![\"MSPGlobal\"](\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\")
<\/figure>\n<\/div>\n\n\n\nWhat is the first step that an MSP should take to assess its current security maturity, and how do they map out offering a full MSSP-style service?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n![\"\"](\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/LewisPope_N-able-scaled.jpg\")
<\/figure>\n<\/div>\n\n\n\n\nYou need to understand why you are doing this. I break it down into two categories: \u201cI’m doing this because I need to improve and want to make more money,\u201d or \u201cI’m doing this because it is explicitly demanded by my current clients or aligns with my ideal client profile\u201d\u2014which is more compliance-driven.<\/p>\n\n\n\n
If you decide your motivator is that you\u2019re just looking at this as an opportunity, you’ve probably been doing a lot of these things\u2014you just haven’t been telling the right story. So it’s about reassessing what it is you’re currently doing and aligning it to security.<\/p>\n\n\n\n
Making that change to focus on security means you now offer vulnerability remediation and mitigation services of which patch management is an important component. You\u2019ll be repositioning what you’re doing and telling a better story. If it is for compliance purposes, it’s choosing what compliance it is.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nWhen it comes to practical security controls, what are the must-have controls? Which ones deliver the biggest risk reduction for the smallest overheads?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nWhen you move into more MSSP-type services, one of the things you become more involved with is prevention of cybercrime. There are expectations around how you gather evidence. A SIEM [Security and Information Event Management] can handle so much of the heavy lifting of recording the telemetry and evidence of what happens during an incident that will be vital for understanding what happened, and more importantly what is currently happening. I think you must have one in the next year or so. If you don’t have something like that in place, you’re seriously behind. At N-able, we have SIEM functionality as a core component of our Adlumin MDR offering. A SIEM can power that evidence collection and allow you to apply your XDR and MDR capabilities against that entire data set because threats don’t just operate on the endpoint anymore. A threat can start out in the Cloud and then become an internal threat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nHow can MSPs build and sustain the internal expertise that’s required to run that 24\/7 detection response and threat scanning service?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nToday, you need true 24\/7, 365 humans on keyboards in front of screens who can respond to an event in minutes, not hours. <\/p>\n\n\n\n
It is not a tool that you go and purchase. If you are going 24\/7, it takes talented individuals finding those talented individuals, and certifying them. Look towards the major certificate vendors. All of them have their version of a SOC analyst or Security Plus or Cloud Security. You want a security analyst, which is a different set of skills. They come at a premium.<\/p>\n\n\n\n
Ask yourself the honest question of, \u201cCan I find just over 8,700 hours of payroll to pay just to have one person on shift 24\/7 throughout the year\u201d?<\/p>\n\n\n\n
That\u2019s where maybe instead of moving into the MSSP sphere, you partner with an MSSP and split the workload. Your path to profitability should be much faster and smoother.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nHow can MSPs on the road to an MSSP offering weave in industry frameworks into their service delivery?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nAgain, it’s the \u201cWho are your clients?\u201d question. The easiest way is to sit down and read the frameworks and standards, which are freely available, like the NIST cybersecurity framework or the CIS version. Don’t go and pay for training courses as your first step.<\/p>\n\n\n\n
Use it as a gap analysis. You’ll come out of it with things you can’t do and figure out how you can do them. The NIST Cybersecurity Framework and ISO 27002 are a lot longer. Ask yourself, \u201cAre we doing this just to be better or is it for compliance purposes?\u201d And if it is for compliance purposes, are you doing this as part of the CSO work or compliance-as-a-service work? That\u2019s your driving force.<\/p>\n\n\n\n
If you can build that underneath a vCISO [Virtual Chief Information Security Officer] offering or compliance-as-a-service offering, it\u2019s one additional revenue opportunity. A vCISO service enables you to support larger clients whose security needs exceed what you can manage alone. It\u2019s a revenue opportunity you might be able to build over time.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\n\u00a0Incident response is often make or break in the service line in a contract. What would be your advice on creating clear service level agreements that both MSPs and their clients can trust?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nOne of the first things I ask is, \u201cDo you have a shared responsibility matrix with every one of your clients?\u201d and, \u201cAre you managing and maintaining a risk register for every one of your clients?\u201d If you ask these questions, you can set proper expectations with your clients about what incident responses, SLAs, and SLOs are going to look like.<\/p>\n\n\n\n
And before you go talk to your clients about it, do it for yourself. You will figure out all these extra considerations you need to be making around incident response.<\/p>\n\n\n\n
You need to have a conversation with your clients about the expectations of their insurance coverage. You should be getting the information of your client\u2019s cyber insurance providers today so you can reach out to them and ask, \u201cWhat is the SOP? What are the expectations? Can you provide me with a list of the DFIR [digital forensics and incident response] firms that you’re going to engage with?\u201d<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nWhat operational pitfalls do MSPs commonly encounter when they start to build out and scale cybersecurity offerings, and how can they streamline those processes to avoid burnout?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\n Know that none of this is going to be solved by a new tool. The majority is going to be process and procedures, documentation, workflows, doing the \u201cboring\u201d work of risk registers and reviewing it with your clients, because they are the ones in the end that are accountable.<\/p>\n\n\n\n
