MSSP CyberSecurity Sales Professional Training and Certification Program

This session will cover the process of determining the value of completing the SOC 2 Type 2 Certification. SOC 2 Certification can be expensive and time-consuming for technical staff. However, if your MSP’s primary verticals are DOD, Healthcare, Financial Services, or other compliance-based verticals, you may have a SOC 2 requirement. During this session, we will review all the benefits of SOC 2 certification, including the potential increase in MRR sales and NRR sales for cybersecurity services. It’s worth noting that only 4% of MSPs in the United States are SOC 2 certified. With enterprise and SMB organizations starting to ask MSPs for proof of SOC 2 certification or ISO certifications, it’s becoming increasingly important to consider obtaining this certification. CEOs participating in our training programs have reported losing clients to other MSPs with a SOC 2 certification because their clients require it due to compliance or other requirements. MSPs who become SOC 2 certified have seen an increase in their MRR from an average of $150 to $175 per seat with a Managed Security Services Program. We can also schedule a call with our CISO partner to review the requirements and costs of SOC 2 certification. MSSP University tools used during this session:

• Sample Redacted SOC 2 Report E5
• • Sample Press Release of SOC 2 Report

MSSP University Instructor:

This session will discuss the advantages of upgrading from a Microsoft E3 License to a Microsoft E5 license, primarily regarding enhanced security compliance and productivity features. Some key benefits include Advanced Security Features, which provide endpoint protection, threat detection, and response capabilities. Additionally, Identity and Access Management features such as conditional access policies, identity protection, and Azure Active Directory Premium P2. The Threat Intelligence feature offers insight into global cyber threats and helps proactively protect against them. Advanced Compliance Tools such as compliance manager and compliance score help with regulations like GDPR and HIPAA. The Advanced Analytics and Business Intelligence feature, Power BI Pro, offers advanced analytics and business intelligence. Enhanced Productivity features such as Power Automate, and Enhanced Support, including access to Microsoft’s FastTrack program for assistance with deployment and adoption of Microsoft 365 services. MSSP University tools used during this session:

• Microsoft E3 License Feature and Benefits Microsoft E5
• License Features and Benefits

MSSP University Instructor:

This session is aimed at helping sales professionals determine the right questions to ask a buyer during the first meeting ever (FME) of the Security Maturity Level Assessment (SMLA). We will be covering a horizontal-based security needs analysis and sharing examples of custom vertical-based security business needs analysis documents, specifically compliance- based verticals. The security business needs analysis will make it easier for sales professionals to train others on conducting a Security Maturity Level Assessment (SMLA) first meeting ever (FME). During this session, we will also be role-playing the security business needs analysis and evaluating the results of the qualifying questions asked during the first meeting. Once sales professionals have the necessary information, they should be able to qualify for the Security Maturity Level Assessment (SMLA) opportunity and schedule a call with the Virtual Chief Information Security Officer (vCISO). MSSP University tools used during this session:

• The Business Needs Analysis Form Sample
• Redacted SMLA
• Role plays

MSSP University Instructor:

During this session, we will focus on completing the First Meeting Ever (FME) preparation worksheet. The SMLA-FME preparation worksheet will be used to review the buyer’s website, persona, users, revenue, and budget (if available). Our sales professionals will be trained on how to discuss the solution to the security pain point that the FME was based on. They will also learn how to engage all influencers participating in the FME and what to look for on the LinkedIn profiles of the buyer and all influencers involved in the FME. Our sales professionals will also receive training on scheduling the next meeting with the Virtual Chief Information Officer (vCISO) for qualified buyers after the FME. They will learn how to develop the FME agenda and establish FME expectations at the start of the meeting, including the timeline for the FME, what will be covered, and the next steps. Furthermore, our sales professionals will be trained to evaluate the FME’s success using the 1-4 process. This will help them to determine the effectiveness of the FME and identify areas for improvement. MSSP University tools used during this session:

• FME Preparation Worksheet
• Role Play with FME Worksheet Form and Evaluation Process

MSSP University Instructor:

