Expert Advice for Installing Security Contractors to Offer Cyber Services
Defendify Co-Founder Rob Simopoulos discusses the cyber landscape and informs integrators about opportunities in this burgeoning field.
Rob Simopoulos
Cybersecurity firm Defendify specializes in working primarily with small businesses to bridge the gap between cyber and physical security solutions. Co-founder Rob Simopoulos joins the conversation to discuss the cyber landscape and to inform systems integrators about opportunities in this burgeoning field.
How commonly are cybersecurity policies written into request for proposals (RFPs)?
We’ve seen an increase in the number of RFPs requiring companies to have cybersecurity programs in place. These have been seen in a variety of different vertical markets, and it’s especially common when the end user is an enterprise organization with a mature security team.
Outside of RFPs, we have also seen an increase in the use of vendor cybersecurity assessments. Vendors are receiving questionnaires from their customers asking about their internal cybersecurity programs. The end user’s security team uses these findings to determine if the vendor’s cybersecurity posture meets their requirements.
What do end users want to learn about an integrator before doing business with them?
End-user security teams want to understand that the security integrator they are working with has appropriate cybersecurity hygiene not only around the implementation and installation of devices and systems, but also that they are protecting the sensitive information provided for the project.
Security integrators store their customers’ sensitive information, including building floorplans, network topology, IP and MAC addresses, passwords to devices, and credentials to software systems. From the customers’ perspective, it’s vitally important that the security integrator protect that data, as loss or compromise of it may negatively affect their cybersecurity.
As an integrator takes on the role of a managed service provider, what are some key RMR-generating features that would comprise the service contract?
Defendify allows a managed security service provider to deliver a comprehensive solution and quickly grow RMR. It includes 12 unique modules that can be built into a variety of custom packages allowing flexibility to meet customers’ needs.
A great example of one of those unique modules is the Defendify Vulnerability Scanner. It is deployed in minutes and scans external and internal networks, looking for vulnerabilities on computers, servers, applications and IoT devices. Recently, one of our managed security service partners used the scanner and was able to identify a critical configuration flaw: numerous security cameras with default passwords were detected.
So much emphasis is put on cyber-protecting the end customer’s network, but what should integrators being doing to protect their own network infrastructure?
The days of cybersecurity protection simply consisting of antivirus on computers and a firewall at the network perimeter are over. Cybersecurity requires a comprehensive approach that includes conducting regular assessments and testing that can identify holes, weaknesses and vulnerabilities, having policies and response plans in place, conducting employee training and implementing numerous technology controls.
A great place for an organization to begin is to conduct a cybersecurity assessment. Once a holistic assessment is completed, an organization will have a better understanding of where they need to make improvements and implement further protection.
How does the Defendify solution simplify the application of cybersecurity measures?
Defendify is an all-in-one cybersecurity platform that delivers a comprehensive program for a company. It has 12 modules that include assessment tools, policy and incident response plan builders, employee training, phishing simulations, and network and device testing and scanning. The platform is fully automated, so once activated, which can be done in minutes, an organization can begin to implement a comprehensive cybersecurity program at their company.
What type of skillsets will be necessary for an installing security contractor with little or no previous experience in offering a managed services program?
With Defendify, our dedicated success team assists our partners in taking Defendify to market. This includes go-to-market strategy, marketing, and ongoing training and support. While some technical knowledge is helpful when working with customers on cybersecurity, the Defendify platform makes it easy to deploy a comprehensive, holistic program without any special cybersecurity skills.
We have several security integrator partners who have successfully added cybersecurity to their offering along with traditional physical security solutions.
Any other advice or insights for integrators related to an MSP offering?
By offering cybersecurity to their customers, a provider can differentiate themselves from the competition. As a cybersecurity provider, not only can you provide the end user peace of mind that they’re working with a company who takes cybersecurity seriously, but you can also bundle services beyond the traditional physical security offering that the competition provides.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.