As an MSP, you’ll start understanding your client’s business better than they do. And you\u2019ll see the landmines. Even if they\u2019re not going to pay you for it, your findings will still need to go in the risk register; because if you don’t bring it up and that’s what burns them, then you’re going to have to explain why you never brought it up.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nCybersecurity can be a tough sell to clients. How should they package, price and position new security or service offerings that resonate with the existing clients, but also keep the door open to new clients?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nThere are tons of ways to approach this based on who you are as an MSP, your internal culture, what your plans for your MSP going forward are.<\/p>\n\n\n\n
Line iteming your services really hurts you because it gives clients an opportunity to have an argument with you about why they do or do not need this particular thing. It should be a consolidated package where you’re not exposing the cost of each individual component.<\/p>\n\n\n\n
Instead of describing the tool you’re using, describe the outcomes you’re delivering. Clients are not going to care about which tool you use to handle patching or to remote access their systems. They’re going to care if it\u2019s safe and secure.<\/p>\n\n\n\n
It also makes it a lot easier on your sales team. They’re able to sell them the outcomes.<\/p>\n\n\n\n
That\u2019s when they can say that you\u2019re including patching, endpoint management, data recovery, business continuity, disaster recovery planning, vulnerability management, XDR, SIEM, end user cybersecurity awareness training, email security, your Microsoft licensing, or your Google workspace. You bring all of those together and that’s how you get to an amount per seat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nLooking at the threat landscape today, where do you see the greatest growth opportunities for MSPs? Can the MSP and MSSP or MSSP-style model live side by side in harmony?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n
How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope<\/title>\n<meta name=\"description\" content=\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:description\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T08:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T14:41:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"wordCount\":1628,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"description\":\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"width\":2121,\"height\":1414,\"caption\":\"Butterfly emerges\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_locale":"en_US","og_type":"article","og_title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_description":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-11-13T08:37:00+00:00","article_modified_time":"2025-11-13T14:41:22+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png","type":"image\/png"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"wordCount":1628,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","width":2121,"height":1414,"caption":"Butterfly emerges"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12814"}],"version-history":[{"count":6,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions\/12898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\n\nYou need to understand why you are doing this. I break it down into two categories: \u201cI’m doing this because I need to improve and want to make more money,\u201d or \u201cI’m doing this because it is explicitly demanded by my current clients or aligns with my ideal client profile\u201d\u2014which is more compliance-driven.<\/p>\n\n\n\n
If you decide your motivator is that you\u2019re just looking at this as an opportunity, you’ve probably been doing a lot of these things\u2014you just haven’t been telling the right story. So it’s about reassessing what it is you’re currently doing and aligning it to security.<\/p>\n\n\n\n
Making that change to focus on security means you now offer vulnerability remediation and mitigation services of which patch management is an important component. You\u2019ll be repositioning what you’re doing and telling a better story. If it is for compliance purposes, it’s choosing what compliance it is.<\/p>\n<\/div>\n<\/div>\n\n\n\n
<\/figure>\n<\/div>\n\n\n\nWhen it comes to practical security controls, what are the must-have controls? Which ones deliver the biggest risk reduction for the smallest overheads?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nWhen you move into more MSSP-type services, one of the things you become more involved with is prevention of cybercrime. There are expectations around how you gather evidence. A SIEM [Security and Information Event Management] can handle so much of the heavy lifting of recording the telemetry and evidence of what happens during an incident that will be vital for understanding what happened, and more importantly what is currently happening. I think you must have one in the next year or so. If you don’t have something like that in place, you’re seriously behind. At N-able, we have SIEM functionality as a core component of our Adlumin MDR offering. A SIEM can power that evidence collection and allow you to apply your XDR and MDR capabilities against that entire data set because threats don’t just operate on the endpoint anymore. A threat can start out in the Cloud and then become an internal threat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nHow can MSPs build and sustain the internal expertise that’s required to run that 24\/7 detection response and threat scanning service?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nToday, you need true 24\/7, 365 humans on keyboards in front of screens who can respond to an event in minutes, not hours. <\/p>\n\n\n\n
It is not a tool that you go and purchase. If you are going 24\/7, it takes talented individuals finding those talented individuals, and certifying them. Look towards the major certificate vendors. All of them have their version of a SOC analyst or Security Plus or Cloud Security. You want a security analyst, which is a different set of skills. They come at a premium.<\/p>\n\n\n\n
Ask yourself the honest question of, \u201cCan I find just over 8,700 hours of payroll to pay just to have one person on shift 24\/7 throughout the year\u201d?<\/p>\n\n\n\n
That\u2019s where maybe instead of moving into the MSSP sphere, you partner with an MSSP and split the workload. Your path to profitability should be much faster and smoother.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nHow can MSPs on the road to an MSSP offering weave in industry frameworks into their service delivery?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nAgain, it’s the \u201cWho are your clients?\u201d question. The easiest way is to sit down and read the frameworks and standards, which are freely available, like the NIST cybersecurity framework or the CIS version. Don’t go and pay for training courses as your first step.<\/p>\n\n\n\n
Use it as a gap analysis. You’ll come out of it with things you can’t do and figure out how you can do them. The NIST Cybersecurity Framework and ISO 27002 are a lot longer. Ask yourself, \u201cAre we doing this just to be better or is it for compliance purposes?\u201d And if it is for compliance purposes, are you doing this as part of the CSO work or compliance-as-a-service work? That\u2019s your driving force.<\/p>\n\n\n\n
