Dror Liwer Coro Transforming MSPs The Secret to 2600 Growth in Cybersecurity

[00:00:00] Looking to grow your MSP Cybersecurity division 2600% in 2025? I bet you are. Let's learn today how to take the first step with Dror Liwer from Coro.

[00:00:12] Good morning everybody and welcome to the latest installment of MSP Business School. As always, I'm your host Brian Doyle and I'm excited to be with you today as we are heading into the holiday season here.

[00:00:35] Hope everybody's getting ready, getting their shopping done and all that. I think as this goes live we're going to be about a week away from the holidays so

[00:00:43] really hope you guys are all winding down, closing out 2024 strong and getting ready for the new year.

[00:00:49] But today the real spotlight is going to be on our guest Dror Liwer from Coro today and he's going to talk about kind of a really strong cybersecurity story

[00:01:01] that Coro's put together and what they're doing to really enable the MSP community to protect their clients,

[00:01:09] understand the data that their end users are using better and really make sure that they can do it through a single pane of glass.

[00:01:16] And that's one of the biggest challenges as our stacks continue to get overrun.

[00:01:20] So with that said, I'd like to welcome you, Dror. Thanks for joining me.

[00:01:24] Thanks Brian for having me. I'm very excited about this.

[00:01:26] So, you know, I always like to kick things off with help people understand who you are and your journey into,

[00:01:32] you know, being one of the co-founders over at Coro.

[00:01:36] Sure. So I, as you mentioned, I'm Dror, one of the co-founders at Coro.

[00:01:43] Coro is actually the seventh company that I helped create.

[00:01:48] The other three, the other six, three were acquired, two IPO'd and one failed.

[00:01:56] So some people say I am a habitual entrepreneur and my wife calls it a masochist.

[00:02:04] Yeah, I think there'd be a few wives that would agree with that.

[00:02:07] I know mine sits on that side a little bit too, as I've been on a couple of startup journeys during my career.

[00:02:13] But, you know, I think one of the key things that you said there though, is it's not always all success too.

[00:02:19] But even when we have those failures, I'm sure you had some great takeaways that came out of that as well.

[00:02:26] I think all of us learn from things that don't go well more than what we learn from things that go extremely well.

[00:02:35] Because we naturally sometimes take for granted stuff that goes well.

[00:02:39] And when something doesn't go as we plan, that's where we really stop and think what went wrong?

[00:02:46] What can we learn? How can we make sure it doesn't happen again?

[00:02:50] So I think the most valuable lessons actually come from when things go not in the direction that you've expected.

[00:02:58] And sometimes the outcome is a positive outcome, but just the fact that it went into a trajectory or a journey that you didn't expect, that's where the big takeaways of learning happens.

[00:03:11] Yeah, I agree completely with that.

[00:03:13] I look at those things that become, I'll call it challenges, because not all of them are full out failures, right?

[00:03:19] They could be roadblocks that slow growth or put you in a negative stance for a little while.

[00:03:23] But the things we learn crawling out of that, the approaches we take to make those next moves and to make those shifts to get back to the success that we were once experiencing, they're invaluable, right?

[00:03:36] And they're really the lessons that carry forth as you start as a serial entrepreneur, as you've been.

[00:03:41] So you don't make those mistakes again down the road in the future.

[00:03:45] I think that's exactly the point.

[00:03:47] You need to, the most important lesson is to learn.

[00:03:52] We are on a journey of constant learning in everything we do, both professionally and personally.

[00:03:58] It's, you know, a day that I haven't learned something new is a wasted day as far as I'm concerned.

[00:04:04] I agree.

[00:04:05] I mean, that falls into a statement I've always felt too.

[00:04:07] Every day I get stupider because every day I realize there's more and more in our field of technology that we just don't know about.

[00:04:14] And we can't possibly learn it all right, which is why we scale our teams and find good people.

[00:04:19] And it's amazing how, you know, how vast the journey really is.

[00:04:24] Indeed.