This session is dedicated to training sales professionals on how to qualify a buyer to close a managed security opportunity effectively. We will evaluate the information received from the SDR FME form through GlassHive-CRM. The aim is to determine if the prospect has an immediate cybersecurity issue if they have previously experienced a security incident, and why they want to address it now. Additionally, we will assess if the prospect has a budget and if they are currently under an existing security agreement. If they are not, we will need to establish a timeline for getting started. It is critical to understand whether our managed security program addresses the prospect’s immediate pain point. We will also inquire if the prospect can provide a copy of the existing security agreement based on user count and how many approvals are needed. Lastly, we will train sales professionals on how to evaluate prospects from a value pricing perspective, especially if our security services pricing is higher than what they are currently paying. If sales professionals cannot confirm the buyer’s qualification based on the SDR FME form, the FME will be rejected. MSSP University tools used during this session:

• SDR – FME Form
• Role plays with FME Worksheet Form for Qualifying Buyer

MSSP University Instructor:

In this session, we will focus on training sales professionals on how to conduct a Security Maturity Level Assessment (SMLA) in the first meeting ever (FME) using the Security Business Needs Analysis Form. We will demonstrate how to set the right tone for the prospect’s expectations from the FME and the next steps if required. Additionally, we will provide training on an applicable warm-up exercise based on the Challenger Sales approach. We will review and evaluate all the questions on the needs analysis form using the QBS methodology. The session will also cover training on how to position the buyer’s current state and future state and its value in moving forward. This approach is based on the gap selling methodology. The sales professionals will be trained on all the qualifying buyer questions, such as the buyer’s timeline, budget, and operational tempo. Furthermore, they will be trained to identify what’s in it for the buyer and why. We will also provide training on the importance of starting and ending on time, leading, and maintaining complete control of the call or visit, and setting a proper example of the next steps, even if the next steps are to end the engagement. MSSP University tools used during this session:

• Security Business Needs Analysis Form
• SMLA PowerPoint Deck

MSSP University Instructor:

This session will provide training to sales professionals on how to customize PowerPoint presentations to address prospects’ pain points and bridge the gap between the current state and the future state. The training will focus on crafting an opening statement that sets the tone for the prospect’s expectations. Sales professionals will also learn how to demonstrate the value of each slide with case study examples that support the impending future state. They will use QBS methodology-based questions to confirm the buyer’s understanding of the value. Additionally, they will be trained to reconfirm the next steps, timeline, and budget, and schedule the next meeting to review the budget and potential onboarding process. Through role-playing exercises, sales professionals will develop their ability to determine if the opportunity is a commitment or an upside regarding sales pipeline updates. They will also learn to update CRM-PSA on the sales status of all opportunities and have a copy of the managed security agreement available at every meeting in case prospects want to move ahead of schedule. MSSP University tools used during this session:

• Managed Security PowerPoint Deck
• Managed Security Agreement

MSSP University Instructor:

This session will discuss how to present pricing and services for a Security Maturity Level Agreement. The role-play will cover various aspects such as Statements of Work (SOWs) for penetration tests, vulnerability management services, security maturity level assessments, Microsoft Secure Score assessments, security remediation services, SIEM and SOC services, and the role of vCISO and vISM Service Level Agreements (SLAs). It will also cover the terms of a 3-year managed security agreement with annual increases, cybersecurity insurance requirements, onboarding processes, setup fees, and all exclusions. Sales professionals will review the process for executing agreements via DocuSign or onsite agreement signing. They will be trained to overcome common objections to managed security services agreements and receive training on a managed security services proposal template for proposal presentations for all services. Additionally, there will be role-play sessions for proposal presentations for all security services. MSSP University tools used during this session:

• Managed Security Agreement
• Overcoming objections Document
• Penetration Testing SOW
• SIEM and SOC SOW
• Remediation Services SOW
• Vulnerability Management SOW
• Roleplay

MSSP University Instructor:

This session is focused on teaching how to present pricing and services for a Security Maturity Level Agreement. The role-play will cover various aspects such as Statements of Work (SOWs) for penetration tests, vulnerability management services, security maturity level assessments, Microsoft Secure Score assessments, security remediation services, SIEM and SOC services, as well as the role of vCISO and vISM Service Level Agreements (SLAs). It will also cover the terms of a 3-year managed security agreement with annual increases, cybersecurity insurance requirements, onboarding processes, setup fees, and all exclusions. Sales professionals will learn how to execute agreements via DocuSign or onsite agreement signing. They will be trained on how to overcome the most common objections to managed security services agreements and will receive training on a managed security services proposal template for proposal presentations for all services. Additionally, there will be role-play sessions for proposal presentations for all security services. MSSP University tools used during this session:

• 35 Steps SMLA Sales & Marketing Process & Stages Document
• Email marketing content
• Security Business Needs Analysis Document
• Managed Security Services PowerPoint Deck
• Managed Security Services Agreement

MSSP University Instructor:

This training session is dedicated to teaching sales professionals how to effectively qualify buyers for a Security Maturity Level Assessment (SMLA). During the session, sales professionals will learn about aspects such as information security policies, business information system mapping, IT business continuity plans, risk assessments, awareness training records, incident response plans, cyber insurance policy status, penetration tests, CIS controls lists, gap assessments, discovery and review, and summary reports. They will also be trained on which C-level staff members need to attend the SMLA for the assessment to be valid. In addition to this, the sales professionals will be taught how to present a redacted Security Maturity Level Assessment (SMLA) Statement of Work (SOW) to prospects for review if requested. The training will also include role-playing exercises that will help the sales professionals learn how to present the redacted SMLA SOW to buyers. MSSP University tools used during this session:

• SMLA Redacted Form
• Role Play Redacted SMLA

MSSP University Instructor:

This training session is aimed at sales professionals and focuses on the importance of conducting a risk assessment during the Security Maturity Level Assessment. During the session, sales professionals will be able to watch a redacted webinar presentation of a risk assessment. The risk assessment plays a crucial role in getting the remediation proposal approved; it helps the C-level participants in the Security Maturity Level Assessment to prioritize the systems that impact the business. The client decides which systems should be remediated and in what priority, and the risk assessment assists in establishing a budget and project plan for remediation implementation. MSSP University tools used during this session:

• Risk Assessment Redacted

MSSP University Instructor:

This training session aims to teach sales professionals how to review the security contract between a prospect and their Managed Service Provider (MSP). The focus is on identifying the MSP’s complete security role and responsibilities, evaluating their policies and procedures, and assessing their control practices. The main objective of this process is to determine if prospects need to switch to a MSP that is SOC 2 compliant. MSSP University tools used during this session:

• MSP Health Check Form

MSSP University Instructor:

This training session will help sales professionals understand the importance of the prospect’s Microsoft Secure Score. We will provide an assessment example of the prospect’s productivity email suite, documentation repository, and sharing practices. Moreover, we will assess the vulnerabilities and perform a risk assessment of their email suite, documentation repository, sharing practices, etc. MSSP University tools used during this session:

• Redacted Microsoft Secure Score

MSSP University Instructor:

In this session, we will train sales professionals on how to conduct a log review of Microsoft 365, Google Workspace, and VPN (remote access systems). We will provide an example of log review to help sales professionals understand how to quickly review who is logging into prospects’ emails. The SIEM-SOC teams provide intrusion detection support. Log review is a fast way to address someone logging into a prospect’s email without their knowledge. The CISSPs can perform this review whenever necessary. MSSP University tools used during this session:

• Sample Log Review Report

MSSP University Instructor:

During this session, sales professionals will be trained on how Certified Information Systems Security Professionals (CISSPs) conduct a targeted assessment of a prospect’s control environment, Microsoft 365 vulnerabilities, external endpoint vulnerabilities, Managed Service Provider’s (MSP’s) policies, procedures, and controls, and how they impact ransomware defense. The session will cover examples of vulnerability reports, policies, and procedures. MSSP University tools used during this session:

• Policies and Procedures examples
• Redacted Vulnerability Reports

MSSP University Instructor:

This training session aims to assist sales professionals in learning how to assess a prospect’s incident response and recovery plan development, testing, and review by partnering with Certified Information Systems Security Professionals (CISSPs). During the session, sales professionals will be shown a recording of a tabletop exercise that tests the prospect’s current incident response plan. We will examine the data collected from the exercise and discuss potential opportunities to engage with the prospect after completing the tabletop and the necessary follow-up steps. MSSP University tools used during this session:

• Tabletop Exercise Example
• Tabletop Exercise Recommendations Redacted Example

MSSP University Instructor:

