Exclusive: How MSPs Can Elevate Their External Cybersecurity Practices

Cybersecurity—it’s one of the few technology topics that doesn’t need any explanation. Rather, it should be at the top of the list of strategic priorities for every company, and it’s safe to say it maintain that status in perpetuity. From social engineering and ransomware attacks to data breaches, businesses of all sizes face a constant struggle to protect their networks, devices, and data as constantly evolving cyber threats put every business at risk. The reality is, not only are attacks more frequent than ever, they are also becoming more sophisticated, and the cost of a security incident to businesses continues to grow. The average cost of a data breach has risen to $4.88 million—but that figure skyrockets to $9.36 million.

Adding to the challenge is the continued expansion of business’ digital footprints, which can create new vulnerabilities for attackers to exploit. The continued proliferation of cloud-based services and mobile applications, reliance on third-party vendors and supply chains, increased use of emerging technologies like Generative AI, and the sheer volume and diversity of digital assets create an ever-growing attack surface. Indeed, most security experts agree that it’s not a question of IF you’re going to suffer an attack (again), but WHEN and how frequently.

As if that’s not enough, most companies don’t have the resources to effectively protect their digital assets. Two-thirds of cybersecurity professionals believe their organizations are understaffed, which certainly limits the effectiveness of their cybersecurity efforts. In addition, 90% say skills gaps are prevalent – and, more importantly, perhaps, 64% of them believe that is an even bigger concern than staffing shortages. The bottom line: They need help.

Of course, it’s not all gloom and doom, and the help is available and accessible. Most businesses recognize the challenge, which is why cybersecurity spending continues to grow.  What’s more, there is clear recognition that businesses and their IT teams can’t do it alone, leading more and more companies to seek out MSPs and MSSPs to deliver cybersecurity services—MSPs that partner with some of the best cybersecurity vendors. The end result is better security for businesses, delivered by experts who don’t have to divide their time between other internal tasks; experienced security teams whose job is to stay up-to-date on the very latest trends, attacks, and technologies; and better relationships for MSPs with their clients, including additional recurring revenue streams. Everyone wins, except the bad actors.

Like most of tech, it’s an industry inherently in a constant state of evolution. So, to find out more about the latest trends, challenges, and opportunities, I recently had the chance to catch up with Halo Security’s CEO Lisa Dowling for some of her thoughts on the cybersecurity space, MSPs role in tightening up cybersecurity, Halo Security’s unique value proposition to MSPs, and much more. We started with a little background on Lisa and her transition into the cybersecurity space and how she’s approached leading a successful cybersecurity business.  

You didn’t start in the cybersecurity space.  Talk about your experience transitioning into the cybersecurity industry and the insights have you gained so far?

My career started in marketing, and later I started a construction project management firm specializing in luxury real estate, managing over $50 million in yearly HOA restoration and waterproofing projects in San Francisco. I am no stranger to problem-solving and the daily fire drills of running a service business. 

I've always been close to the tech world with my husband, Tim Dowling, who spent 25 years in the industry, holding leadership roles at Intel, McAfee, OneLogin, and Kenna Security. When he passed away in 2022, I stepped in as CEO of our company, Halo Security, and since then, it’s been a whirlwind of learning and adapting.

What I’ve realized is that, even in a complex field like cybersecurity, the fundamentals of business still hold true. Building trust, providing exceptional service, and always aiming to exceed expectations are key. It’s also a people-driven business—building strong, genuine relationships with clients is essential for long-term success. And of course, surrounding yourself with smart, talented people makes all the difference. I've been lucky to work with some incredible security practitioners at Halo, and their expertise has been a huge asset.

Overall, the transition has been both challenging and incredibly rewarding. I’ve enjoyed bringing a fresh perspective to the company, and the experience has been a mix of constant learning, adjusting, and celebrating our wins as a team.

What is the state of cybersecurity in the SMB space?  

For most small and medium-sized businesses, cybersecurity is a significant challenge. They often don’t have the in-house expertise to keep up with the constantly evolving threat landscape and need outside support to manage those risks. This is where MSPs become crucial—they step in to provide the guidance SMBs need, offering tools that are straightforward and focused on what matters most. MSPs help simplify the complexities of cybersecurity so that businesses can stay protected without feeling overwhelmed.

What are the most significant external threats facing business today?

The biggest threats usually come from what I’d call the “low-hanging fruit.” Attackers are opportunistic—they’re constantly scanning the internet for easy targets, like outdated software, forgotten assets, or default credentials. For SMBs, it’s often a matter of making their digital presence just a bit tougher to crack than the next one. On the other hand, larger organizations have to deal with more sophisticated, targeted attacks, which require a lot more resources and a proactive approach to stay ahead.

How are MSPs approaching external cybersecurity and these threats, and what gaps are you seeing?

MSPs are generally strong when it comes to securing internal networks, but internet-facing assets can sometimes be an afterthought. A big gap shows up when MSPs lack visibility into third-party websites or services that their clients might be using. If an MSP doesn’t know an asset exists, chances are it’s not being properly secured—leaving an easy target for attackers to exploit.

What steps can MSPs take to improve their external cybersecurity capabilities?

MSPs can make a big impact by adopting an attacker’s perspective—seeing their clients’ digital presence the way a hacker would. This involves spotting easily exploitable vulnerabilities and making sure that internet-facing assets look secure and well-maintained. It’s a bit like keeping a house in good shape to deter burglars; a well-maintained digital presence can discourage attackers from targeting your clients.

