Stability IT Added Cybersecurity Services Profitably Using inSOC

Ryan Shepherd

Technical Director

Mark Francis

CEO

Stability IT was founded by Mark Francis with his business partner Ryan Shepherd in 2010 in Prestatyn in the UK, with the intention of “doing things right” in the managed services provider (MSP) space.

Their aim was to provide predictable, fixed-price services to customers and a stable working environment for employees while delivering a high-quality end-user experience. 

The company has enjoyed substantial growth throughout the years. Today, it has 15 technical staff, some based in the company headquarters while others are in the East Midlands and North West. Stability works with an ecosystem of trusted partners to meet changing market demands.

THE CHALLENGES

Increased Cybersecurity Demands in Manufacturing

Stability IT focuses on serving manufacturing firms in the UK. As its clients have grown and the business environment evolved, demands have shifted from traditional MSP services (e.g. 24/7 help desk) to proactive monitoring and cybersecurity services.

Many of Stability’s clients are VC-led, and compliance with industry standards and security frameworks is a priority. These companies can send in auditors to review managed logs and analytics as part of their security protocols and insurance policy requirements at any time.

Manufacturing and other clients need support to compile due diligence documents for their cyber liability insurance. Meanwhile, the high cost of downtime continues to make the manufacturing sector in particular a prime target of ransomware attacks.

The services Stability IT offered as a traditional MSP, such as endpoint security, were no longer enough to meet client demands. It had to look for a managed security partner or invest in building new capabilities in-house.

 

Few cybersecurity partners in the UK understand both the unique requirements of MSPs and their clients. A gap needed to be filled — creating an opportunity for anyone who could jump in and hit the ground running.

Stability IT decided to start offering its clients enhanced cybersecurity services but also recognized that it would take a tremendous amount of time and money if it were to build the practice from scratch.

Luckily, the company was familiar with partnering with experts in various spaces, so it decided to look for a Security Operations Center (SOC) service provider that could meet its needs.

THE SOLUTION

Introduce Cybersecurity Services using SOCaaS

Stability IT started seeking a SIEM and vulnerability management solution, and initially considered Splunk. However, that would have required hiring specialists to set up the software and train its staff to use it, plus a team of ongoing security specialists to manage it. Plus, the high licensing fee and enterprise pricing model would make it extremely challenging to map it to a traditional MSP subscription model and become profitable.

Just when Mark was wondering how great it would be if he could pay an affordable ongoing fee to get all the SOC capabilities delivered as a service instead of putting down a substantial upfront investment to build them in-house — an email from inSOC landed in his inbox.

inSOC’s SOC as a Service offerings were exactly what he needed to add cybersecurity services without reinventing the wheel. While many features appealed to Mark, he found the onboarding process most valuable.   

[The onboarding process] retrained the brains of all the staff. For example, we checked our clients’ networks against standards from the Center for Internet Security (CIS) and NIST CF under the inSOC team’s guidance. We found many security gaps because we built things like a traditional MSP over the years — it was a massive eye-opener.

Stability IT’s team took the learning positively and changed their mindset toward cybersecurity. They’re now aware of the gaps, have the skills to fix them, and know how to avoid the same mistakes in the future.

Additionally, inSOC’s weekly risk assessment reports help Stability IT improve its client communications and relationships. The team has a stream of information at its fingertips. They’re up-to-date with the latest vulnerabilities and can look under the hood to take meaningful action.

When a client hears about a new risk or exploit and reaches out, more often than not, the team is already on top of it and has even remediated the vulnerability — instilling confidence and gaining the client’s trust.

Moreover, inSOC’s reporting capabilities enable Stability IT to have frequent, board-level conversations with the clients, helping it build trust and relationships essential for upsell, cross-sell, and client retention.

inSOC’s team has a lot of patience because many of the systems we look after need a significant amount of work. They also help us address the uptime availability dilemma, and we’re very grateful for the process. Things just work, and there isn’t a day when the support stops. We have weekly meetings, which isn’t something our other vendors offer. inSOC has become an integral part of our team.

THE RESULT

New Business Opportunities and Instant Profitability

Although Stability IT performed a lot of remediation work for its clients before partnering with inSOC, the approach was reactive. It wasn’t integrating the services into its offerings strategically to drive revenue.

But now, the team can share expert knowledge and timely reports with their clients to communicate the value they bring to the table and position the company as a premium service provider.

After tremendous success with current clients, Stability IT plans to create a separate entity to offer cybersecurity services. Incorporating inSOC’s capabilities has opened up many new business opportunities for the company. 

The services we have received are exactly what we hoped for when we signed up. inSOC’s services come with a lot of high-grade scaling capabilities, which are worth every penny. The fee isn’t really a cost for us anymore — we’re providing great services and making high profits out of it.
Partnering with inSOC has been game-changer for Stability IT. Instead of spending 12 months hiring talents in a tight labor market and setting up the technology and processes, the MSP turned a good profit from its cybersecurity services from day one.