[00:04:25] So, you know, let's shift gears a little bit.

[00:04:28] You know, you've shared a little bit of, you know, kind of the high level of your backstory on how you arrived in Coro.

[00:04:33] Have you been in, you know, is Coro the first company that you brought into the MSP space?

[00:04:38] Have you had some prior success in this space as well?

[00:04:40] You know.

[00:04:42] So great question.

[00:04:44] Coro is the first company that is selling through MSPs or supporting MSPs with cybersecurity.

[00:04:51] But one of the companies that I founded and sold was a service provider.

[00:04:57] So I've been on both sides.

[00:05:00] I understand the journey that our partners are going through because I was there.

[00:05:06] And, of course, I know we as a company focus very much on delivering a lot of value to our partners.

[00:05:16] We're a partner first company.

[00:05:17] The vast majority of our sales come from selling with partners.

[00:05:23] And as such, we make sure that we make working with us as easy, as simple, and as lucrative as possible for our partners.

[00:05:33] You know, I think you mentioned something very critical there.

[00:05:36] We're seeing that some of the best performing vendors in the MSP space have founders that spent time in the MSP community.

[00:05:42] There is absolutely a unique quality to the service provider community.

[00:05:48] And I think there's also a sensitivity that comes out of it.

[00:05:51] And you guys appear to be addressing it head on.

[00:05:54] You know, the service provider has a lot of sunken costs before they make $1 building out their stack to provide services.

[00:06:01] And one of the things that really becomes challenging is the more technologies you have, the more you have to train, the more you have to get people ramped up.

[00:06:08] And it appears, you know, I'll call myself an outsider looking in on this piece of it.

[00:06:12] That's really what Coro is looking to address is how can we simplify some of the cybersecurity stack and make it easier for your teams to be trained and execute?

[00:06:20] Maybe you can share a little bit about kind of what the vision for Coro is today.

[00:06:25] Sure.

[00:06:25] So our vision is to protect every small and midsize company in the world.

[00:06:33] And our mission is to do it by building a legion of partners that use our groundbreaking technology to protect those small and midsize businesses.

[00:06:46] And we understood very early on that in order for that to be successful to work, we needed to address three of the most important aspects of why cybersecurity wasn't delivered as effectively to the SMB market as it has been to the enterprise market.

[00:07:06] And there were three things that are associated with that, especially when it comes to MSPs.

[00:07:10] One, when you build an enterprise-grade stack of disparate tools, it becomes, first of all, as you said, a huge sunk cost.

[00:07:22] And then you need to have very, very knowledgeable team members that can operate that stack.

[00:07:30] And then to be able to sell it to a customer, you end up creating a very large ticket price for that customer, which the enterprise is able to pay, but the SMB can't.

[00:07:42] So what we needed to do was remove that concept of building a stack of disparate tools and create a single platform that delivers most of what an SMB might need from a cybersecurity perspective.

[00:07:54] Then we needed to make sure that it's extremely easy to onboard both the end customer, but also the MSPs team members themselves so they can ramp up extremely quickly.

[00:08:06] And three, we wanted to remove the sunk cost, the upfront sunk cost.

[00:08:11] So in many cases, MSPs had to make an upfront large investment, both in tools and in training and taking people off billable hours to be able to get trained and certified.

[00:08:24] And we've taken all of that away.

[00:08:26] We basically are saying to our partners, first go sell, prove that there is a business.

[00:08:31] You don't need to pay anything upfront.

[00:08:33] You don't need to build a stack.

[00:08:37] It's already there.

[00:08:38] You don't need to train your team upfront.

[00:08:39] The product is so well designed that even an IT administrator that has zero experience in cybersecurity can operate at day one.

[00:08:50] And then even in the areas that require a lot more expertise.

[00:08:55] So, for example, EDR.

[00:08:57] Some of our MSP partners are getting a lot of requests from their customers for EDR.

[00:09:01] And it's scary, you know, because they've never done it before.

[00:09:05] And then if you go with some of the competitive landscape that is out there today, you need to make a $50,000, $60,000 investment in a product.

