In this episode, Daniel and Adam are joined by Ian Vickers from Met Cloud for a deep dive into the evolution and future of security operations centers (SOCs) for managed service providers (MSPs). Ian discusses the journey from traditional MSP environments to developing innovative AI-driven SOC solutions that could disrupt the current market. Key topics include the challenges of early cloud security, the development of AI tools to augment SOC analysts, and the introduction of cost-effective AI solutions for smaller clients. They also cover the importance of standards and accreditations, the necessity of thorough client education, and the critical role of effective incident response planning. The discussion underscores the evolving landscape of cybersecurity and the opportunities it presents for MSPs to provide more advanced and efficient security services.
00:00 Introduction and Greetings
00:25 Ian’s Background and Early Cybersecurity Journey
01:17 Challenges in Cloud Security and Early SOC Development
03:15 Innovations in AI for Security Operations
05:21 Transition from MSP to Technology Provider
07:57 Understanding SOC and Security Standards
12:54 Client Needs and Risk Management
25:13 Cyber Incident Response Planning
31:22 Final Thoughts and Shameless Plug!
Listen on Spotify or Apple Podcasts
Connect with Ian Vickers on LinkedIn by clicking here – https://www.linkedin.com/in/ivickers/
Connect with Daniel Welling on LinkedIn by clicking here – https://www.linkedin.com/in/daniel-welling-54659715/
Connect with Adam Morris on LinkedIn by clicking here – linkedin.com/in/adamcmorris
Visit The MSP Finance Team website, simply click here – https://www.mspfinanceteam.com/
We look forward to catching up with you on the next one. Stay tuned!
We created It’s a Numbers Game Podcast to help MSP owners learn and understand how to build and maintain a financially healthy MSP business. In this podcast series, MSP business owners like you will learn the fundamental steps, the tips and tricks, the dos and don’ts to achieve MSP financial growth.
Transcript:
Dan: Ian, great to have you with us.
Ian: No, thanks for inviting me, Dan and, Adam, it’s a pleasure and, looking forward to our discussion,
Dan: Indeed, and we, as we often do, we have our sort of chat in the green room before and realized we should have clicked record a couple of minutes ago. but broadly, I think we’re all in agreement. What we’d like to do today is talk about, MSPs and their SOCs. and, not the kind that, go in their shoes and on their feet.
Dan: but, but, but perhaps also, we could, we could actually kick that off just with a little bit about your history. and Ian, like you, you first came on my radar a number of years ago and a CompTIA event being very much a trailblazer, in, in. Cyber security generally, and having created your first SOC, I think your first SOC.
Dan: so, perhaps you could give us a little bit of a rundown on, on, on what that looked like and, and how it’s evolved.
Ian: Yes. So thanks for that. So, yeah, unfortunately, yeah, I have been in the industry for too long, probably now. and having run a managed service provider. business since 1998, you know, it sort of takes you through a period or a journey that you start to learn a fair bit about, you know, the customer’s need and how things evolve, you know, with different technologies and so forth.
Ian: So, so coming up to, sort of modern day sorts of requirements and so forth. it was quite evident that as more and more companies were moving to the cloud. Around 16, we were working on some significant data migration projects for companies to move into Microsoft Azure and, and going through that process, it was clear that, there was some significant. Security challenges for organizations. so in the early days, most of the vendors out there, didn’t have any virtual firewalls for a start as an example. So, it was very difficult to start developing some kind of capability and everyone was sort of trying to catch up with the, public cloud providers like Microsoft and AWS.
Ian: and trying to develop and redevelop their software from appliance kind of capabilities to software and virtual servers and so forth. and that’s taken a long time. you know, even up to probably, I would say 2021. you know, I would say that even public cloud environments were still very insecure, and it took a lot of effort and heavy lifting to architect and develop, a very secure environment for clients in a public cloud environment.
Ian: And then on that journey, we started to work with customers who required security operations center services. And this is probably going back to about 2018, and we didn’t have a security operation center capability, and so we had to go out to market and find some suitable partners, like an MSP would do.
Ian: And, we spoke to dozens of, capable providers. both in the UK and the U S and again, we started to learn what was good and what wasn’t so good and, and in that journey, at the same time, cause we’re quite innovative, what we think we are, is that we identified an opportunity to see if we could actually harness what was going on in artificial intelligence.