If you can build that underneath a vCISO [Virtual Chief Information Security Officer] offering or compliance-as-a-service offering, it\u2019s one additional revenue opportunity. A vCISO service enables you to support larger clients whose security needs exceed what you can manage alone. It\u2019s a revenue opportunity you might be able to build over time.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\n\u00a0Incident response is often make or break in the service line in a contract. What would be your advice on creating clear service level agreements that both MSPs and their clients can trust?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nOne of the first things I ask is, \u201cDo you have a shared responsibility matrix with every one of your clients?\u201d and, \u201cAre you managing and maintaining a risk register for every one of your clients?\u201d If you ask these questions, you can set proper expectations with your clients about what incident responses, SLAs, and SLOs are going to look like.<\/p>\n\n\n\n
And before you go talk to your clients about it, do it for yourself. You will figure out all these extra considerations you need to be making around incident response.<\/p>\n\n\n\n
You need to have a conversation with your clients about the expectations of their insurance coverage. You should be getting the information of your client\u2019s cyber insurance providers today so you can reach out to them and ask, \u201cWhat is the SOP? What are the expectations? Can you provide me with a list of the DFIR [digital forensics and incident response] firms that you’re going to engage with?\u201d<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nWhat operational pitfalls do MSPs commonly encounter when they start to build out and scale cybersecurity offerings, and how can they streamline those processes to avoid burnout?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\n Know that none of this is going to be solved by a new tool. The majority is going to be process and procedures, documentation, workflows, doing the \u201cboring\u201d work of risk registers and reviewing it with your clients, because they are the ones in the end that are accountable.<\/p>\n\n\n\n
As an MSP, you’ll start understanding your client’s business better than they do. And you\u2019ll see the landmines. Even if they\u2019re not going to pay you for it, your findings will still need to go in the risk register; because if you don’t bring it up and that’s what burns them, then you’re going to have to explain why you never brought it up.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nCybersecurity can be a tough sell to clients. How should they package, price and position new security or service offerings that resonate with the existing clients, but also keep the door open to new clients?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nThere are tons of ways to approach this based on who you are as an MSP, your internal culture, what your plans for your MSP going forward are.<\/p>\n\n\n\n
Line iteming your services really hurts you because it gives clients an opportunity to have an argument with you about why they do or do not need this particular thing. It should be a consolidated package where you’re not exposing the cost of each individual component.<\/p>\n\n\n\n
Instead of describing the tool you’re using, describe the outcomes you’re delivering. Clients are not going to care about which tool you use to handle patching or to remote access their systems. They’re going to care if it\u2019s safe and secure.<\/p>\n\n\n\n
It also makes it a lot easier on your sales team. They’re able to sell them the outcomes.<\/p>\n\n\n\n
That\u2019s when they can say that you\u2019re including patching, endpoint management, data recovery, business continuity, disaster recovery planning, vulnerability management, XDR, SIEM, end user cybersecurity awareness training, email security, your Microsoft licensing, or your Google workspace. You bring all of those together and that’s how you get to an amount per seat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nLooking at the threat landscape today, where do you see the greatest growth opportunities for MSPs? Can the MSP and MSSP or MSSP-style model live side by side in harmony?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n
How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope<\/title>\n<meta name=\"description\" content=\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:description\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T08:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T14:41:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"wordCount\":1628,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"description\":\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"width\":2121,\"height\":1414,\"caption\":\"Butterfly emerges\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_locale":"en_US","og_type":"article","og_title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_description":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-11-13T08:37:00+00:00","article_modified_time":"2025-11-13T14:41:22+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png","type":"image\/png"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"wordCount":1628,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","width":2121,"height":1414,"caption":"Butterfly emerges"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12814"}],"version-history":[{"count":6,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions\/12898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\n\nWhen you move into more MSSP-type services, one of the things you become more involved with is prevention of cybercrime. There are expectations around how you gather evidence. A SIEM [Security and Information Event Management] can handle so much of the heavy lifting of recording the telemetry and evidence of what happens during an incident that will be vital for understanding what happened, and more importantly what is currently happening. I think you must have one in the next year or so. If you don’t have something like that in place, you’re seriously behind. At N-able, we have SIEM functionality as a core component of our Adlumin MDR offering. A SIEM can power that evidence collection and allow you to apply your XDR and MDR capabilities against that entire data set because threats don’t just operate on the endpoint anymore. A threat can start out in the Cloud and then become an internal threat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
<\/figure>\n<\/div>\n\n\n\nHow can MSPs build and sustain the internal expertise that’s required to run that 24\/7 detection response and threat scanning service?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nToday, you need true 24\/7, 365 humans on keyboards in front of screens who can respond to an event in minutes, not hours. <\/p>\n\n\n\n
