Let’s Talk Cybersecurity: Hacks & Hops Recap with Ostra

Did you miss the Hacks & Hops Virtual Security Conference on October 14? We weren’t able to connect in person this year, but this year’s event did not disappoint even though we got together virtually.

Hosted by FRSecure, one of Ostra’s Channel Partners, Hacks and Hops is a free, full-day virtual conference that brings information security professionals together to learn, network and enjoy beer (over Zoom, anyway!) Ostra was a proud sponsor of this year’s event.

Getting Real: The Problem with Technology Providers and MSSPs

It was a jam-packed day of best practice sharing from experts across the industry. Several speakers presented on topics ranging from mental health, cyber insurance, MSSPs, and more. We hosted a thought-provoking conversation with Ostra’s Founder, Michael Kennedy.

In his engaging and authentic style, Michael shared a 40-minute presentation entitled The Problem with Technology Providers and MSSPs. It explored cybersecurity best practices, challenges being ignored (by clients and providers), and opportunities for all to keep learning and do better.

Watch a free, on-demand replay of Mike’s full session here.

In the first portion of his presentation, Michael shared how an MSSP/Tech Provider’s best practices of honesty, advocacy and transparency are key to recognizing and rewarding clients’ current cybersecurity efforts.

In the cybersecurity world, there’s a lot of good being done, but we still have more to do. In his session, Michael shared his top three best practices that are key for any MSSP or tech provider to recognize and reward clients’ on cybersecurity efforts.

1. Best Practice #1: Honesty

It’s important to recognize what clients are doing right. Michael reminded participants, “If it’s a competitor tool and it’s a pretty good one, give them credit for getting something implemented—we all know it’s difficult to buy, implement, and manage tools.”

Another way service providers can be honest is to build trust—not fear. This can be hard, especially if you find out a customer is doing something that is really putting their organization at immediate risk. But Michael encouraged tech providers to first care about their customer’s business, what they do, and why they are successful before starting to critique their attack surface.

 

“A foundation of trust helps clients honestly share their concerns and fears. This lets us, as their partners, truly help them detect, prevent and remediate threats.”

2. Best Practice #2: Advocacy

When clients get a list of things to do that they don’t know how to execute, a good technology partner will be their advocate and help relieve the burden.

According to Michael, “Reports mean nothing if we are not there to walk customers through it or help them.” He emphasized the need to educate customers so they understand the tools and resources they are using, and how they work—versus just selling them a product or a blinking light.

In his experience, it’s about being the trusted partner who can detect, prevent and remediate. “We see quite a few businesses who are tired of not knowing how to manage the tools that were sold to them.”

3. Best Practice #3: Transparency

Michael believes in sharing the pros and cons of competitors, and said MSSPs should not be afraid to work with multiple channel partners or give outside referrals if that’s the best solution for customers.

He challenged the audience, “What is our core purpose? To [help businesses] prevent or recover quickly from cyberattacks, we might not be the right solution—and that’s ok.” This philosophy is in keeping with Ostra’s commitment to making cybersecurity more cost-effective for small and medium-sized businesses.

Being open and transparent with so-called competitors can also bring surprising results. Michael shared some of Ostra’s learning experiences in this area.

“A perfect example of this is, we were being constantly compared to a couple of other companies in town.” But rather than building marketing to compete with them, Ostra took another approach. “We called them up, sat down with the leadership and technical teams, and discovered we are not even close to being competitors—and now we have strategic partnerships and can help each other out.”