[00:09:13] Then you need to send your team for certification for a couple of weeks and so forth.

[00:09:16] It's very difficult.

[00:09:18] So, first of all, you don't need to make an upfront investment.

[00:09:20] And secondly, if you are uncomfortable or your team is uncomfortable supporting EDR, we can support it on your behalf, white label.

[00:09:30] So, you don't need to make that upfront investment.

[00:09:33] You go in.

[00:09:34] We can do the managed services on your behalf.

[00:09:36] First, prove that there is a business.

[00:09:39] Go sell.

[00:09:40] Go bring on customers onto the platform.

[00:09:42] Once you see that you get a lot of revenue from it, by all means, turn off our services and our managed services and take them on yourself.

[00:09:52] Make more money.

[00:09:53] By all means, we're not there to – our managed services offering is an enablement offering.

[00:10:00] It's not a profit center for us.

[00:10:03] The whole point there is to make it as easy and as frictionless for our partners to be able to grow their cybersecurity share of wallet with their customers.

[00:10:15] You know, and I want to stay on that topic for just a moment because I think you're hitting something that's really important.

[00:10:21] You know, obviously today, a lot of MSPs, especially as they're just entering into the market and making and going through their growth and scale mode, don't have that expertise on staff, right?

[00:10:30] They don't have security analysts.

[00:10:32] They've got more traditional IT people usually as they're starting or it could even be, you know, a couple partners doing jack-of-all tradesmaster of none, if you will, as they get going.

[00:10:41] But then having that option when you scale to turn off those services is critical because one of the, you know, things that I've heard through my time in the industry is, you know, we went with so-and-so for EDR, MDR.

[00:10:52] But once we took the R part of it, we were locked into the R part of it with that client, right?

[00:10:57] The response part of it.

[00:10:58] And that is, you know, obviously for the MSP, that is the potential gravy moneymaker in that process.

[00:11:04] Absolutely.

[00:11:05] And the fact that you have that ability for them to then say, look, I want to turn it off for this subset of customers, you know, or they might take on some of the lower tier customers and leave you with the more enterprise-grade clients in their base too.

[00:11:17] And to have those kinds of options is fantastic.

[00:11:20] So good to see you guys.

[00:11:21] Yeah, our entire approach is our job is to make it as simple for our partners to make money off of cybersecurity and make sure that they deliver extremely high quality to their customers.

[00:11:36] Because, you know, cybersecurity is becoming the backbone of conducting business today.

[00:11:45] So our MSP partners' customers, the end customers, view cybersecurity today as the cost of doing business.

[00:11:53] They can't do business today unless they can prove to their customers that they are cybersecurity.

[00:12:01] So they're looking to our MSP partners to help them with that.

[00:12:06] And we've created the most effortless way to be able to provide that service to that end customer without making a huge upfront investment, without going through a very laborious and expensive certification process,

[00:12:23] and without removing a lot of the risk and offloading a lot of the work itself from people to machines, which is something we haven't discussed yet.

[00:12:35] But the whole concept around the platform, remember I said, you know, most of our customers, our partners don't have dedicated cybersecurity teams.

[00:12:42] And our entire approach was let the design of the product was so an IT professional can become a cybersecurity expert overnight by using our platform,

[00:12:54] because they don't really need to learn the nitty gritty parts of cybersecurity.

[00:13:00] The system does 95% of the work on their behalf.

[00:13:04] And our motto in life is, you know, if machines can do it, people shouldn't.

[00:13:10] Yeah, that is perfect.

[00:13:12] And, you know, let's kind of take a step back because we've talked predominantly about, you know, obviously EDR, MDR, but the platform seems like it has a lot more power than that.

[00:13:21] Maybe for listeners that might not be familiar with Coro today, you can just kind of share what's in the portfolio and what they can take advantage of.

[00:13:30] Yeah.

[00:13:31] So Coro is the world's first modular cybersecurity platform.

