looking to punch above its weight.

Start with Segmentation and ICP Clarity

The first step in any GTM journey is understanding who exactly you are selling to. Segment your market carefully and define your Ideal Customer Profile (ICP). A well-defined ICP keeps you focused and helps you avoid wasting precious time on prospects that aren’t a good fit.

Match the Route-to-Market to Each Segment

Different customer types buy differently. Some may prefer to purchase through a distributor, others via a managed service provider (MSP) or a systems integrator (SI). Aligning your RTM strategy with each ICP segment ensures you meet your buyers where they already are.

Distributors: Give Before You Get

One of the biggest misconceptions startups have is that distributors will automatically champion your product. In reality, distributors expect you to bring them demand first. Show them you can generate business and they’ll start paying attention.

Leverage Technical Partnerships

Forming technical partnerships with larger vendors is often one of the fastest ways to expand reach. These companies already have distribution networks, customer relationships, and market credibility. By integrating or aligning with them, you can ride their coattails into places you couldn’t reach alone.

Ask Your Customers How They Buy

Your existing customers are one of your best sources of intelligence. Ask them:

  • Do they prefer working with MSPs? Who do you work with yourself?
  • Do they use certain distributors?
  • Do they have go-to SIs or VARs?

Not only will you learn more about your market’s buying habits, but customers can often introduce you directly to their providers to short-circuiting months of cold outreach.

Regional VARs: An Untapped Opportunity

Large VARs are tempting, but it’s hard to get their attention. Smaller, regional VARs are usually more receptive, hungry for growth, and open to building mutually beneficial offers. For many startups, these local relationships turn out to be far more productive.

Don’t Rely on Cold Calling Alone

While direct sales will always play some role, scaling purely through cold outreach is rarely sustainable for startups. Partnerships, integrations, and channel leverage amplify your reach, making each sales dollar work harder.

Closing Thoughts

For small companies, success isn’t about brute-forcing your way into the market. It’s about smart leverage. By segmenting effectively, aligning routes-to-market, and building the right partnerships, startups can create multiplier effects that would be impossible through direct selling alone.

The road to market is rarely straight, but with the right GTM strategy, even small players can carve out a strong position in highly competitive industries like cybersecurity.

August 14, 2025

Mastering the Channel Ecosystem — Lessons From our BlackHat Panel

Category: Go To Market — @ 7:04 pm

Thanks to everyone who joined the panel at the BlackHat Innovators & Investors Summit — it was a fast, practical session and full of real, repeatable advice. Below I’ve distilled the conversation into the speakers and the most actionable takeaways founders, investors and channel leaders can use.

Who Spoke

  • Daniel “DB” Bernard — Chief Business Officer, CrowdStrike
  • Matt Berry — Global Field CTO, Cyber, World Wide Technology (WWT)
  • Chris Bisnett — Co-founder & CTO, Huntress
  • Peter Bryant — Market Analyst, Canalys
  • Moderator: Raffael Marty, Operating Advisor

Top-line Thesis

Great product is necessary but not sufficient. If you want scale and durability you must design product, GTM, pricing and operations for the channel — MSPs, VARs, MSSPs, distributors and hyperscaler marketplaces. Get those pieces aligned and the channel becomes your growth engine and a moat.

The Most Important, Actionable Insights

1) Start with real customer evidence — then bring partners in

  • Close a first few deals directly and then ask: Who do you buy through? If the customer uses a reseller or integrator, bring that partner into the next conversation.
  • A partner introduced by a customer is infinitely more effective than cold outreach.

2) Target, pilot, then scale (regional first)

  • Don’t boil the ocean. Pick a geography or vertical where a partner has influence, run an enablement-intensive pilot, close a few joint deals, and let the wins spread organically through the partner organization.
  • Grassroots wins (regional proof points) are how startup products get noticed inside large SIs and disti sales orgs.

3) Engineer the product for MSPs and scale

  • Some technical must-haves for MSPs: multi-tenancy, frictionless provisioning, usage-based billing, robust reporting, and minimal support overhead (no reboots, simple deployment).
  • Build integrations with RMM/PSA tools. Partners won’t adopt tools that don’t fit their stack.

4) Use hyperscaler marketplaces as a growth hack

  • AWS/Azure/Google marketplaces are a procurement shortcut — customers can spend cloud credits and close without long vendor approvals. CrowdStrike and others proved this: marketplace adoption accelerated scale dramatically.
  • Prioritize marketplace readiness early (billing, security/compliance, packaging).

5) Think of channel margin as external sales / commission

  • Yes, margins look worse on paper — but compare to the true CAC of building a direct sales force. That margin buys you reach and reduces acquisition risk (you only pay when a partner sells).
  • Measure partner-sourced vs partner-influenced revenue and the CAC of each.

6) Don’t assume distis/VARs will sell without support

  • Listing in a distributor catalog is not the finish line. You must: enable, co-market, provide lead flow, run joint sales plays, and sometimes front-end incentives to get sellers focused on your SKU.
  • Short-term investment in enablement and marketing is how you get long-term pull-through.

7) Build partner economics and enablement as products

  • Provide free (or low-cost) certification, sales playbooks, demo environments, one-click onboarding, and co-branded assets. These reduce time-to-first-deal and lower partner friction.
  • Consider usage-based billing to match MSP economics: partners want to align cost with consumed endpoints/services.

8) Decide and double-down on one partner type first

  • MSP vs MSSP vs VAR vs SI: each requires a different product shape and GTM. Nail one, then expand. Trying to serve all at once dilutes focus and kills momentum.

9) Invest in partner success and low-touch CSM automation

  • With thousands of SMB endpoints, you can’t scale human CSM for every account. Automate onboarding, monitoring, renewal nudges and migration tools — make it easy for MSPs to manage many customers.

10) Metrics you should be tracking from day 1

  • Time-to-first-deal with partner (by partner type)
  • Partner-sourced pipeline and partner-influenced revenue
  • Onboarding time per MSP customer (time-to-live)
  • Churn by partner / churn during partner transitions
  • Net retention for partner-sourced customers

Practical checklist for founders (do this tomorrow)

  1. Pull your top 3 customers and ask: who did you buy through?
  2. Pick one partner (regional or niche) and design a 90-day pilot with joint enablement and a measurable close objective.
  3. Audit product integration: do you have PSA/RMM connectors? If not, roadmap one.
  4. Prepare an AWS/Azure/Google marketplace package (billing, security, description, packaging).
  5. Create a partner enablement kit: demo script, short playbook, 1-page technical install guide, and a free certification.
  6. Model partner economics as commission vs. CAC — present it to your board/investors as external sales.
  7. Instrument partner metrics in your analytics and report them weekly.

Suggested questions to ask a distributor / VAR / SI when exploring partnership

  • Who in your organization will sell and who will implement our solution? (names/roles)
  • What does success look like in the first 90 days? How many joint opportunities will you target?
  • Which 3 vendors do you co-sell with today (and how do we integrate with them)?
  • What enablement will you need from us (sales motion, demo environment, pricing, rebates)?
  • How will leads/credit/margin be handled if a customer comes direct?

For investors: what to look for in a channel-first startup

  • Product designed for the channel: multi-tenancy, RMM/PSA integrations, usage billing.
  • Early partner proofs: paying partners or partner-introduced deals, not just distributor listings.
  • A go-to-market playbook for partner enablement (documented processes, enablement kits, measurable time-to-first-deal).
  • Marketplace strategy and early traction (even if small, momentum matters).

Closing takeaways (what I heard loud and clear)

  • The channel is not a shortcut — it’s a discipline. If you commit, build for it, and invest in the partner motion, channel-first companies scale faster and with lower long-term CAC.
  • Start with customers, pilot locally with partners, engineer for MSP realities, and use marketplaces to accelerate procurement.
  • Win through repeatable partner plays and measurable enablement — wins scale inside partner organizations.

Thanks again to BlackHat for having us and to the panelists to take time out of their busy schedules to impart these very actionable insights.