It is not a tool that you go and purchase. If you are going 24\/7, it takes talented individuals finding those talented individuals, and certifying them. Look towards the major certificate vendors. All of them have their version of a SOC analyst or Security Plus or Cloud Security. You want a security analyst, which is a different set of skills. They come at a premium.<\/p>\n\n\n\n
Ask yourself the honest question of, \u201cCan I find just over 8,700 hours of payroll to pay just to have one person on shift 24\/7 throughout the year\u201d?<\/p>\n\n\n\n
That\u2019s where maybe instead of moving into the MSSP sphere, you partner with an MSSP and split the workload. Your path to profitability should be much faster and smoother.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nHow can MSPs on the road to an MSSP offering weave in industry frameworks into their service delivery?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nAgain, it’s the \u201cWho are your clients?\u201d question. The easiest way is to sit down and read the frameworks and standards, which are freely available, like the NIST cybersecurity framework or the CIS version. Don’t go and pay for training courses as your first step.<\/p>\n\n\n\n
Use it as a gap analysis. You’ll come out of it with things you can’t do and figure out how you can do them. The NIST Cybersecurity Framework and ISO 27002 are a lot longer. Ask yourself, \u201cAre we doing this just to be better or is it for compliance purposes?\u201d And if it is for compliance purposes, are you doing this as part of the CSO work or compliance-as-a-service work? That\u2019s your driving force.<\/p>\n\n\n\n
If you can build that underneath a vCISO [Virtual Chief Information Security Officer] offering or compliance-as-a-service offering, it\u2019s one additional revenue opportunity. A vCISO service enables you to support larger clients whose security needs exceed what you can manage alone. It\u2019s a revenue opportunity you might be able to build over time.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\n\u00a0Incident response is often make or break in the service line in a contract. What would be your advice on creating clear service level agreements that both MSPs and their clients can trust?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nOne of the first things I ask is, \u201cDo you have a shared responsibility matrix with every one of your clients?\u201d and, \u201cAre you managing and maintaining a risk register for every one of your clients?\u201d If you ask these questions, you can set proper expectations with your clients about what incident responses, SLAs, and SLOs are going to look like.<\/p>\n\n\n\n
And before you go talk to your clients about it, do it for yourself. You will figure out all these extra considerations you need to be making around incident response.<\/p>\n\n\n\n
You need to have a conversation with your clients about the expectations of their insurance coverage. You should be getting the information of your client\u2019s cyber insurance providers today so you can reach out to them and ask, \u201cWhat is the SOP? What are the expectations? Can you provide me with a list of the DFIR [digital forensics and incident response] firms that you’re going to engage with?\u201d<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nWhat operational pitfalls do MSPs commonly encounter when they start to build out and scale cybersecurity offerings, and how can they streamline those processes to avoid burnout?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\n Know that none of this is going to be solved by a new tool. The majority is going to be process and procedures, documentation, workflows, doing the \u201cboring\u201d work of risk registers and reviewing it with your clients, because they are the ones in the end that are accountable.<\/p>\n\n\n\n
As an MSP, you’ll start understanding your client’s business better than they do. And you\u2019ll see the landmines. Even if they\u2019re not going to pay you for it, your findings will still need to go in the risk register; because if you don’t bring it up and that’s what burns them, then you’re going to have to explain why you never brought it up.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nCybersecurity can be a tough sell to clients. How should they package, price and position new security or service offerings that resonate with the existing clients, but also keep the door open to new clients?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nThere are tons of ways to approach this based on who you are as an MSP, your internal culture, what your plans for your MSP going forward are.<\/p>\n\n\n\n
Line iteming your services really hurts you because it gives clients an opportunity to have an argument with you about why they do or do not need this particular thing. It should be a consolidated package where you’re not exposing the cost of each individual component.<\/p>\n\n\n\n
Instead of describing the tool you’re using, describe the outcomes you’re delivering. Clients are not going to care about which tool you use to handle patching or to remote access their systems. They’re going to care if it\u2019s safe and secure.<\/p>\n\n\n\n
It also makes it a lot easier on your sales team. They’re able to sell them the outcomes.<\/p>\n\n\n\n
That\u2019s when they can say that you\u2019re including patching, endpoint management, data recovery, business continuity, disaster recovery planning, vulnerability management, XDR, SIEM, end user cybersecurity awareness training, email security, your Microsoft licensing, or your Google workspace. You bring all of those together and that’s how you get to an amount per seat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nLooking at the threat landscape today, where do you see the greatest growth opportunities for MSPs? Can the MSP and MSSP or MSSP-style model live side by side in harmony?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n
How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope<\/title>\n<meta name=\"description\" content=\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:description\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T08:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T14:41:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"wordCount\":1628,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"description\":\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"width\":2121,\"height\":1414,\"caption\":\"Butterfly emerges\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_locale":"en_US","og_type":"article","og_title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_description":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-11-13T08:37:00+00:00","article_modified_time":"2025-11-13T14:41:22+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png","type":"image\/png"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"wordCount":1628,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","width":2121,"height":1414,"caption":"Butterfly emerges"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12814"}],"version-history":[{"count":6,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions\/12898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\n\nToday, you need true 24\/7, 365 humans on keyboards in front of screens who can respond to an event in minutes, not hours. <\/p>\n\n\n\n