[00:13:35] And the modules cover the six key areas of cybersecurity for an SMB.

[00:13:41] So it's the user, the endpoint, the devices they use, the network they're connecting through, the cloud services that they're using,

[00:13:49] the email that they're using, and the data that they're accessing or moving around, right?

[00:13:53] So each one of those six domains, there are modules that focus on that domain.

[00:13:59] And the beauty of it is it's truly a platform, which means all of these modules talk to each other.

[00:14:07] They operate within a single pane of glass.

[00:14:09] There's only one endpoint agent that you need to deploy that covers everything from EPP, VPN, aspects of SASE, endpoint data protection, and so forth and so on.

[00:14:27] So EDR, of course.

[00:14:29] So you deploy one endpoint agent, which is that alone is worth a price of the machine.

[00:14:38] So much work and effort is put into maintaining multiple endpoint agents.

[00:14:44] So one endpoint agent to deploy, one screen to look at, and one platform that is highly automated.

[00:14:52] So a lot of the alerts are handled automatically by the platform.

[00:14:58] Everything is still visible to the operator.

[00:15:00] They can still see everything that was going on.

[00:15:03] Nothing is opaque.

[00:15:04] It's not a black box at all.

[00:15:05] Everything is recorded.

[00:15:06] Everything is available.

[00:15:07] But the important part to remember is that 95% of actions are automated and taken by the platform.

[00:15:15] So the operators, our MSP partners, can support, by an order of magnitude or even sometimes two orders of magnitude,

[00:15:25] more end customers with the same team.

[00:15:28] Well, that concept of self-healing has become a very important part of the security process, too,

[00:15:33] because the quicker things can be identified and obviously the quicker things can be remediated,

[00:15:38] the less chance you have of a widespread outbreak or security event.

[00:15:43] So it's great to hear that you're putting some of that automation into play to really help those MSPs,

[00:15:49] especially those ones that are still early on their growth curve.

[00:15:52] That is really a critical stage for them.

[00:15:55] If you talk to most early-stage MSPs, what their biggest worry, what keeps them up at night,

[00:16:00] it will usually be one of two things, acquisition or attack, right?

[00:16:05] And those are the two things, customer acquisition and continuing to grow or some sort of attack,

[00:16:10] really taking them out and reputationally putting them out of business.

[00:16:14] Yeah.

[00:16:15] Or financially, quite frankly.

[00:16:17] Exactly.

[00:16:18] Exactly.

[00:16:18] We conducted an interesting survey about a year and a half ago,

[00:16:24] and we asked end customers about their relationship to their MSPs from a cybersecurity perspective.

[00:16:31] 43% of them said that they would sue their MSP if they had a breach,

[00:16:36] even if they did not buy cybersecurity from that MSP.

[00:16:41] Let that sink in for a moment.

[00:16:43] Yep.

[00:16:45] And the point is, and when we asked what's the logic behind that,

[00:16:50] they're like, well, you sold us and you're managing our Office 365.

[00:16:55] You told us it was safe.

[00:16:57] You told us it was secure.

[00:16:58] We got breached.

[00:16:59] It's on you.

[00:17:01] So cybersecurity has become not just a defensive mechanism for the end customer,

[00:17:07] but also the MSPs need to understand their exposure and the fact that even if they don't sell cybersecurity,

[00:17:15] they're expected to deliver security to that end customer.

[00:17:19] And that's a very unfair place to be, so at least make money on it.

[00:17:23] George, I'm so glad you kind of went down that road because it's one of the things that I've said often.

[00:17:28] My day job is one of the co-founders of BCIO Toolbox,

[00:17:32] and we're talking about BCIOs and kind of the merging of the BCIO and BCSO role.

[00:17:36] And the reality is I always tell our customers or tell our MSP partners,

[00:17:41] the customer already thinks you're doing both.

[00:17:43] So if you're not addressing it and finding out how to monetize it or do whatever you want to do with it,

[00:17:47] the point is when there's a problem, they're going to look to you and say, why did you let it happen?

