Blackpoint Cyber CEO: We’re ‘Tripling Down’ On MSP Market
‘Our whole strategy was to have a whole ecosystem of products that saves MSP spend, simplifies it so they get better margin and then we’re also heavily investing in partner enablement. ... We’re really focusing on teaching MSPs great habits, pricing and packaging, structured selling,’ says Blackpoint Cyber founder and CEO Jon Murchison.
With a recent $190 million funding round and exponential growth, Blackpoint Cyber is “tripling down” on MSPs as its CEO said the market continues to grow.
“We’re going to continue to invest heavily in MSPs because this market is huge,” Blackpoint Cyber founder and CEO Jon Murchison told CRN. “This market is growing at a 12 percent compound annual growth rate. Advanced security services are growing at about a 32 percent compound annual growth rate in MSPs. This is why you’re watching all the big companies come in, this is why you just saw Bain and Accel invest in us because MSPs are just growing. They have a great reason to exist and continue to grow. So I see us really tripling down on that.”
In June, the Ellicott City, Md.-based cybersecurity company secured $190 million in funding through Bain Capital Tech Opportunities and Accel to fund further development of security technology and enable its partners to combat the ever-evolving threat landscape.
It’s also hiring top talent. On Thursday, it unveiled the appointment of security industry veteran MacKenzie Brown as its new vice president of security.
“MacKenzie’s expertise in organizational security resilience further solidifies Blackpoint’s position as a thought leader in the security space,” Murchison said in a statement. “We are thrilled to have her on the Blackpoint team, where her experience will help advance our own organizational security initiatives as well as those of our partners.”
Brown joins Blackpoint following tenures at Optiv and the Microsoft Detection and Response Team, where she guided organizations in improving their security posture through Microsoft security solutions. She also developed security teams and training programs and supported organizations through incident recovery.
Brown will lead Blackpoint’s internal security strategy while enhancing the company’s product ecosystem and security focus on MSP and cybersecurity communities.
“For us I think a lot of our focus this year is a lot of hardcore people, process, ownership and we’re only hiring pro-level executives coming in now,” Murchison said. “That’s one of the advantages we get with being in Accel—their network of talent is just massive.”
Here is more of what Murchison had to say on growth, investment and where Blackpoint is headed in the future.
In June, Blackpoint Cyber secured a $190 million investment from Bain Capital and Accel. What will that investment go toward?
We wanted to make sure our ecosystem was hands down the best in the MSP space for security products. This money is going in a few core areas. We’re going continue to push the envelope on R&D. We have a unit called the Adversary Pursuit Group, which is our full-time threat intelligence rapid prototyping. Our whole strategy was to have a whole ecosystem of products that saves MSP spend, simplifies it so they get better margin and then we’re also heavily investing in partner enablement. We just launched Blackpoint University, which is starting with six courses. We’re really focusing on teaching MSPs great habits, pricing and packaging, structured selling and we have a whole leadership course taught by highly decorated former Special Operations officers. We’re really trying to do everything we can to work with our partners to level up everyone’s skills as they go to market and teach them how to sell security and how to get value out of security, even if they haven’t been hacked. Then obviously [we’re investing in] a massive go-to-market machine expansion, so our marketing and sales teams. There’s a big investment to push the pedal down.
What do you hear from partners in terms of their biggest challenges, and how is Blackpoint helping them?
The challenges I think have been the same. A lot of times challenges on the front end are lead generation on the business side. There’s challenges with how to have a security stack that makes insurers happy, that’s definitely a big one. The other thing is actually selling security. I think a lot of times we see MSPs try to upsell it and at the end of the day, whether you buy the security- plus package or whatever is being sold, if your customer gets ransomware they’re blaming you anyway. I think some of the pain is actually teaching them how to sell the value of the entire MSP offering with security baked in from the front. That helps post-sales customer success. When you upsell and then you do a QBR four months later, and maybe you haven’t been hacked, how do you show value? ...
And then vendor creep, having too many vendors, too many products that are hard to manage. Our whole strategy is we haven’t rraised prices since 2019 and we’ve added five products to the bundle. We’re going to continue that strategy to the point where our platform hopefully pays for itself. Security is very tricky, and it takes a huge amount of experience and a huge amount of investment.
What is your biggest pain point?
I would say our biggest pain point is probably the war for talent. We’ve been pretty successful with elite talent but it’s always an issue. With the announcement of Bain Capital [investing], we’ve gotten blown up with talent, so that’s really helped. But that’s always one. I think the other thing is, to be candid, when you’re growing this fast it’s managing growth and getting employees on-boarded and up to speed. ... For us I think a lot of our focus this year is a lot of hardcore people, process, ownership and we’re only hiring pro-level executives coming in now. That’s one of the advantages we get with being in Accel—their network of talent is just massive.
What cybersecurity trends are you watching right now?
There’s two major trends that we see. We’ve watched ransomware groups shift away from hardcore malware. Instead they use IT tools to hide in plain sight. Think about it, what is an IT professional? They install software on a computer, they put data on a computer, they take data off the computer. What’s a ransomware operator? Take data off the computer and install ransom encrypted software. What they’re doing instead of all the spooky malware and everything, there’s always a little bit of it, they’re using tools this whole community uses. We catch a lot of lateral movement. We don’t care what toolset you’re using, it’s malware. That’s one big live-off-the-land hacking techniques. The other big trend is we’re seeing a massive increase in Microsoft 365 attacks with MFA bypass.
Talk to me about how you think AI will help cybersecurity in the channel.
Humans are very clever, they’re very smart, but even with people 24x7 there’s a certain fall on analytics you want to have done. I think AI will make a huge dent if you have the right data set and you train it. Most of the data sets I see out there train unknown bad as opposed to, if you train good, bad tends to fall out. It’s not a magic box, but I’m convinced personally with our data set, it will be extraordinarily effective.
What differentiates Blackpoint from competitors such as Huntress and Barracuda?
I think the biggest difference is the breadth and depth of our tools is far deeper than any of our competition. We’re really almost like a SOC as a service right out of the box. I think the other ones are a little bit more EDR-focused. We handle a lot more than just that, it’s just a totally different DNA.
You recently launched managed application control products. How does that help partners make or save money?
There’s a lot of ways people try to catch hackers or reduce risks. One of them is a concept where you have a certain set of applications that are good and everything else is auto-blocked. We felt a curator approach was more effective where our Adversary Pursuit Group is always looking at what adversaries are actually using. That was a play to help make it easier. We take all the work. Any time a customer has an application blocked, and it’s not like an admin tool that hackers are using … something they want to use for productivity, that puts the MSP in an awkward position because now security is becoming like the anti-get-[stuff]-done department. You never want that because then people work around it. We took this curated approach because the reality is end customers should almost never be asking for the types of tools we block, so they shouldn’t even know what’s running. And that’s good security.
Where do you see Blackpoint in one to two years? What does your road map look like?
We’re going to continue to invest heavily in MSPs because this market is huge. This market is growing at a 12 percent compound annual growth rate. Advanced security services are growing at about a 32 percent compound annual growth rate in MSPs. This is why you’re watching all the big companies come in, this is why you just saw Bain and Accel invest in us because MSPs are just growing. They have a great reason to exist and continue to grow. So I see us really tripling down on that. I’m probably going to wait a year but we have this platform and stack that’s far superior than what MSSPs are using. We’ll probably start targeting that market a little bit in the future.