It is not a tool that you go and purchase. If you are going 24\/7, it takes talented individuals finding those talented individuals, and certifying them. Look towards the major certificate vendors. All of them have their version of a SOC analyst or Security Plus or Cloud Security. You want a security analyst, which is a different set of skills. They come at a premium.<\/p>\n\n\n\n
Ask yourself the honest question of, \u201cCan I find just over 8,700 hours of payroll to pay just to have one person on shift 24\/7 throughout the year\u201d?<\/p>\n\n\n\n
That\u2019s where maybe instead of moving into the MSSP sphere, you partner with an MSSP and split the workload. Your path to profitability should be much faster and smoother.<\/p>\n<\/div>\n<\/div>\n\n\n\n
<\/figure>\n<\/div>\n\n\n\nHow can MSPs on the road to an MSSP offering weave in industry frameworks into their service delivery?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nAgain, it’s the \u201cWho are your clients?\u201d question. The easiest way is to sit down and read the frameworks and standards, which are freely available, like the NIST cybersecurity framework or the CIS version. Don’t go and pay for training courses as your first step.<\/p>\n\n\n\n
Use it as a gap analysis. You’ll come out of it with things you can’t do and figure out how you can do them. The NIST Cybersecurity Framework and ISO 27002 are a lot longer. Ask yourself, \u201cAre we doing this just to be better or is it for compliance purposes?\u201d And if it is for compliance purposes, are you doing this as part of the CSO work or compliance-as-a-service work? That\u2019s your driving force.<\/p>\n\n\n\n
If you can build that underneath a vCISO [Virtual Chief Information Security Officer] offering or compliance-as-a-service offering, it\u2019s one additional revenue opportunity. A vCISO service enables you to support larger clients whose security needs exceed what you can manage alone. It\u2019s a revenue opportunity you might be able to build over time.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\n\u00a0Incident response is often make or break in the service line in a contract. What would be your advice on creating clear service level agreements that both MSPs and their clients can trust?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nOne of the first things I ask is, \u201cDo you have a shared responsibility matrix with every one of your clients?\u201d and, \u201cAre you managing and maintaining a risk register for every one of your clients?\u201d If you ask these questions, you can set proper expectations with your clients about what incident responses, SLAs, and SLOs are going to look like.<\/p>\n\n\n\n
And before you go talk to your clients about it, do it for yourself. You will figure out all these extra considerations you need to be making around incident response.<\/p>\n\n\n\n
You need to have a conversation with your clients about the expectations of their insurance coverage. You should be getting the information of your client\u2019s cyber insurance providers today so you can reach out to them and ask, \u201cWhat is the SOP? What are the expectations? Can you provide me with a list of the DFIR [digital forensics and incident response] firms that you’re going to engage with?\u201d<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nWhat operational pitfalls do MSPs commonly encounter when they start to build out and scale cybersecurity offerings, and how can they streamline those processes to avoid burnout?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\n Know that none of this is going to be solved by a new tool. The majority is going to be process and procedures, documentation, workflows, doing the \u201cboring\u201d work of risk registers and reviewing it with your clients, because they are the ones in the end that are accountable.<\/p>\n\n\n\n
As an MSP, you’ll start understanding your client’s business better than they do. And you\u2019ll see the landmines. Even if they\u2019re not going to pay you for it, your findings will still need to go in the risk register; because if you don’t bring it up and that’s what burns them, then you’re going to have to explain why you never brought it up.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nCybersecurity can be a tough sell to clients. How should they package, price and position new security or service offerings that resonate with the existing clients, but also keep the door open to new clients?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nThere are tons of ways to approach this based on who you are as an MSP, your internal culture, what your plans for your MSP going forward are.<\/p>\n\n\n\n
Line iteming your services really hurts you because it gives clients an opportunity to have an argument with you about why they do or do not need this particular thing. It should be a consolidated package where you’re not exposing the cost of each individual component.<\/p>\n\n\n\n
Instead of describing the tool you’re using, describe the outcomes you’re delivering. Clients are not going to care about which tool you use to handle patching or to remote access their systems. They’re going to care if it\u2019s safe and secure.<\/p>\n\n\n\n
It also makes it a lot easier on your sales team. They’re able to sell them the outcomes.<\/p>\n\n\n\n
That\u2019s when they can say that you\u2019re including patching, endpoint management, data recovery, business continuity, disaster recovery planning, vulnerability management, XDR, SIEM, end user cybersecurity awareness training, email security, your Microsoft licensing, or your Google workspace. You bring all of those together and that’s how you get to an amount per seat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nLooking at the threat landscape today, where do you see the greatest growth opportunities for MSPs? Can the MSP and MSSP or MSSP-style model live side by side in harmony?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n