Ian: Arena. And then in 2020, we started a project to develop our own capability that could initially augment a security operations center analysts. So an AI tool that could help them improve their capability, their efficiency. And, and as time has moved on, and as the technology has become more advanced and by the week, you know, AI is developing and particularly generative AI, we are now at a point and we’re launching a product in a couple of months that we are confident will probably, address a market that is currently.
Ian: Not being addressed and that is, customers of a size that can’t afford security operation center services. and this is where we see this as being a really good tool for them because it will actually negate the need for requiring a security operation center. And then for those companies that still.
Ian: Require a security operation center and fully manned 24 by seven operation. our platform will still be highly valuable for them as well, because it actually reduces the amount of, false positives and, I guess the kind of alerts that don’t need sophisticated attention. and we can reduce their workload by 94%.
Ian: And it’s fully tested and it’s already been in production for about 14 months. So we’re really excited by introducing this capability to the market. And, And we think it will disrupt everything in the market.
Dan: Brilliant. just what we want. More, more disruption, in the, in the IT market. but I guess that’s, that’s very much though, where, you Where the it market is. it, as you say, being, being in innovative and, looking ahead at what the likely challenges are.
Dan: and then, and then creating solutions for that. So, so effectively you’ve gone from, from, MMSP to, m. P, and, and now, and now potentially a vendor, as, as well. Okay.
Ian: obviously at some point, we’re going to have to make a decision on which direction we totally go in. and this could be an interesting journey that we start to, to experience where we may have to, and probably will have to engage with the MSP communities, and sell through the channel. And so at some point we’ll probably as a company.
Ian: Cease being a managed service provider ourselves, and be a technology, provider, from a cloud perspective. So we have met cloud, which is a sovereign cloud capability and we’re starting to see. Other providers using us for sovereign and private cloud capabilities. And so, you know, whilst it’s a slow, uptake, we’re starting to see that accelerate over the last six to 12 months.
Ian: And then our own research and development in artificial intelligence and generative AI is somewhere where we see huge, exciting opportunities. And this is where we want to possibly start engaging with managed service providers, because we believe having a real good understanding of what a managed service provider requires, you know, we have really good insight.
Ian: As I mentioned, we’ve got 26 years of experience of delivering managed services, is that we feel that we could, provide a really good compliment to managed service providers who are being asked to deliver more and more security services. And at the same time being challenged in all areas around how they deliver those services.
Ian: And so we could probably have a really good conversation with them and say, well, this is how we could help you on that journey. and they could help us as well.
Dan: really interesting. and I recall when, back to that first presentation, where you were talking about establishing a SOC and the high watering sums involved in paying people if you could even find them to pay them. and, I had this vision of you with a suitcase full of money chasing, SOC people down the road.
Dan: please have a word
Ian: no, it’s a spot on and things haven’t changed. In fact, they probably just got worse, not better. As in the talent pool is still a shallow and all that has done is drive up the costs of, salaries and the overhead costs. So I think I was talking to, one of our SOC providers now. And in fact, today, funny enough, I was talking to somebody who’s just set up a SOC for a client in.
Ian: Jordan, and, and it’s about three and a half million pounds set up costs. Just to get going.
Adam: so, with all of your 30 years or whatever it is now of insight, in the security world, maybe you could just, give us a bit of a 101 on SOC for our listeners. there seems to me to be so much complexity, so much choice. You’re now on our podcast talking about a new AI tool, which could disrupt the market potentially.
Adam: and where does that leave things? So, so perhaps you could just give us a bit of a, you know, a five minute kind of, 101,how best to simplify the options for MSP owners that are looking to procure these services?
Ian: for sure. So a one on one would be, clearly, I would suggest that you have to do some due diligence from a perspective of qualifying the credentials. So for instance, in the cyber security SOC world and pen testing world, there’s a, standards based. Company called crest standards. Most companies will understand that, but not every SOC provider is crest accredited.
Ian: And I would suggest that, you know, And you may have heard me speak on previous times, then, that, I am quite passionate about standards because how do you demonstrate an evidence to clients and anyone else? And even your own staff, how good are they if they’re not certified and, go through rigorous training and approval and vetting.
Ian: So, so for me, Straight away, you know, you should be only dealing with maybe crest accredited or some other kind of, well approved standards for that industry. The other is, understanding what the clients require. Now, a lot of clients often come back and say, well, we don’t want necessarily to pay for 24 by seven support. But, you know, cyber criminals don’t go to sleep and they all, and they work in all different time zones. So whilst the client doesn’t want to pay for 24 seven, there is malicious activity going on 24 seven. And so they have to maybe think about that. And that’s something that the MSP has to have a grown up conversation with the client to say, this is.
