Prospect Research Brief: SecureNet Solutions, Inc.

Company Overview

• Industry: IT Services and IT Consulting (Managed Service Provider)
• Size: 11-50 employees (approximately 15 on LinkedIn)
• Stage: Established company (founded 2002, 23 years in business)
• Business Model: Managed IT services provider serving as outsourced IT department for regional businesses
• Headquarters: Tarzana, CA (Los Angeles area) - 18980 Ventura Blvd, Suite 101
• Recognition: 2018 & 2022 winner of Channel Futures MSP 501 ranking
• Key Partners: Cisco, Microsoft, IBM, HP, Lenovo, Sonicwall, VMware, Citrix

Recent Developments (Last 90 Days)

⚠️ Limited Recent Company-Specific News Found - This is common for small-to-midsize managed service providers.

1. Recent Hiring Activity (4 months ago)

   • Posted Tier I Help Desk Technician position requiring 3+ years IT support experience
   • Signals continued operations and potential client growth
   • Focus on tools: ConnectWise, Microsoft 365, Google Workspace

2. Industry Trends Affecting SecureNet (2025):

   • vCISO Service Demand Explosion: 86% of MSPs either currently offer or plan to offer vCISO (virtual CISO) services by end of 2024, driven by SMB clients needing strategic security direction beyond tactical support
   • Security Tool Complexity Crisis: MSPs managing 30+ security tools on average, creating blind spots and coordination challenges
   • Cybersecurity Talent Shortage: 68% of MSPs face cloud security skills gaps and high turnover, making it difficult to deliver security services clients demand
   • Ransomware Persistence: 5,414 global ransomware attacks in 2024 (11% increase), with SMB clients increasingly demanding protection

3. Market Opportunity:

   • Security awareness training market valued at $5.77B in 2025, growing to $12.70B by 2030 (17.1% CAGR)
   • 90% of SMBs use MSPs for IT needs - SecureNet’s core market
   • Los Angeles MSPs typically serve healthcare, finance, legal, professional services, property management, and entertainment/media

CISO Persona Analysis

Role Context: At a small MSP (15 employees), the “CISO” role likely combines with another title (VP of Operations, Director of IT, or even owner/founder managing security). This person wears multiple hats and faces resource constraints typical of small firms.

Typical Pain Points for CISO at Small MSP:

1. Protecting Clients with Limited Resources - Must deliver enterprise-grade security to clients while operating on SMB budget and headcount
2. Human Risk is #1 Vulnerability - 88% of data breaches caused by human error, yet clients resist or deprioritize employee training
3. Security Awareness Program Challenges:
   • 45% say existing training needs more up-to-date information
   • Only 31% prioritize “building a culture of security awareness”
   • Clients don’t have time or personnel to manage training platforms themselves
   • Training content becomes stale/obsolete quickly as threats evolve
4. vCISO Service Operationalization - Clients increasingly request strategic security guidance beyond break/fix support, but MSPs lack processes and frameworks to deliver consistent vCISO services at scale
5. Tool Stack Overload - Managing 30+ security tools creates blind spots, alert fatigue, and coordination issues
6. Demonstrating Value to Clients - Must prove ROI on security investments to SMB clients focused on cost containment
7. Compliance Pressures - Clients in healthcare, finance, and legal (common in LA) face regulatory requirements (HIPAA, PCI-DSS, SEC disclosure rules) but lack internal expertise

Psychographic Insights:

• Pragmatic and cost-conscious (small firm mentality)
• Results-driven (clients judge on uptime and incident prevention)
• Relationship-oriented (23 years in business = long-term client relationships)
• Values partner ecosystems (Cisco, Microsoft partnerships signal trust in established vendors)
• Likely feels stretched thin managing both technical and strategic security

Personalized Talking Points

1. vCISO Trend Hook: “86% of MSPs are adding vCISO services because clients are demanding strategic security guidance, not just break/fix support. Are your clients asking you to be their CISO?”

2. Human Risk Validation: “With 88% of breaches caused by human error, your clients’ employees are the biggest vulnerability you’re managing. How are you currently handling security awareness training across your client base?”

3. Tool Overload Empathy: “Most MSPs we talk to are juggling 30+ security tools and still have gaps. Security awareness training that actually changes behavior is one of the highest-ROI additions to your stack. What’s your current approach?”

4. Client Base Context: “Working with LA companies in healthcare, finance, and legal - they all have compliance requirements that mandate employee security training. Are clients asking you to help them check those boxes, or are you leaving that revenue on the table?”

5. Recurring Revenue Angle: “Security awareness training is one of the few true ‘set it and forget it’ recurring revenue streams for MSPs. Threats evolve constantly, so training never ends. How are you thinking about adding predictable MRR?”

6. Resource Constraint Recognition: “At 15 people, you can’t dedicate someone full-time to managing security awareness programs for all your clients. What if you could white-label a platform that runs itself and positions you as the strategic advisor?”

7. MSP 501 Recognition: “Congrats on making the MSP 501 in 2018 and 2022 - that’s serious credibility. What’s your growth strategy for the next recognition cycle? Adding managed security awareness could differentiate you from the 500 other MSPs.”

Discovery Questions to Ask

1. “How many of your clients have asked you about security awareness training or compliance requirements in the last 6 months? What did you tell them?”