How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope<\/title>\n<meta name=\"description\" content=\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:description\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T08:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T14:41:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"wordCount\":1628,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"description\":\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"width\":2121,\"height\":1414,\"caption\":\"Butterfly emerges\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_locale":"en_US","og_type":"article","og_title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_description":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-11-13T08:37:00+00:00","article_modified_time":"2025-11-13T14:41:22+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png","type":"image\/png"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"wordCount":1628,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","width":2121,"height":1414,"caption":"Butterfly emerges"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12814"}],"version-history":[{"count":6,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions\/12898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\n\nAgain, it’s the \u201cWho are your clients?\u201d question. The easiest way is to sit down and read the frameworks and standards, which are freely available, like the NIST cybersecurity framework or the CIS version. Don’t go and pay for training courses as your first step.<\/p>\n\n\n\n
Use it as a gap analysis. You’ll come out of it with things you can’t do and figure out how you can do them. The NIST Cybersecurity Framework and ISO 27002 are a lot longer. Ask yourself, \u201cAre we doing this just to be better or is it for compliance purposes?\u201d And if it is for compliance purposes, are you doing this as part of the CSO work or compliance-as-a-service work? That\u2019s your driving force.<\/p>\n\n\n\n
If you can build that underneath a vCISO [Virtual Chief Information Security Officer] offering or compliance-as-a-service offering, it\u2019s one additional revenue opportunity. A vCISO service enables you to support larger clients whose security needs exceed what you can manage alone. It\u2019s a revenue opportunity you might be able to build over time.<\/p>\n<\/div>\n<\/div>\n\n\n\n
<\/figure>\n<\/div>\n\n\n\n\u00a0Incident response is often make or break in the service line in a contract. What would be your advice on creating clear service level agreements that both MSPs and their clients can trust?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nOne of the first things I ask is, \u201cDo you have a shared responsibility matrix with every one of your clients?\u201d and, \u201cAre you managing and maintaining a risk register for every one of your clients?\u201d If you ask these questions, you can set proper expectations with your clients about what incident responses, SLAs, and SLOs are going to look like.<\/p>\n\n\n\n
And before you go talk to your clients about it, do it for yourself. You will figure out all these extra considerations you need to be making around incident response.<\/p>\n\n\n\n
You need to have a conversation with your clients about the expectations of their insurance coverage. You should be getting the information of your client\u2019s cyber insurance providers today so you can reach out to them and ask, \u201cWhat is the SOP? What are the expectations? Can you provide me with a list of the DFIR [digital forensics and incident response] firms that you’re going to engage with?\u201d<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nWhat operational pitfalls do MSPs commonly encounter when they start to build out and scale cybersecurity offerings, and how can they streamline those processes to avoid burnout?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\n Know that none of this is going to be solved by a new tool. The majority is going to be process and procedures, documentation, workflows, doing the \u201cboring\u201d work of risk registers and reviewing it with your clients, because they are the ones in the end that are accountable.<\/p>\n\n\n\n
As an MSP, you’ll start understanding your client’s business better than they do. And you\u2019ll see the landmines. Even if they\u2019re not going to pay you for it, your findings will still need to go in the risk register; because if you don’t bring it up and that’s what burns them, then you’re going to have to explain why you never brought it up.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nCybersecurity can be a tough sell to clients. How should they package, price and position new security or service offerings that resonate with the existing clients, but also keep the door open to new clients?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nThere are tons of ways to approach this based on who you are as an MSP, your internal culture, what your plans for your MSP going forward are.<\/p>\n\n\n\n
Line iteming your services really hurts you because it gives clients an opportunity to have an argument with you about why they do or do not need this particular thing. It should be a consolidated package where you’re not exposing the cost of each individual component.<\/p>\n\n\n\n
Instead of describing the tool you’re using, describe the outcomes you’re delivering. Clients are not going to care about which tool you use to handle patching or to remote access their systems. They’re going to care if it\u2019s safe and secure.<\/p>\n\n\n\n
It also makes it a lot easier on your sales team. They’re able to sell them the outcomes.<\/p>\n\n\n\n
That\u2019s when they can say that you\u2019re including patching, endpoint management, data recovery, business continuity, disaster recovery planning, vulnerability management, XDR, SIEM, end user cybersecurity awareness training, email security, your Microsoft licensing, or your Google workspace. You bring all of those together and that’s how you get to an amount per seat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nLooking at the threat landscape today, where do you see the greatest growth opportunities for MSPs? Can the MSP and MSSP or MSSP-style model live side by side in harmony?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n
How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope<\/title>\n<meta name=\"description\" content=\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:description\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T08:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T14:41:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"wordCount\":1628,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"description\":\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"width\":2121,\"height\":1414,\"caption\":\"Butterfly emerges\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_locale":"en_US","og_type":"article","og_title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_description":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-11-13T08:37:00+00:00","article_modified_time":"2025-11-13T14:41:22+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png","type":"image\/png"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"wordCount":1628,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","width":2121,"height":1414,"caption":"Butterfly emerges"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12814"}],"version-history":[{"count":6,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions\/12898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\n\nOne of the first things I ask is, \u201cDo you have a shared responsibility matrix with every one of your clients?\u201d and, \u201cAre you managing and maintaining a risk register for every one of your clients?\u201d If you ask these questions, you can set proper expectations with your clients about what incident responses, SLAs, and SLOs are going to look like.<\/p>\n\n\n\n