Ian: Just what happens in life and, you know, do you really want to walk in, in the morning, having all your systems encrypted by a ransom attack because someone has clicked on a link early in the morning and then there’s no one there to help remediate and triage the problem as quickly as possible.
Ian: And there’s a whole raft of other kind of obviously malicious activity, not necessary. As blatant as encryption and ransomware. but you may have, surveillance going on and they may be in your network for four or five months surveillance. And if you haven’t got a 24 by seven operation, looking at this, then.
Ian: Things are going to get missed for sure.
Adam: no, that makes perfect sense. Thanks
Ian: So for me, if you’re going to, if you’re going to try and introduce the SOC, conversation, a, your partner needs to be well qualified. B standards and accreditations is key. And B, I think you have to be talking about 24 by seven. And this also opens up some challenges because even those kinds of organizations accredited in crest don’t always provide 24 seven. So you need to ask these questions as well and ask the partner that you’re choosing to evidence. and you have to do it quite thoroughly because you’re introducing a partner in a very highly sensitive. Situation. And if your client ends up having a cyber attack, they’re going to blame you and not necessarily blame your partner that you’ve introduced.
Ian: So it’s, you know, it’s a, it can be quite fraught in, in that sort of delivery and contractual obligations, and you have to really plot your way through it really carefully.
Dan: with our SOC, there’s like, an input and output to that as well. So, perhaps we could bolt on to that the conversation that again, we had in the green room about all of the different. DRs, the E’s, the M’s and the X’s, and how that interacts with said SOC. and then also perhaps then how far do they actually go?
Dan: if someone is, say surveilling or there’s activity that’s affecting the system, how far do they go in, remediation and where does the MSP have to interact with, you know, the middle of the night? Well, the good news is we’ve stopped this bad thing happening. The bad news, the bad news is that there’s no network now.
Dan: So you just need to get it rebuilt by, by, by morning. and so, so yeah, talk a little bit about, around those points for
Ian: Yeah, for sure. So I think again, Again, it’s all down to your customer appetite and understanding about risk. You know, what does the risk look like? And I think, you know, this is a big opportunity for MSPs. On one hand, maybe I’ve painted too dark a picture of what it could look like, but equally you, and then if you engage properly and talk about, you know, Proper, proper risk assessments and doing a proper gap analysis as to what their environment looks like.
Ian: and try to get to a place where you can actually shine a light on where their vulnerabilities stand. You can then engage in a really good mature conversation with the customer, and then they can openly enter into a contract service level agreement, service description, which maybe matches their needs.
Ian: Ambition or their appetite for spend. And then if you’ve got that, then everyone’s happy. What I’ve seen is a lot of MSPs rush into this and leave themselves highly vulnerable and the clients haven’t been educated and they haven’t been walked through the journey. And then when a, attack happens, they just reached for, you know, blame, and then they reach out to lawyers and this is how it all So I think it’s a, it’s not always going to be a client that says, you know, I will only want 24 seven, but as long as they accept that and sign that away, then everyone’s really happy with that.
Dan: And, obviously still, still MDR, XDRs
Ian: Coming back to that. Yeah.
Dan: and, but you’ve actually now given me another question as well. So I’ll just put it out there because you might answer it in, in, in talking about the other topics, which is, like you, you described there quite a sophisticated, Seller buyer interaction, at the SME end of the market, where we’ve got uneducated buyers, just give me some of those securities, please, thank you and, perhaps, perhaps consider that a little bit as well in some, you know, is there a difference between those, sophisticated, non sophisticated buyers and sellers
Ian: Yeah, of course. For sure. I mean, it’s going to be very difficult, to maybe, have those kinds of mature conversations with, a small to medium size or certainly more small than medium, small type companies who, who, like you say, just want to tick a box, and it doesn’t help when there’s a lot of, resellers out there just, you know, That’s bashing away on the phones and promoting, you know, MXDR type services.
Ian: And I won’t mention the vendors, but there’s. Tons of them out there, all delivering this MXDR type of, delivery capability, and then obviously you’ve got, Microsoft and companies that have entered the market with their own capability around MXDR. So it’s a bit like, well, okay, well, let’s understand what does that look like?
