As Winston Churchill once wryly noted, a good crisis should never be wasted. A zero-day Log4j vulnerability that has roiled enterprise IT organizations, is only the latest in a series of cybersecurity incidents in the last year, that have left many organizations wondering if they need to rely more on managed service providers (MSPs) to better secure their IT environments.
Organizations that are being adversely impacted by these events are, first and foremost, looking for help. And as tempting as it may be for MSPs to customers in aftermath of these incidents, and remind them they might not be in their current predicament if they had only signed a contract earlier, it isn’t the most helpful approach in the middle of a crisis. MSPs would be well-advised to remain more cautious on this front, and instead offer to come to the aid of a potential customer free of charge. Using this approach, they are much more likely to be viewed as a services firm that truly has the best interests of their clients at heart.
An MSP that responds to a crisis with no strings attached is also much more likely to be invited back to help an organization implement a set of best practices that includes relying more on MSPs to manage such incidents on behalf of the customer. Any MSP that gets asked to participate in the review process after the immediate crisis has passed has already won the trust of the customer. Closing a managed services deal from there should be relatively trivial. Rival MSPs, after all, are generally going to find themselves helplessly left on the outside looking in.
Muscle memory helps MSPs respond to a crisis efficiently
The one thing that savvy MSPs realize is there is always going to be another crisis. They have invested in modern IT and security incident management platforms that make it possible for them to adroitly respond to the needs of existing and, just as importantly, potential customers whenever that next crisis inevitably strikes.
Based on processes that are rooted in the workflows that DevOps teams have created to automate the deployment of applications, a modern incident management platform enables MSPs to better expect the proverbial unexpected. The more MSPs become accustomed to responding to sudden events, the more routine it becomes. Muscle memory enables everyone working for that MSP to begin responding to a crisis, even before most end customers realize there’s an issue.
It requires a lot of time and effort for an MSP to build that kind of muscle memory. The best MSPs routinely practice responding to unexpected events. It’s difficult to set that time aside but when that next crisis arrives, the MSPs that have trained their IT teams to respond in the event of an emergency always fare better than those that find themselves wasting valuable time trying to simply determine who within their organization needs to be notified there’s an issue. Everyone within an MSP that is part of a trained incident management team already knows what needs to be done next and by whom.
Be the one who can be counted on in a crisis
The best part of being prepared is it’s usually not too long after a major incident that word starts to get around about which MSPs can be counted on in the moment of crisis versus those that are merely talking a good game right up until the moment they are needed most.
Photo: Monster Ztudio / Shutterstock