2. “When a client gets phished and clicks a malicious link, who’s responsible? How do you prevent that from happening in the first place vs. just cleaning up after?”

3. “You’ve been in business since 2002 - what’s changed the most about what clients expect from their MSP in terms of security vs. 5 years ago?”

4. “Are you currently offering any form of vCISO or strategic security advisory services? If so, what’s working and what’s challenging? If not, what’s holding you back?”

5. “What percentage of your clients are in regulated industries (healthcare, finance, legal)? How are you helping them meet employee training requirements for HIPAA, PCI-DSS, or SEC cybersecurity disclosure rules?”

6. “If you could wave a magic wand and add one security service to your portfolio that would generate the most MRR with the least overhead, what would it be?”

Potential Objections to Prepare For

Objection #1: “Our clients won’t pay for training - they barely want to pay for the basics”

• Reframe: “I hear that a lot. What usually changes the conversation is framing it as compliance + cyber insurance requirement, not optional training. Companies with quarterly phishing simulations get up to 20% discounts on cyber insurance premiums. Your clients are already paying for insurance - why not save them money while generating MRR for you?”

Objection #2: “We don’t have the bandwidth to manage another service offering”

• Reframe: “That’s exactly why the best MSPs white-label automated platforms. You’re not building content or running simulations - the platform does that. You’re positioning yourself as the strategic partner who brought them the solution. The typical MSP analyst-to-client ratio is 5:1 with automation vs. unsustainable 1:1 manual delivery.”

Objection #3: “We already include some basic security tips in our client newsletters”

• Reframe: “That’s great - you’re already doing awareness. The question is: can you measure behavior change? Can you prove to a client’s cyber insurance carrier that employees know how to spot phishing? The gap between education and proven behavioral change is where liability lives. How do you currently demonstrate that employees are actually getting safer?”

Objection #4: “We have partnerships with [security vendor] - they offer training”

• Reframe: “Smart - you’re already thinking about this. Most vendors bundle training as a checkbox feature, not a core offering. The question is: does it actually get used by your clients? Is it customized to their industry? Can you report on completion and improvement metrics to their board? If yes, great. If no, that’s a gap you’re liable for.”

Competitive Positioning Notes

⚠️ MODERATE COMPETITIVE SENSITIVITY - SecureNet Solutions is a managed service provider (MSP) that may already use or resell cybersecurity training solutions from existing vendors.

Competitive Relationship: Potential Enhancement/Replacement

• Overlap: Both serve SMB clients who need employee security training
• Gap: Many MSPs use bundled/generic training from security vendors that lacks customization, measurable behavior change, and true managed service automation
• Complementary Angle: Position as “the training platform built for MSPs to profitably deliver to clients” rather than “a better training tool”

Positioning Strategy: Partner/Enabler Approach

DO NOT:

• ❌ Position as direct competitor to their existing security stack vendors
• ❌ Criticize their current approach or vendor relationships
• ❌ Lead with “replace what you’re doing”
• ❌ Frame as “we’re better than [vendor they use]”
• ❌ Assume they have no training solution in place

DO:

• ✅ Position as MSP-specific enabler: “Built for MSPs to profitably deliver managed security awareness”
• ✅ Lead with revenue opportunity and MRR growth (MSPs care about margins)
• ✅ Emphasize white-label and automation (saves their time)
• ✅ Frame as compliance accelerator for their regulated clients
• ✅ Focus on measurable behavior change and reporting (differentiates from generic training)
• ✅ Acknowledge they may have something in place: “What are you using today? What’s working and what’s not?”
• ✅ Highlight client retention angle: “When clients see measurable security improvements, they don’t churn”

Key Message: “We help MSPs like SecureNet turn security awareness from a liability into a profit center, with automated training that clients love and compliance officers can actually report on.”

Research Sources

• SecureNet Solutions LinkedIn company page (employee count, recent hiring, services)
• CloudTango MSP directory (company profile and recognition)
• Multiple MSP industry reports on 2025 trends (vCISO demand, tool complexity, talent shortage)
• CISO surveys (Proofpoint 2025 Voice of the CISO, KPMG CISO Challenges)
• Security awareness training market analysis (Mordor Intelligence, 360iResearch)
• MSP cybersecurity trends (Cyvent, Sherweb, Lumifi, TechTarget)
• Industry analysis on human error and training effectiveness

Research completed in: 3 minutes 45 seconds
Time saved vs. manual research: 15-28 minutes

Key Takeaways for Your Meeting

1. Lead with empathy: They’re a small team (15 people) managing complex security for multiple clients. Acknowledge the resource constraint reality.

2. Frame as revenue opportunity: MSPs think in MRR. Security awareness training is recurring, profitable, and increasingly non-negotiable for compliance.

3. Anchor to industry trends: vCISO service demand (86% of MSPs adding it) creates perfect opening for “strategic security services” conversation.

4. Acknowledge their expertise: 23 years in business + MSP 501 recognition = they know their clients. Don’t “educate” them on security - ask what they’re seeing and offer a solution to problems they already know exist.

5. Focus on client retention angle: Their long tenure suggests strong client relationships. Position training as “how to deepen those relationships and prevent client-side breaches that damage trust.”