Ian: and you know, what. Elements to the MSP still have to be responsible for managing and supporting once they, you know, implement those technologies, or is it going to be a complete, you know, white label type service and they vented into a service delivery capability with a provider that will own and take more responsibility and the overarching delivery of all those services for that reseller or MSP, I should say. but there is, there’s so much activity going on at the moment, you know, you know, and I know, and I don’t know how much we can talk about different brands and so forth, but, there’s probably five or six really big brands right now selling MXDR type services.
Dan: and presumably. Um, soccer’s, you know, it’s,
Ian: it is not. No.
Dan: and so, what would you expect is that basically super antivirus and
Ian: I would get probably shot, if I was sort of summarizing it that way by these vendors, but you have to understand that, you know, these, vendors, what would be a typical, Implementation of an MXDR, let’s throw out there like a Sophos, for instance, and I’m not just saying Sophos, but it could be CrowdStrike.
Ian: It could be any of the others. It’s volume, isn’t it for them? So if they were going to take on a thousand customers. ingesting that amount of information. How are they going to see all of their problems? How are they going to see all of the, so there has to be some responsibility and accountability by the MSP to be looking at this information as well and to better understanding what the threat landscape looks like for their customer.
Ian: so the way I look at it is whether it’s. Sophos, CrowdStrike, Sentinel One, or any of them, their systems are ingesting so much data and so much information that there has to be, the MSP has to take a lot of responsibility in delivering the endpoint security as well. And if you don’t want that responsibility, then you should be careful about.
Ian: Reselling those systems, or maybe setting the expectation with the client that once they’ve invested in these MXDR solutions, that they’re all covered.
Dan: quite right. So, effectively you could have. and I think this is probably the, where I was sort of going with that question that you’d have, you would have to have a, an M XDR product, that, that then, there will be some, response from that, but really you need a SOC to be able properly manage that, rather than, you know, it’s not, you can’t buy a SOC for that price point compared to the three and a half million dollars that, that you’ve got, that we’ve got at the other end of something entirely just for you and, you know, fully configurable.
Dan: Yeah. there’s, you’re not comparing apples of apples, essentially.
Ian: definitely. And I think that’s the, I guess that’s the logical, Optics of it all, it’s a bit like, what do you expect from what investment? So if your end user is, if your end customer is paying three or 4, 000 pounds a year for an MXDR solution. Are they honestly, hand on heart, expecting that to, to cover everything from a security perspective?
Ian: and what isn’t it covering? And that’s what the MSP has to, Better understand is what isn’t going to get covered and so that they can either compliment that or say to their client, yeah. And these are the areas it doesn’t cover. So you have to fully understand what those areas, the vulnerabilities look like.
Adam: taking that example in would you say it’s okay for an MSP to be promoting a hybrid set of services to their client base whereby Budgets then dictate, where they go, where their own clients go on this. and as long as we’re educated on the risks, and the level of service that they get, it’s fine to, to have that non SOC based solution, as long as there’s that clarity and understanding of what they’re
Ian: Yeah. I don’t think every customer needs a SOC. By any imagination, because it depends on how simple their infrastructure looks like. So if you’ve got a client that’s predominantly running Microsoft 365 and then running other, SAS based applications, I would imagine their environment’s pretty simple.
Ian: So does a SOC look sensible to them? And again, obviously we’ve mentioned a couple of vendor products, names and so forth, but then you’ve got recently with Microsoft and Microsoft Sentinel entering the market to offer a, seam and, And like a virtual SOC kind of capability using AI. and if you have a client then using Defender as the endpoint security solution, it’s questionable.
Ian: Do you need a fully manned SOC at the end of the day? but as we all know, if we’ve got clients that are more complex, And need much higher levels of security and resilience. So, for instance, we’ve got lots of clients in insurance and financial services, and they’re heavily regulated. So, just having a environment that relies on, tools like MXDR tools.
Ian: That wouldn’t be sufficient. They need far greater evidence of how things would be supported in a number of different outcomes and different kinds of environments and their regulatory compliance and governance demands that they are more rigorous. In their approach.
Dan: And, I mean, probably an impossible question to answer, but if I’m, if I’m now in the role of, an advisor for an MSP talking to an end user, Business and I’m describing educating that the difference. So, and to take your example, M XDR solution 4,000 pounds a year.