This session is aimed at training sales professionals on how Certified Information Systems Security Professionals (CISSPs) conduct a NIST SP 800-115 Penetration Test. Prospective clients can choose from three different options for penetration tests. Level 1 includes vulnerability scanning, attacking publicly accessible IP addresses and/or domain names, network penetration testing exploitation, and WAN testing. Level 2 includes vulnerability scanning, attacking publicly accessible IP addresses and/or domain names, social media reconnaissance, social engineering exercises, review of social networking sites like Facebook, LinkedIn, X, etc., network penetration testing exploitation, WAN testing, website penetration testing, and simulated phishing attacks. Level 3 includes vulnerability scanning, attacking publicly accessible IP addresses and/or domain names, social media reconnaissance, social engineering exercises, review of social networking sites like Facebook, LinkedIn, X, etc., network penetration testing exploitation, WAN testing, website penetration testing, wireless penetration testing, physical penetration testing, and simulated phishing attacks. During the session, we will review redacted copies of all three levels of penetration tests and practice presenting them to prospective clients. Additionally, we will assess which level of penetration test is best suited for the client’s budget. This is a value pricing exercise. MSSP University tools used during this session:

• Level 1 Penetration Test SOW
• Level 2 Penetration Test SOW
• Level 3 Penetration Test SOW

MSSP University Instructor:

This session aims to train sales professionals on properly qualifying buyers for next-gen SIEM (Security Information and Event Management) services, vulnerability management, and security operation center monitoring. The next-gen SIEM services include a hardware appliance that monitors all network traffic, conducts deep packet inspection, intrusion detection, and Windows log monitoring. Additionally, it uses a cloud API to monitor Microsoft 365, AWS, and Azure. A SCAP (Security Content Automation Protocol)-compliant vulnerability management system is deployed, which scans the entire network weekly and provides PCI (Payment Card Industry)- certified reports. The wrap-around security operation center team monitors the kill chain in real-time, 24/7/365 days a year. During the training session, sales professionals will role-play using a PowerPoint deck and practice creating SOC-SIEM SOW (Statement of Work) for prospects interested in security services. MSSP University tools used during this session:

• SOC-SIEM Demo with CISSP SIEM Tool
• Redacted SOC-SIEM
• SOW Role Plays

MSSP University Instructor:

This session will focus on training sales professionals to effectively communicate the value of information security policies and procedures to potential clients. We will review examples of various policies such as incident response plans; IT risk management policies, security awareness and training policies, account management policies, change management policies, backup and recovery policies, access control policies, asset management policies, remote access security policies, personnel security management policies, network security management policies, IT business continuity policies, employment termination procedure policies, log management and monitoring policies, and more. The vCISO will create and update the information security policies and procedures monthly or quarterly. The cybersecurity software tools will be configured based on the approved policies and procedures by the client’s C-level management. The sales professionals will be trained to present the required information security policies and procedures to qualified prospects and will also practice delivering PowerPoint presentations tailored to specific industries. MSSP University tools used during this session:

• Redacted policy and procedures
• PowerPoint policy and procedures
• Roleplay

MSSP University Instructor:

This session will train sales professionals to understand the CIS Critical Security Controls, which include CSC1: inventory and control of hardware assets, CSC2: inventory and control of software assets, CSC3: continuous vulnerability management, CSC4: controlled use of administrative privileges, CSC5: secure configuration for hardware, software, and mobile devices, CSC6: maintenance, monitoring, and analysis of audit logs, CSC7: email and web browser protections, CSC8: malware defenses, CSC9: limitation and control of network ports and protocols, and more. We will also review a demo of the CIS Controls Initial Assessment Tool used to administer the Security Maturity Level Assessment (SMLA) and provide a redacted copy of a completed SMLA. The Center for Internet Security annually updates the list of CIS Controls. By implementing the top 6 CIS Critical Security Controls, prospects can prevent 85% of cyber breaches, and by enforcing all 20 CIS Critical Security Controls, they can prevent 95% of cyber breaches. MSSP University tools used during this session:

• CIS Controls Initial Assessment Tool v8 Top 20
• CIS Controls Lists v8

MSSP University Instructor:

This session aims to train sales professionals on the role of a CISSP-certified vCISO. The vCISO is responsible for creating and customizing security policies and procedures, leading quarterly information security committee meetings, developing cybersecurity strategies, driving cybersecurity initiatives, and ensuring the implementation of data protection and recovery programs with expected outcomes. The vCISO is an integral part of the cybersecurity team, including the security operations center, red team, vISM, and professional services team. MSSP University tools used during this session:

• vCISO PowerPoint Deck

This session aims to train sales professionals about the role of a CISSP- certified vCISO. The vCISO is responsible for drafting and customizing security policies and procedures, conducting quarterly information security committee meetings, devising cybersecurity strategies, driving cybersecurity initiatives, and ensuring the implementation of data protection and recovery programs with expected outcomes. The vCISO is an integral part of the cybersecurity team, including the security operations center, red team, vISM, and professional services team. MSSP University tools used during this session:

• vCISO PowerPoint Deck

MSSP University Instructor:

This training session focuses on teaching sales professionals how to present the Managed Security Services Agreement (MSA) properly. The session will cover various topics such as the scope of services, pricing and payment terms, duration and termination conditions, client obligations, handling of confidential information, warranty and disclaimer provisions, limitation of liability clauses, mutual indemnification terms, employee solicitation, and hiring policies, insurance requirements, immunity clauses, successors and assigns provisions, execution and consideration details, notice requirements, Exhibit A – Statement of Work, client network specifications, limitations on onsite support, managed security services limitations, VCISO, VISM, SIEM-SOC services, tools, and other services. Moreover, sales professionals will engage in role-playing exercises to practice presenting MSA agreements. MSSP University tools used during this session:

• Redacted Managed Security Services Agreements
• Role plays

MSSP University Instructor:

This training session focuses on teaching sales professionals how to present security maturity levels using a PowerPoint presentation. The typical security level score for a small or medium-sized business (SMB) is 0.75, while the average score for all companies in the United States is 1.5. For DFARS, the desired security level score is 4.0. There are five security level scores: initial (1.0), developing (2.0), defined (3.0), managed (4.0), and optimized (5.0). The initial level (1.0) indicates that there needs to be a formal security program, controls are absent, and there are unstaffed or uncoordinated activities. Developing level (2.0) means some controls need more documentation, basic governance, and risk management processes and policies. The defined level (3.0) has more controls documented and developed, some roles and responsibilities established, and minimal verification of processes and policies. Managed level (4.0) means controls are monitored and measured for compliance, with formal information security committees overseeing verification and measurement processes and with clearly defined roles and responsibilities. Finally, the optimized level (5.0) indicates that controls are more comprehensively implemented and automated, processes are more comprehensively implemented and quantitatively understood, and there is a culture that supports continuous improvement in security skills, methods, and technology. MSSP University tools used during this session:

• SMLA PowerPoint Deck

MSSP University Instructor:

This session aims to train sales professionals about the operations of the red team. The red team is responsible for regularly testing the strength of controls by attempting to break them. They perform a variety of actions, like penetration tests, analysis of attacks, social engineering, gathering reconnaissance information, simulated email phishing attacks, testing physical security procedures, scanning environments for unsecured sensitive or confidential data, and conducting attacks and testing on wireless networks, web applications, and desktop clients. On the other hand, the blue team is responsible for ongoing monitoring and management, including vulnerability management, reporting (both technical and C-level), and security operations center operations. MSSP University Instructor:

This session will train sales professionals to properly evaluate a buyer’s cyber insurance policy and determine its value. We will provide an example of a cyber policy worksheet and explain how it should be completed. We will discuss coverage limits, breach notification, data system restoration, cyber extortion, business income loss, funds transfer fraud, computer fraud, telecom fraud, errors and omissions, media and content, cyber and privacy, and personal injury. Additionally, we will examine the policy exclusions and discuss how to conduct webinars to educate potential clients on selecting the best cyber carrier and how to avoid relying solely on the cyber policy. MSSP University tools used during this session:

• Redacted Cyber Insurance Application Redacted
• Cyber Insurance Policy
• Cyber Insurance Webinar PowerPoint Deck

MSSP University Instructor:

