CyberVersed episode 48 is Part 2 of our focus on the MSP Community. Mandy Haeburn-Little is joined by Michelle Ohren, Director of the Cyber Resilience Centre for the West Midlands, Wayne Selk, VP, Cybersecurity Programs & Executive Director, GTIA ISAO, and Patrick Milford, the newly appointed Cyber Resilience Centre (CRC) Lead.

Michelle shares her experience working with the MSP community. She believes they are essential to the ecosystem, where all stakeholders are focused on the same outcome: helping businesses avoid becoming victims of cybercrime. Michelle explains how she opened the conversation with MSPs to encourage them and explain why they are better equipped to support the SME community when they work together. She also cites an excellent example of an MSP referring a client to the CRC to ensure they received the best possible service for the budget they had available.

Patrick outlines his new role as CRC Lead and his aim to ensure a consistent approach across the network, enabling them to support the SME community at scale. He then discusses his experience working with MSPs as the Director of the Cyber Resilience Centre for the South East. He explains why they were pivotal in reaching many SMEs in the region. He also outlines the benefits of the CRCs being vendor-neutral.

Turning the focus back to his new role, Patrick emphasises that strengthening MSP relationships will be a primary focus for the entire CRC Network going forward. He also provides a valuable example of how the South East CRC has developed a strong working relationship with a large MSP in the South East region following an introduction at the recent GTIA ChannelCon EMEA Conference in London. South East CRC is now working closely with them, delivering joint webinars to their clients; it is an excellent example of how these collaborations are starting to pay dividends.

Wayne goes on to talk about the importance of trust. He acknowledges the great work the CRC Network has done in building trust, so that MSPs are now not just willing to work with the CRC Network but actively seeking opportunities to collaborate in the future.

Patrick talks about the National Engagement Strategy and how it will focus on driving behavioural change, encouraging SMEs to adopt Cyber PATH services and explore Cyber Essentials and Cyber Essentials Plus. Patrick sees MSPs as a vital element of this engagement strategy and welcomes the NCSC's recent guidance about what to look for when selecting an MSP. Wayne agrees with Patrick's assessment but goes further, explaining why SMEs must enquire about an MSP's processes for ongoing maturity and continuous improvement. All three agree that the NCSC's MSP guidance, combined with greater trust and confidence across the entire ecosystem, will enable SMEs to receive the proper expert advice.

Michelle Ohren provides an update on the new West Midlands Cyber Hub based at Millennium Point in Birmingham and agrees to come back to the CyberVersed to explain their work in more detail.

Links:

Cyber Security Resilience Bill

NCSC - Choosing a Managed Service Provider

West Midlands Cyber Hub

In CyberVersed episode 47 Mandy Haeburn-Little is joined by two National Ambassador representatives: Wayne Selk, VP, Cybersecurity Programs & Executive Director, GTIA ISAO, and Jamie Akhtar, Co-Founder and CEO of CyberSmart. The topic of discussion is 'The MSP community,' which is Part 1 of a focus on MSPs.

It's a lively and engaging three-way discussion that provides excellent insights into the MSP community and why they are essential in the drive to make the SME community throughout the UK better prepared and ultimately more cyber resilient.

To begin the discussion, Wayne and Jamie define an MSP and discuss how the industry has developed in recent years from a 'Break-Fix' model to an essential provider of managed services to most businesses. Both Jamie and Wayne reinforce the pivotal role MSPs play in improving the cyber resilience of SMEs, explaining why they agree they are the key to greater protection for the SME community.

They chat about regulation and what they consider the best way to develop the MSP community going forward to ensure SMEs receive the best possible service from their providers.

Jamie provides insight into what their partners are telling them about their clients' attitude towards cybersecurity and shares some of the reasons cyber is not at the top of their list of priorities. Both then discuss the challenges of how cyber is presented and the need to reset the conversation around 'the why' rather than the technology. Wayne explains why he believes it should be much more about explaining business risk to business owners and how this approach is proving to be a revenue driver among their members.

Jamie also touches on what SMEs want and why MSPs must deliver solutions that provide complete cyber confidence.

Mandy then guides the conversation to 'two-way communication' and the efforts both organisations are making to improve the sharing of intel to and from the SME community. Wayne provides a great analogy to explain why everyone needs to share their piece of the jigsaw to see the whole picture. Jamie then reinforces that the MSPs are an essential element in completing the picture.

The conversation then moves on to the role that the CRC Network play in delivering the message to the SME community and why the National Ambassadors must do what they can to improve the amplification of the great work being done through the Cyber Resilience Centres.

Jamie also mentions the impending Cyber Security Resilience Bill and its impact on the MSP community. While Jamie describes it as one of the most significant shifts in the cybersecurity landscape, he expresses caution, believing it's a start but not the complete solution.

The whole discussion sets a good picture and leads nicely into the next CyberVersed episode, which will be part two of the MSP-focused discussion, when they will also be joined by team members from the CRC Network.

NCSC has also recently published guidance for SMEs when choosing an MSP. You can view it here.

In CyberVersed episode 46 Mandy Haeburn-Little is joined by Jamie Akhtar, Co-Founder and CEO of our newest National Ambassador, CyberSmart, a leading cyber security specialist. They are ideally suited as a National Ambassador company. With over 1,000 Managed Service Providers (MSPs) and over 6,000 SME customers in the UK, they are primed to act as an enabler to this crucial sector within the digital economy. In partnering with NCRCG, CyberSmart seeks to empower MSPs and SMEs around cyber resilience and signpost the support offered by the CRC Network and the national technical authority, NCSC.

Jamie begins by explaining what CyberSmart is and what it does, highlighting their 'obsession' with making cyber security more accessible for SMEs. He explains what he means when he says emotion is one of the great drivers in the business, and why their 'relentless pursuit' is to solve the cyber security problem.

The two talk about company culture, and Jamie provides insight into why culture is so vital to CyberSmart, as it should be for every organisation, empowering everyone to grow by investing in people. How they deliver - through teamwork, drawing on a broad range of skills and experience to make change happen. He goes on to define teamwork as being able to ask for help when you need it and being willing to assist when someone else needs it. For CyberSmart, it's about reflecting on what you have been doing and exploring ways to improve for the benefit of our customers.

Importantly, Jamie points out that they have actively developed the culture rather than simply letting it evolve.

Regarding MSPs, he explains why he believes they are fundamental to solving these challenges: they have access to and can influence many SMEs in their client portfolios. Understanding where the partner is and what they do with their customers. Who are you working with where security is not investable enough, and how can we help the partner provide better solutions to their customers.

Mandy and Jamie go on to have a fascinating chat about Cognitive Bias in Cyber Psychology. It's a brief conversation Mandy would like to revisit with him in the future. Still, he does share nuggets to whet the appetite, such as how some people believe the internet provides people the opportunity to create a different version of themselves. Dissociation allows them to say things they wouldn't in real life. For example, he cites how teenagers committing cybercrimes is, in many ways, a version of this, where people are disconnected and further removed from a moral compass.

Both Jamie and Mandy agreed that it's a fascinating space; understanding why people are involved in cybercrime is part of the solution, and how intervention could win around some of the bright talent to do positive cyber work.

Jamie also turns the tables on Mandy and becomes the interviewer; he asks, "What's the itch you were trying to scratch when you got into cyber?" to which Mandy provides insight into her passion for all things cyber.

To finish, Jamie explains why he's never been more concerned or more excited about the future. Concern stems from the increasing sophistication of cybercrime, excitement comes from the fact that cyber is very much part of the conversation in the UK and now has a national voice, acknowledging that recognition of the problem has never been greater.