How are MSPs leveraging Halo Security’s platform in their cybersecurity offerings?

MSPs use Halo Security in a few key ways to strengthen their services. For many, it starts with pre-sales. Because of their external nature, both External Attack Surface Management and Dark Web Monitoring allow MSPs to quickly demonstrate value to prospects. Once those relationships are established, they use these capabilities for ongoing monitoring, offering continuous security solutions that generate steady, recurring revenue.

The platform also opens up opportunities for upselling. By identifying unmanaged assets, MSPs can easily highlight areas where clients need more protection. Some even use Halo Security for M&A evaluations, helping clients assess the security of acquisition targets quickly and without lengthy setups.

How does Halo differentiate itself in a crowded cybersecurity market?

We put a strong focus on the human element. For us, it’s all about delivering top-notch service and making sure our platform is user-friendly and accessible. We combine automated scanning with manual penetration testing, giving our clients a more complete view of their security risks—something that many other solutions just can’t match.

How does attack surface management differ from traditional vulnerability scanning or penetration testing?

Traditional methods like vulnerability scanning and penetration testing focus on the assets you already know about. Attack Surface Management, on the other hand, starts with discovery—uncovering unknown assets first and then assessing the risks they pose. This broader view is especially helpful for organizations that might not have the resources for in-depth red teaming or extensive penetration testing.

Can you explain asset discovery within the Halo Security platform, and how it helps identify hidden vulnerabilities?

Of course. We start with what we call “seeds”—these could be domain names, network ranges, or even search terms like a company’s name. From there, we uncover related assets like subdomains, IP addresses, and more. Once we find them, we analyze these assets for vulnerabilities. The goal is to identify anything that might have been forgotten or overlooked—because those unprotected corners are exactly what attackers are looking for.

How does Halo Security provide unique value to MSPs compared to other cybersecurity solutions?

Unlike many other cybersecurity solutions that require time-consuming setups, our platform is built for quick implementation. MSPs can run an assessment for a client immediately, making it easy to spot vulnerabilities right away and kickstart discussions about ongoing protection. This speed not only helps MSPs demonstrate immediate value but also makes it easier for them to transition into offering continuous monitoring services, building trust with clients along the way.

How can MSPs boost their revenue using external attack surface management?

First off, of course, MSPs can sell and manage our services like External Attack Surface Management, Dark Web Monitoring, and Penetration Testing. But it goes beyond that—they can also identify additional upsell opportunities by uncovering more assets to manage. With our robust reporting capabilities, MSPs always have something valuable to discuss with their clients, keeping those conversations going and helping them demonstrate their expertise. This not only boosts client retention but also drives revenue growth.

What emerging threat do you see as the most important for businesses and their MSPs to be prepared for?

Subdomain takeovers are becoming an increasingly significant threat. This occurs when organizations use third-party services, like support sites or CDNs, but forget to update their DNS records after discontinuing those services. Attackers can then exploit these abandoned subdomains, turning them into platforms for hosting malicious content or launching phishing attacks. This poses serious risks, especially for SMBs that may not even realize these vulnerabilities exist.

The danger amplifies when it comes to compromised third-party services. For example, if a company relies on an external JavaScript library and that domain gets taken over, attackers can inject harmful code onto the website. PCI DSS 4.0 specifically highlights this concern for payment pages, acknowledging the potential for exploitation. As businesses increasingly integrate third-party services, it’s essential for MSPs to monitor all connected assets closely. This vigilance helps close security gaps and minimizes attack opportunities.

What is Halo Security’s strategy for partnering with MSPs and MSSPs? 

At Halo Security, our goal is to become the go-to partner for external security. We actively engage with MSPs, like we did recently at MSP Expo in Ft. Lauderdale, where we took the time to learn about their specific needs. This direct engagement allows us to showcase how our user-friendly solutions can genuinely help drive revenue.

Our strategy is all about empowering MSPs to expand their service offerings and build recurring revenue streams. We want to make it easy for them to deliver top-tier security solutions to their clients, without the burden of a steep learning curve. It’s all about creating a partnership where both parties can thrive and ensure the best security outcomes for their clients.

What are the benefits of offering continuous security assessments and monitoring for MSP clients, and how does Halo Security support this?

Offering continuous security assessments and monitoring is crucial because the threat landscape is always changing, and businesses themselves are constantly evolving. With our platform, MSPs can effortlessly keep tabs on their clients’ digital assets, receiving actionable alerts without feeling overwhelmed.

This capability allows them to stay ahead of emerging risks and maintain robust security without adding a significant burden to their workload. Essentially, we make it easy for MSPs to provide ongoing protection, helping them reinforce their value to clients while ensuring that nothing slips through the cracks.

What is Halo Security’s free assessment program about and how does it work?

We're offering MSPs five free attack surface assessments for their clients. This no-commitment program allows them to demonstrate our value, identify risks, and uncover upsell opportunities. It’s an excellent way for MSPs to engage clients and reinforce their role as trusted security advisors.

What is Halo Security's long-term vision for differentiation in the external cybersecurity market? 

Our vision is to be the most comprehensive and user-friendly platform in external cybersecurity for companies of all sizes. We aim to offer enterprise-level insights while ensuring accessibility for smaller organizations.

Where can MSPs learn more about working with Halo Security?