And before you go talk to your clients about it, do it for yourself. You will figure out all these extra considerations you need to be making around incident response.<\/p>\n\n\n\n
You need to have a conversation with your clients about the expectations of their insurance coverage. You should be getting the information of your client\u2019s cyber insurance providers today so you can reach out to them and ask, \u201cWhat is the SOP? What are the expectations? Can you provide me with a list of the DFIR [digital forensics and incident response] firms that you’re going to engage with?\u201d<\/p>\n<\/div>\n<\/div>\n\n\n\n
<\/figure>\n<\/div>\n\n\n\nWhat operational pitfalls do MSPs commonly encounter when they start to build out and scale cybersecurity offerings, and how can they streamline those processes to avoid burnout?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\n Know that none of this is going to be solved by a new tool. The majority is going to be process and procedures, documentation, workflows, doing the \u201cboring\u201d work of risk registers and reviewing it with your clients, because they are the ones in the end that are accountable.<\/p>\n\n\n\n
As an MSP, you’ll start understanding your client’s business better than they do. And you\u2019ll see the landmines. Even if they\u2019re not going to pay you for it, your findings will still need to go in the risk register; because if you don’t bring it up and that’s what burns them, then you’re going to have to explain why you never brought it up.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nCybersecurity can be a tough sell to clients. How should they package, price and position new security or service offerings that resonate with the existing clients, but also keep the door open to new clients?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nThere are tons of ways to approach this based on who you are as an MSP, your internal culture, what your plans for your MSP going forward are.<\/p>\n\n\n\n
Line iteming your services really hurts you because it gives clients an opportunity to have an argument with you about why they do or do not need this particular thing. It should be a consolidated package where you’re not exposing the cost of each individual component.<\/p>\n\n\n\n
Instead of describing the tool you’re using, describe the outcomes you’re delivering. Clients are not going to care about which tool you use to handle patching or to remote access their systems. They’re going to care if it\u2019s safe and secure.<\/p>\n\n\n\n
It also makes it a lot easier on your sales team. They’re able to sell them the outcomes.<\/p>\n\n\n\n
That\u2019s when they can say that you\u2019re including patching, endpoint management, data recovery, business continuity, disaster recovery planning, vulnerability management, XDR, SIEM, end user cybersecurity awareness training, email security, your Microsoft licensing, or your Google workspace. You bring all of those together and that’s how you get to an amount per seat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nLooking at the threat landscape today, where do you see the greatest growth opportunities for MSPs? Can the MSP and MSSP or MSSP-style model live side by side in harmony?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n
How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope<\/title>\n<meta name=\"description\" content=\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:description\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T08:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T14:41:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"wordCount\":1628,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"description\":\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"width\":2121,\"height\":1414,\"caption\":\"Butterfly emerges\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_locale":"en_US","og_type":"article","og_title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_description":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-11-13T08:37:00+00:00","article_modified_time":"2025-11-13T14:41:22+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png","type":"image\/png"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"wordCount":1628,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","width":2121,"height":1414,"caption":"Butterfly emerges"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12814"}],"version-history":[{"count":6,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions\/12898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\n\nKnow that none of this is going to be solved by a new tool. The majority is going to be process and procedures, documentation, workflows, doing the \u201cboring\u201d work of risk registers and reviewing it with your clients, because they are the ones in the end that are accountable.<\/p>\n\n\n\n
As an MSP, you’ll start understanding your client’s business better than they do. And you\u2019ll see the landmines. Even if they\u2019re not going to pay you for it, your findings will still need to go in the risk register; because if you don’t bring it up and that’s what burns them, then you’re going to have to explain why you never brought it up.<\/p>\n<\/div>\n<\/div>\n\n\n\n
<\/figure>\n<\/div>\n\n\n\nCybersecurity can be a tough sell to clients. How should they package, price and position new security or service offerings that resonate with the existing clients, but also keep the door open to new clients?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nThere are tons of ways to approach this based on who you are as an MSP, your internal culture, what your plans for your MSP going forward are.<\/p>\n\n\n\n
Line iteming your services really hurts you because it gives clients an opportunity to have an argument with you about why they do or do not need this particular thing. It should be a consolidated package where you’re not exposing the cost of each individual component.<\/p>\n\n\n\n
Instead of describing the tool you’re using, describe the outcomes you’re delivering. Clients are not going to care about which tool you use to handle patching or to remote access their systems. They’re going to care if it\u2019s safe and secure.<\/p>\n\n\n\n
It also makes it a lot easier on your sales team. They’re able to sell them the outcomes.<\/p>\n\n\n\n
That\u2019s when they can say that you\u2019re including patching, endpoint management, data recovery, business continuity, disaster recovery planning, vulnerability management, XDR, SIEM, end user cybersecurity awareness training, email security, your Microsoft licensing, or your Google workspace. You bring all of those together and that’s how you get to an amount per seat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
