How to Build Ransomware Protection Packages That Clients Want

Blue military radar screen with grid coordinates and positioning. The scanner axis is spinning around the center and a detected object (plane or missile) is observed on the top half.

The latest surveys and stats all point to the same thing — ransomware is still among MSPs’ top concerns in 2023.

There’s good reason for that. Ransomware is highly destructive, and disrupts both client businesses as well as the MSPs that serve them. High-value ransom demands against major enterprises tend to grab headlines, but it’s small businesses that are most at-risk. Attacks against SMBs comprise about 75% of all ransomware cases — and the security challenges facing these organizations are overwhelming.

Upselling clients to advanced security protection should be a no-brainer, then. But MSPs face their own operational challenges when it comes to adopting, selling and managing new solutions.

Let’s explore the dangers posed by ransomware today, and how to build — and sell — protection plans that will serve both your clients and your own business.

The state of ransomware in 2023

Ransomware, by definition, is malicious software — used by cybercriminals — that is designed to extort money from its target. Traditionally, the approach was simple: malware encrypts the victim’s files, and the victim must pay for the restoration of their data.

As IT environments (and security solutions) evolve, so has ransomware. Automated data backups are commonplace, which limits the leverage cybercriminals have over their victims. In response, double extortion tactics —where sensitive data is exfiltrated before encryption, and criminals threaten its public release — have become the new norm for many ransomware gangs. We now see triple and even quadruple extortion as threat actors harass victims’ customers and partners or carry out DDoS attacks, increasing the pressure to pay up.

Selling clients on the importance of ransomware protection

For the average small–to–mid-sized business, ransomware is a matter of life and death. Problem is, they may not know it.

The high cost of ransom payments can cripple organizations of any size. And paying a ransom offers no guarantee that the attackers won’t retain sensitive data or launch further attacks in the future. It may even encourage other cybercriminals to view the company as a ripe target.

But even if the organization has sufficiently robust backup and recovery tools to avoid paying a ransom, the indirect costs — from lost output and opportunities to regulatory fees and reputational harm — are significant.

A recent Acronis survey of 6,200 IT professionals across 22 countries showed that 76% of companies had experienced downtime in the past year; a majority of respondents named ransomware as one of their top concerns. For most SMBs, each hour of downtime costs upwards of $10,000.

Most MSPs will have already encountered resistance when pitching a service to one client or another, often because the client doesn’t see themself as a potential victim. Be prepared to emphasize the costs they’ll face when (not if) they are eventually targeted by a cyberattack.

Challenges of ransomware protection

Effectively protecting clients against ransomware can feel like a tall order.

Attack surfaces have ballooned — partially due to the shift towards remote/hybrid work in recent years, but also simply because the number of internet-connected devices is growing exponentially. Meanwhile, cybercriminals are using AI and automation to generate a flood of brand-new threats every day.

Legacy security solutions aren’t up to the task — according to a study from the Ponemon Institute, antivirus software fails to detect about 57% of all attacks. And while security patches for software vulnerabilities are released frequently, they don’t help until they’re actually installed (across all vulnerable endpoints). That same study notes that the average time-to-patch is 102 days, giving cybercriminals plenty of time to leverage known flaws.

Some service providers are responding by scooping up more and more disparate security solutions, hoping to patch together complete protection for clients’ environments. This approach can actually do more harm than good. Most MSPs report that they’re adding tools faster than they can manage to train employees on their effective use, and profitability is slipping as they lose significant time to solution management. For many, the number of security tools is so burdensome that it actually increases risk.

Building anti-ransomware service packages for sales and profit

With these challenges in mind, the key to profitability lies building smarter service packages and minimizing tool sprawl. An integrated cyber protection delivery platform helps you to drive the sale of security-first solutions for both protection and profit.

There are three straightforward ways of boosting profitability, and we’ll find that integrated delivery platforms support them all:

  • Get customers to buy more
  • Optimize the average price paid
  • Become more efficient

A common approach to service bundling is the “three tier model,” where you can think of your packages as good, better and best. It’s well-established in marketing circles that this method lowers sales resistance and streamlines negotiating, because the customer feels more in control; the question quickly changes from “Should I buy?” to “Which one should I buy?”

What three-tiered pricing subtly conveys to your prospective clients is that by working with you, they’ll be able to find a package that suits their unique needs. A neat trick of psychology also means that people are primed, when presented with three choices, to select the middle option most of the time. That’s why this method is sometimes called the “Goldilocks Technique” — many will find that the middle option is just right. As a result, they may choose to invest in services that they would otherwise ignore, and you’ll have more freedom to find a price point that supports higher margins on included solutions.

Given the high demands on your team when a client falls victim to cyberattacks — not to mention the potential for an attack to spread throughout your own systems and downstream — we strongly recommend that proactive cybersecurity is an essential part of each service tier. Clients who refuse to invest in modern security solutions are a costly risk to both your own business and your other clients, and should be dropped.

Acronis Cyber Protect Cloud makes it easy to build bundles with a rich suite of capabilities. When you deliver essential data protection and security services through a single, integrated platform, enabling new solutions — and generating new revenue streams — is as simple as hitting a switch. There’s no need to juggle multiple product interfaces, or to worry about whether your new services will function neatly alongside existing tools.

By saving time and resources that would otherwise be spent on training and management, you’ll increase profits and be better positioned to focus on what matters: helping clients and growing your business further.

This guest blog is courtesy of Acronis. Read more Acronis guest blogs here. Regularly contributed guest blogs are part of ChannelE2E’s sponsorship program.