Dan: a, A far more sophisticated, solution that would stand up to the sort of governance that might be, might come with, with regulation, for example, what are we talking about in terms of the swing there? Am I saying, you know, MXDR is like. 10%. And like, if you want to, if you want to go proper all out, you need to be spending 40, 000 a year.
Dan: and, you know, to help, get a sense of scale for, to help
Ian: So I would say that, if it was that, your MXDR sale was four to 5, 000 to have a similar kind of scenario, plus a SOC probably would cost 25, 000 to 30, 000,
Dan: Okay. Okay. So I wasn’t far off then.
Ian: wouldn’t be.
Dan: bit of margin. Yeah.
Ian: perspective, I think, because. You know, the mxdr sale of the software and the, and obviously there’s an additional service by the vendor. that would be a relatively small environment. I would imagine, you know, you’re probably looking at a 10 to 20 user kind of environment, for 4, 000 pounds.
Ian: Maybe kind of thing with an MXDR solution. obviously as you start getting customers with a hundred to 200 and 300 employees, then obviously it becomes more complex and particularly those who are then distributed across multi sites. And that’s when it becomes a little bit more. Complicated in how you deliver those services and again, sector specific.
Ian: So for anyone who’s operating in financial services and insurance, they’ll probably already know that it’s pretty rigorous and what needs to be done. You’ve also got new sectors being dragged into more regulatory compliance and governance, and that’s those who are delivering services into critical national infrastructure.
Ian: and there’s a new framework coming downstream called NIST2 in which it opens up to 11. Sectors, before I think it was four. So there’s more being brought into, requirements for better cyber security and resilience. so yeah, so, and you will have seen, probably a much bigger adoption of things like cyber essentials and cyber essentials plus, so all of these things start to bring more conversation and more, demand.
Ian: Around better services and, again, more capability around how do you react to a cyber incident? And I know recently we all attended a talk in London and cyber instance response was a big conversation at the time on the day, and that’s becoming really quite, A key topic, because, most people are quite conversant with disaster recovery, but the likelihood of a cyber attack is far greater than it is for a fire or flood or earthquake.
Ian: So, you know, it has to be, well planned and detailed. because the eventuality or the percentage of a cyber attack is pretty high.
Dan: That probably nicely takes us into that sort of third part of the picture, which was the, response itself and who does what, and, and so regardless of our, the sophistication and budget of our solution to, to find and, mitigate an issue, the response, the resolution then has to follow and, That again, presumably there’s an education piece there, that the MSP or the vendor or the customer, aren’t gonna be able to do any of that in individually.
Dan: You know, there’s gotta be a team approach and you then gotta coordinate it and, presumably that’s part of the education
Ian: Yeah, totally. I mean, I think, all of this has to be discussed advance of a cyber attack, because as you can imagine, everyone’s in panic mode when they first find out that they are, have been hacked and all the systems are encrypted and the ransom demands start coming through. What do you do because everyone thinks so well, we can just email everybody.
Ian: Well, your email system’s down and it’s encrypted. So how do you communicate to all of your employees and your suppliers and your clients that you now are rendered inoperable? Yeah. So these things have to be discussed and role plays and who gets informed. And again, it’s, there’s an element of obviously.
Ian: regulatory requirements to notify the, information commissioner’s office within 72 hours, I think it is these days. but even before you get there, three days is a long time and you need to be getting in touch with your clients and your suppliers as quickly and as swiftly as possible with a reasonable and sound message and not one that’s all about panicking.
Ian: So, you know, you need to think about the image and. The, the language you use when you actually inform your clients, because what you don’t want them to do is all run to the hills and, start thinking that they have to find another provider or another supplier, you know, and all this kind of stuff, because believe me, you know, it’s been well documented.
Ian: There’s a last year, a haulage company been around for a hundred years, went into administration after a cyber attack and, you know, a huge provider of logistics and they went under within two or three weeks.
Adam: Amazing. that, that whole role playing cyber incident planning piece, was great for us when I had my MSP, it did a fantastic job in, in opening up those conversations because it wasn’t until business owners sat around the table and presented with a scenario and that they, and they had to start thinking through it.
Adam: And writing out and discussing a response to it that the penny sort of finally dropped almost. And exactly what you’ve just said, you know, well, how do we communicate with everybody when you haven’t got an email system, you haven’t got telephone system that’s working and everything else. And,yeah, so, so, I think that has to be front and center of all the discussions and all of the, commercial, piece that goes into, to, to, to selling a security solution, really.