\n\n<\/figure>\n<\/div>\n\n\n\n\nLooking at the threat landscape today, where do you see the greatest growth opportunities for MSPs? Can the MSP and MSSP or MSSP-style model live side by side in harmony?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n
How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope<\/title>\n<meta name=\"description\" content=\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:description\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T08:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T14:41:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"wordCount\":1628,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"description\":\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"width\":2121,\"height\":1414,\"caption\":\"Butterfly emerges\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_locale":"en_US","og_type":"article","og_title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_description":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-11-13T08:37:00+00:00","article_modified_time":"2025-11-13T14:41:22+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png","type":"image\/png"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"wordCount":1628,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","width":2121,"height":1414,"caption":"Butterfly emerges"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12814"}],"version-history":[{"count":6,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions\/12898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\n\nThere are tons of ways to approach this based on who you are as an MSP, your internal culture, what your plans for your MSP going forward are.<\/p>\n\n\n\n
Line iteming your services really hurts you because it gives clients an opportunity to have an argument with you about why they do or do not need this particular thing. It should be a consolidated package where you’re not exposing the cost of each individual component.<\/p>\n\n\n\n
Instead of describing the tool you’re using, describe the outcomes you’re delivering. Clients are not going to care about which tool you use to handle patching or to remote access their systems. They’re going to care if it\u2019s safe and secure.<\/p>\n\n\n\n
It also makes it a lot easier on your sales team. They’re able to sell them the outcomes.<\/p>\n\n\n\n
That\u2019s when they can say that you\u2019re including patching, endpoint management, data recovery, business continuity, disaster recovery planning, vulnerability management, XDR, SIEM, end user cybersecurity awareness training, email security, your Microsoft licensing, or your Google workspace. You bring all of those together and that’s how you get to an amount per seat.<\/p>\n<\/div>\n<\/div>\n\n\n\n
<\/figure>\n<\/div>\n\n\n\nLooking at the threat landscape today, where do you see the greatest growth opportunities for MSPs? Can the MSP and MSSP or MSSP-style model live side by side in harmony?<\/h3>\n<\/div>\n<\/div>\n\n\n\n\n\n<\/figure>\n<\/div>\n\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n
How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope<\/title>\n<meta name=\"description\" content=\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:description\" content=\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-13T08:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-13T14:41:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"},\"wordCount\":1628,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\",\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"datePublished\":\"2025-11-13T08:37:00+00:00\",\"dateModified\":\"2025-11-13T14:41:22+00:00\",\"description\":\"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Butterfly-emerges.png\",\"width\":2121,\"height\":1414,\"caption\":\"Butterfly emerges\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/why-msps-should-offer-security-first-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_locale":"en_US","og_type":"article","og_title":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_description":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","og_url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-11-13T08:37:00+00:00","article_modified_time":"2025-11-13T14:41:22+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges-1024x683.png","type":"image\/png"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"},"wordCount":1628,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","url":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/","name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","datePublished":"2025-11-13T08:37:00+00:00","dateModified":"2025-11-13T14:41:22+00:00","description":"Lewis Pope, Head Security at N-able, tells us why it's imperative that MSPs turn into MSSPs and offer cyber security services today.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Butterfly-emerges.png","width":2121,"height":1414,"caption":"Butterfly emerges"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/why-msps-should-offer-security-first-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"How to shift from MSP to MSSP, with N-able\u2019s Lewis Pope"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12814"}],"version-history":[{"count":6,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions"}],"predecessor-version":[{"id":12898,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12814\/revisions\/12898"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12897"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\n\nI believe they can live side by side. They reinforce each other. They can cover each other\u2019s gaps.<\/p>\n\n\n\n
I think the bigger thing is being ready. More business conversations need to be had. Risk management needs to be a part of what you’re doing\u2014being able to sit down with a client and help them calculate their annualized loss expectancy from events. Do they understand what it\u2019s going to look like if you have to restore their entire environment?<\/p>\n\n\n\n
Honest conversations are how you get clients to say, \u201cNo, that’s not acceptable\u201d. Then you can say \u201cNo, it\u2019s not, we\u2019re going to have to spend a lot more money to get you to something that is acceptable for you\u201d. Make no assumptions on what your clients are willing to pay. And if brutal honesty gets you into a position with a client or a prospect where they turn their nose up at you, take that as an indicator that the risk they represent may not be worth it.<\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Cybersecurity isn\u2019t just a technical challenge\u2014it\u2019s a business imperative. By now, MSPs all know that offering security-first services is no longer optional\u2014but knowing where to start, how to scale, and what to prioritize can be overwhelming. So, because we love you, we sat down with Lewis Pope, Head Security Nerd at N-able, to unpack the […]<\/p>\n","protected":false},"author":31,"featured_media":12897,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12814","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"\n