Land and Expand Cybersecurity Sales Strategies for MSPs and MSSPs

Land and expand cyberscurity sales strategies are essential when you’re adding new security products or services to your managed I.T. services practice.   The managed services sales cycle is long. Most operationally mature IT companies ask for a three-year commitment – this is now common practice.  Everyone already has IT support, and displacing an incumbent MSP is an uphill battle.  Your entire sales strategy for managed services sales will be built around data collection and well-timed follow up activity.  Very few clients break contracts (and the ones that do aren’t the clients you want) so how do you add new monthly recurring revenue when everyone is already buying what you’re selling?

Being Better Isn’t Enough

Unfortunately, most small business owners don’t usually have the technical understanding to differentiate your offering from your competitors offering.  “We already have that” is the most common objection you’ll encounter . You can begin to develop a relationship with a prospect that is content with their current provider, but the odds on this prospect making a change before their contract renewal date is near are extrenely low.

The odds on winning a contract renewal from an incumbent are about 50%, even with a moderately unhappy prospect.  Incumbent providers are the devil they know, and change is hard.  Educating prospects requires that prospects engage with you – and when they don’t see any reason to do so, it’s simple for the prospect to just say “thanks, but we’re good.”

What Is ‘Land and Expand’?

‘Land and Expand’ is a sales strategy that allows an MSP or and MSSP to sell a cybersecurity solution to a prospect. This cybersecurity sales strategy doesn’t require the buyer to replace one provider with another.  It offers prospects the ability to purchase something of value that won’t require them to fire anyone, or integrate anything.

Why Isn’t Everyone Already Buying Cybersecurity?

Excellent question.

A full 50% of small business owners don’t believe that they’re going to be affected by a cybersecurity incident.  Of the 50% that do believe they will be affected, 75% of those business owners don’t think it will be that big of a deal.

Why Aren’t ALL MSPs Forcing Their Clients to Buy Cybersecurity?

An even better question.

Remember when most I.T. services companies sold time and materials support?

Managed I.T. was in its’ infancy, and while it was often more profitable and provided reliable income for the business owners that adopted the model, many I.T. business owners resisted making the change, and did not want to ask their current clients to move to a managed support model.

Why did so many business owners resist changing to what was quickly becoming the industry standard support model?

  • They didn’t want to risk losing the revenue from a client that might not want to change models
  • They weren’t early adopters, and they didn’t see what their peers did
  • Their companies were profitable at the time, and they saw no reason to change

As more and more I.T. companies made the move to a managed I.T. business model, a shift began.  Entrepreneurs started managed I.T. companies, not time and materials consultancies.  Profitable MSPs began to exit for extraordinary multiples.  Time and Materials firms saw their margins shrink and their clients began to leave without notice. Companies that previously ignored the business model could no longer compete with companies that offered attractive “no extra billing, no nickel and diming, no unpredictable expenses” managed services support.  Then there was a mad scramble to pivot.  This gave birth to an entire industry of experts, gurus, coaches and consultants.  All of them made money, but nobody shared the dirty secret:  the land grab was over.  When you’re the last person to the party, you only get to eat the appetizers nobody else wanted.  Once someone has sold a managed services contract, the odds on them keeping that client are exceptionally high.  Some people are calling managed services sales a “race to the bottom” (thanks R/msp)

If you’re not first, you’re last. 

You only get one chance to sell a cybersecurity solution first.  There are dozens of “entry level” security solutions that any MSP could adopt for a land-and-expand play.  Dozens more enter the market every day.  With so many MSPs lagging behind their peers, there is a huge opportunity to sell cybersecurity solutions to companies already engaged with any MSP that hasn’t yet forced their clients to buy security.

For the same reasons I.T. companies didn’t sell managed I.T. services, MSPs aren’t selling cybersecurity solutions.  They don’t want to lose their revenue.  They don’t want to have hard conversations.  They don’t want to change what’s working for them.

How Does Land and Expand Work?

Land and expand solutions are small offerings that a business could implement without changing providers.  Your goal is to identify security gaps and find something you can sell to a company to fill that gap.  Our favorite land and expand tactic is a defined scope security assessment.  It requires no input from their current I.T. provider, in fact, the goal of the assessment is to identify whether their current provider is doing what they should be – or more importantly, what they say they are doing.  When this suggestion is met with resistance from the current provider it leads to doubt in the relationship.  Doubt leads to sales opportunities.

Winning With Land And Expand

You don’t need to win the whole sale all at once.  Land and expand allows you to never walk away from a sales call empty-handed.  Your managed services sales cycle is not getting shorter – if anything the agreements are getting even longer, and the breach remedy clauses in contracts are out of control.  If you want to start winning more business, more often, you need to open your mind to the idea of smaller wins, more often.  The smaller wins lead to trust, and trust leads to you bidding on their entire environment when the time is right.

The market always needs to catch up.  Land and Expand opportunities introduce ideas slowly, allowing companies to come around to the “right” way of thinking.  Ten years ago, the easiest clients to ‘poach’ were the clients that were being managed by companies that were half in the MSP world but resisting making their current clients adopt their new business model.  The same is true now.  Your easiest wins will now come from “poaching” clients whose MSPs haven’t forced them to buy their cybersecurity stacks.

Instead of going into cybersecurity sales calls swinging for the fences, try just getting on base.  Land and expand works, and early adopters are already seeing the numbers prove out.  Make a list of the security solutions you can offer to small business owners without forcing them to make huge changes or replace their current provider, then create a sales strategy around how you’ll nurture that small account until it’s no longer a small account.

Nobody Wants To Work With The Runner-Up

Remember, excellent service and innovative solutions only help the companies that buy them, and you can’t provide great service to clients you don’t have.  Investing in sales and marketing is essential to create differentiation in your cybersecurity sales practice.  Step one in becoming a cybersecurity expert is becoming a cybersecurity thought leader.  The more times and ways people here your name and your company name, the more likely it is they’ll be open to taking a cybersecurity sales call from you.

Let Managed Sales Pros help you create the content and campaigns necessary to become the expert in your community.  Our managed content creation solutions will set you apart from your competitors and help you become a recognized name when you’re networking at industry events, making cold calls or attending association functions.

Fill out the form below and let’s get you started the journey from “trusted advisor” to “industry expert”:

Contact Form

"*" indicates required fields

This field is for validation purposes and should be left unchanged.