[00:17:51] And now in today's day of cyber liability, if all the boxes aren't checked appropriately,

[00:17:58] their insurance company is going to look first to the MSP and go, can we hold them liable?

[00:18:02] And I pray to God that we're not insuring them too.

[00:18:05] And that's really what you're hearing out there.

[00:18:07] So your point resonates, I'm sure, certainly well with the community that we're talking to today

[00:18:13] because it's definitely hitting me appropriately too.

[00:18:15] It's what is expected from the customer.

[00:18:17] As soon as you take on that managed service contract, they think they've gone like this

[00:18:20] and everything now belongs to you.

[00:18:22] And there's another part to that, right?

[00:18:24] We have to do better training on where the boundaries are early in the relationship as well.

[00:18:28] But that's a whole other conversation we could have another day.

[00:18:31] We always talk about what we call a shared responsibility.

[00:18:35] The end customer needs to understand that this is not a hands-off, okay, I handed it off to the MSP

[00:18:42] and now it's, no, they need to understand and they need to be educated on the shared responsibility

[00:18:48] that is in there and what the MSP signed up for or didn't sign up for.

[00:18:53] What we made possible was the ability to deliver extremely powerful cybersecurity to that end customer,

[00:19:02] even if they are a 15, 20, 30-person shop, still extremely effectively while still making money on it

[00:19:10] because it's very hard with the traditional stack to, even if you're able to push that through

[00:19:16] and sell it to that small business, it's incredibly difficult to actually make money on it.

[00:19:21] And what we've done was we've brought to the table a product and a platform that allows our MSP partners

[00:19:31] to become a trusted cybersecurity provider for their end customers and still make really good profit on it.

[00:19:40] Yeah.

[00:19:40] And again, that whole being a backstop, you're seeing more and more of the MSP community looking to outsource things like SOC,

[00:19:47] looking to outsource help desk, looking to take those services that they can't scale readily and fast enough to meet demand

[00:19:54] and putting it out there and knowing that they've got those resources behind them

[00:19:58] can instill trust so much faster with their customers and be a differentiator while you're trying to make it,

[00:20:04] you know, your customer acquisitions as well.

[00:20:06] You want to hear something interesting?

[00:20:08] We ran another survey, I think it was three weeks ago, and we asked 500 small business owners

[00:20:18] what would make them switch MSPs?

[00:20:22] And 84% said better security.

[00:20:26] And listeners, if you're not hearing that, because the biggest thing we always hear is

[00:20:31] how hard it is to get a customer to switch MSPs, right, when we're in the sales process.

[00:20:37] Highlight your security capabilities if you have them.

[00:20:40] And if you don't have them, you better be thinking about how to build them up

[00:20:42] because, you know, the next generation of MSP is built totally differently than what we were doing.

[00:20:47] You know, Troy, I'm going to assume you were doing your service provider probably in the same generation I was

[00:20:51] where it was still a lot of break, fix, early, you know, all that kind of good stuff.

[00:20:55] Yeah, it was not at all what we are experiencing today.

[00:20:58] Yeah, now it's how do we better secure, how do we, you know, automate, how do we,

[00:21:03] and how do we leverage AI to get, you know, tasks done from a manual to a, you know, automated state.

[00:21:10] So I think MSPs that have an eye on the future, what you just said,

[00:21:13] they're something that they should really take to heart.

[00:21:15] And also let's not forget that the average cybersecurity customer

[00:21:20] is a much more sticky customer than any other platform.

[00:21:24] A lot of the other stuff they'll switch in a heartbeat.

[00:21:28] Once they find a cybersecurity solution that puts them at ease and takes away the fear,

[00:21:36] they stick around with, we have customers on our platform that have been on the platform

[00:21:42] through our partners for over four, four and a half years now.

[00:21:46] That is longevity.

[00:21:47] So once they're in, they stay.

[00:21:50] And that's a really important aspect of selling cybersecurity.

[00:21:53] It's not just about the revenue.

[00:21:55] It's also about protecting that revenue long-term and making sure that that customer doesn't switch

[00:22:01] because they think somebody else will provide them with better cybersecurity,

[00:22:04] which 84% of them said they would.

[00:22:06] Yeah.

[00:22:07] And as you know, too, the cost in switching is not just what you can save on platform.

[00:22:11] You know, the cost in switching is really born in the labor to get back and trained up and understand it.

[00:22:17] So if you can find that solid platform, run with it,

[00:22:19] and just convert it into a profit center by being an expert at it and then expanding on it,

[00:22:24] there's no doubt that MSPs need to look at that.

[00:22:28] These guys that change RMMs and things like that on an annual basis,

[00:22:32] it's always confounded me because I'm like,

[00:22:34] there's a lot of labor costs you're not accounting for to save that $1,000 a year,

[00:22:39] whatever the case may be.

[00:22:41] For sure.

[00:22:42] Awesome.

[00:22:43] So, you know, we're getting near the end of our time today, Jor,

[00:22:46] but I definitely want to open up the door for any final thoughts that you want to share

[00:22:51] and certainly want to understand also, you know, what's going on with Coro today?

[00:22:55] Is there anything that you want listeners to know about and that they can take action on?

[00:23:00] Yeah.

[00:23:01] So a couple of things.

[00:23:02] One is, here's an interesting statistic.

[00:23:04] The SMB cybersecurity market is expected to be $109 billion a year market by 2028,

[00:23:14] which is around the corner.

[00:23:16] It's three years from now, right?

[00:23:18] Today, that market is estimated at $24 billion.

[00:23:21] I don't know what other market you can think of that is expected to grow Forex in the next three years, right?

[00:23:29] We as a company have grown 2,600% in the last three years because we're targeting this audience,

[00:23:37] because we're working very effectively with our MSP partners.

[00:23:41] So I'd like the listeners to take that into consideration.

[00:23:46] There is a market out there that is expected to grow 4x in the next three years,

[00:23:51] and if you're not going to jump on it now and grow with that market, somebody else will.

[00:23:57] So that's one message.

[00:24:00] And the second is, and this is a little bit of a teaser,

[00:24:03] we're going to make an interesting, fun announcement in January about our partner program.

[00:24:09] So stay tuned.

[00:24:11] It's going to be a lot of fun.

[00:24:14] Terrific.

[00:24:14] And for those that want to learn more about Quora, if you're watching on YouTube,

[00:24:20] I've just put the URL up here on the screen, but it's Quora.net.

[00:24:23] Go visit them.

[00:24:24] Learn a little bit more about the platform.

[00:24:26] Certainly, you know, get any additional information you can there.

[00:24:29] Jor, is there any way that you want folks to reach you?

[00:24:32] Is LinkedIn the best path?

[00:24:33] LinkedIn is the best way.

[00:24:34] I'm on LinkedIn.

[00:24:35] I'm very active.

[00:24:37] And I normally respond to people too.

[00:24:40] Perfect.

[00:24:41] So we will be sharing your LinkedIn profile with the show notes as part of this show as well.

[00:24:47] So, you know, I really appreciate that.

[00:24:50] Guys, if you have learned anything today, I think you've learned that it's great to have a security backstop.

[00:24:55] It's great to have a single platform that you can manage and do as much as you can.

[00:24:58] And it's really important that you start looking at how you're attacking that market, as that seems to be your biggest growth vehicle out there.

[00:25:06] And, Tor, I really want to thank you for sharing those, you know, interesting facts with us today.

[00:25:11] Thank you very much for having me.

[00:25:12] I had a great time.

[00:25:14] All right.

[00:25:14] Well, listener, you know where you can get this podcast, anywhere you download them.

[00:25:18] And certainly you can find us on YouTube as well.

[00:25:21] For those that don't listen next week, have a great holiday.

[00:25:24] And if that's the case, we'll see you in the new year as well.

[00:25:28] Take care.

[00:25:28] Happy holidays.