Adam: And I think it’s, I just think it’s often missed really and forgotten about. so that’s certainly something that was huge for us. And I think it just really helps in, that whole selling process where you’re, you know, you, it’s the client that is working out what risk they want to take and what therefore, what budget they want to portion to that.
Adam: but they can’t really see it until they’ve started to really think it through and thought about the repercussions. So, so it’s just, yeah, I find that whole area fascinating and I’d advise our listeners to, to really think about if they’re not doing that already to start doing that.
Ian: No, I agree. and, and actually what you’ll find is, it’s enlightening to all both the managed service provider and the client, and you start having, like I say, this mature and grown up conversation, you’re not subservient any longer, you are part of the solution. And it’s a bit like, we’re in this together, Mr.
Ian: Customer. So when this happens, what do we all do? You know,
Adam: Yeah. Yeah. Cause you don’t just call us cause that’s what you’re thinking, isn’t it? You’re thinking you’re going to call us. So we’re going to fix it. It doesn’t work like that.
Ian: And it’s a bit like, do you have cyber insurance? Okay. What’s included in your cyber insurance? Because there will be an element of some services in your cyber insurance. There’ll be some, you know, capability. That they will be working with a cybersecurity company, the insurance company, and there’ll be some forensic stuff and so forth.
Ian: But at the end of the day, you need to be ahead of this and you need to know. And it’s like, yes, you need to call your insurance company because they need to be making the appropriate plans. And their own cyber instance response teams get mobilized, but at the same time, you need to be able to communicate effectively to all of the directors, all of the shareholders, all of the key staff and it just goes on from there and there.
Ian: So, and if you don’t do that role play. And there’s so many options now. I mean, again, a lot of the companies that started out doing cyber awareness training software are all started to bring products to market that do tabletop role playing and all this kind of stuff. So three years ago, the cost of tabletop.
Dan: Role plays were probably 1, 500 to 2, 000 pound a day kind of thing. And you bring a consultant in and they sit and go through it all. Now you can buy it as a software and you can do a simulation and it will help you guide you through that process. Sounds like, that’s the, that’s the place to start then, for any MSPs talking to their talking to their clients about that, that topic, start with the end in mind, when, not if, and, you know, we want to be prepared, so, and, and everything else can then sort of flow from, flow, flow from there.
Dan: So, really fascinating discussion. so this is the point where we offer you the shameless plug. Um, or indeed if, any of our listeners are interested just in, carrying on the conversation with you,
Ian: Yeah, well, I’d say. I’d probably just ask that, you know, if you are an MSP and you have any thoughts, concerns, or want any ideas, just pick up the phone or drop me an email. Really happy to help. As you know, Dan, I’ve been involved in the comp tier. committees and, you know, I’m keen to try and help this, the sector, you know, there’s enough business for everybody, you know, it’s not a case of that.
Ian: You have to get your hands around like that. And I’m protecting everything. And if I can help shape, the MSP landscape so that we are. Delivering better services and better standards, then that, that’s good for me and it’s good for everybody. And I think also on the point of, of the shameless, pitch about our business, again, there’ll be lots of information coming out into the marketplace over the coming months about our platform, so don’t have to.
Ian: But one of the things that again, picking up on the early conversation is that we know what it’s like being an MSP. And this is why we’ve developed, artificial intelligence capability because we know lots of customers won’t. Pay for a SOC, but they will pay for something that’s 10 percent of that cost.
Ian: So if we was pitching a SOC at 30, 000, we can sell a SOC at 3000 and clients will pay that and it gives them 24, seven cover. so yeah, so it’s, it’s exciting times and, I think just one big point that is talked about a lot when I go to lots of events, everyone is it the death of the MSP?
Ian: And I actually think the MSP has never been in a better place to advise their customers. And, and I think there’s more relevance now than it has been ever.
Dan: agreed. And, yeah, fundamentally, it’s a growing market because there’s More and more customers out there with more and more sophisticated needs and, they need more and more help. So, so a agree. Yeah. and it’s, yeah. if there was ever a great time to be an MSP, now is
Dan: now is then. Yeah. so, so yeah. yeah, really appreciate you joining us and pr Perhaps we’ll have you, have you return, when the, when the ai, the virtual. The virtual SOC, is, available and, look forward to carrying on the conversation then.
Ian: Dan. Thanks, Adam. Thanks for your
Adam: Thanks Ian. Bye.