During this session, we will use a questioning approach from QBS to qualify and close opportunities. We aim to provide sales professionals with the training they need to implement the Challenger sales approach effectively to lead and close opportunities. Additionally, we will provide training on utilizing the Gap Selling approach to demonstrate the value of closing opportunities by positioning the current and future states. MSSP University tools used during this session:

• The Challenger Sales Book
• Gap Selling Book
• Question-Based Selling Book Role Playing Required

MSSP University Instructor:

During this session, we will focus on identifying the most suitable verticals to target based on referenceable accounts and technical capabilities. We will determine the ideal target personas, including C-level and other contacts, who serve as strategic buyers. Additionally, we will review the prospect size based on user size and/or revenue, which is crucial for projecting new sales revenue. We will also examine the MQC lists to determine the size of the prospect lists. MSSP University tools used during this session:

• Zoom Info Account or Other Software Tools

MSSP University Instructor:

This session aims to teach how to effectively manage marketing and sales activities, including making daily cold calls and follow-up calls, handling uninterested leads, conducting decision-maker conversations, tracking projected FMEs, scheduling FMEs, creating proposals, closing deals, tracking lost deals, monitoring sales pipeline status commit and upside, etc. The key performance indicators (KPIs) will be used to establish benchmarks for each KPI and color-coded (red, green, and amber) to manage results. KPIs will help determine the number of marketing activities required to schedule FMEs consistently and the number of FMEs needed to close a managed services agreements. MSSP University tools used during this session:

• Completed KPI Dashboard Form

MSSP University Instructor:

This session focuses on evaluating your understanding of the 7-step sales process. The process includes prospecting, first impressions, qualifying, demonstration, influence, closing, and general. We will have you complete the SSI test to determine your score, which is between 0 and 300. Once completed, we will have the sales professionals undergo training on the 7- step sales process based on test scores. After completion, we will retest to confirm your new score and provide additional training for sales management. MSSP University tools used during this session:

• Complete SSI Test

MSSP University Instructor:

During this session, we will be completing a DISC profile. DISC stands for dominance, influence, steadiness, and conscientiousness. It is a model of personalities that outlines the four primary behavioral styles. A DISC assessment is a behavioral tool that can help individuals understand their management style, strengths, and weaknesses. We have created the most common DISC profile for successful sales professionals in the technology industry. We aim to train sales professionals to analyze and interpret their DISC profiles accurately and use them to identify the DISC profiles of potential customers. This way, they can engage with them successfully and increase their sales performance. MSSP University tools used during this session:

• DISC Assessment Test Required

MSSP University Instructor:

This session will focus on comprehending the art of asking qualifying questions to close managed services opportunities effectively. We will engage in role plays to practice issue and implication exercises related to objections in closing managed services agreements. Additionally, we will review status and solution-based questions useful for qualifying managed services agreements. MSSP University tools used during this session:

• Question-Based Selling Book Thomas Freeze
• QBS Test Required

MSSP University Instructor:

This session focuses on becoming a Challenger sales representative and learning how to use your understanding of the customers’ business to deliver new insights and drive their thinking differently. The Challenger sales representative can research and identify problems and opportunities before presenting them to buyers – often in a way that challenges them. The Challenger sales model and methodology are built around a sales process that focuses on teaching, tailoring, and taking control of the sales experience. A sales professional has five profiles: the problem solver, the hard worker, the relationship builder, the lone wolf, and the challenger. We will help determine which profile applies to you. MSSP University tools used during this session:

• The Challenger Sales Book
• The Challenger Sales Book Test

MSSP University Instructor:

The focus of this session is to help you understand the current and future states of closing opportunities with 200+ seats. We will also cover how to develop a PIC chart (problem identification chart) and what it takes for the buyer to see you as a consulting thought leader. We will review outdated concepts about selling managed services agreements and only sell based on something other than need if the buyer still determines the need or pain. It’s important to note that there is no such thing as ‘closing’; instead, we find the gap between what the buyer has now and what they want. By improving your ability to diagnose the buyer’s problem, we will help you engage in gap selling. Gap selling is a collaborative, empathetic process that is customer-centric, allowing the buyer to take the lead. MSSP University tools used during this session:

• Gap Selling Book
• Gap Selling Book Test

MSSP University Instructor: