Now That's IT: Stories of MSP Success

Achieving Rapid Growth with Cybersecurity & Service: Paul Cashmore's IT Evolution

N-able Season 2 Episode 25

Share episode

In this episode of Now That’s IT: Stories of MSP Success, we sit down with Paul Cashmore, co-founder of Solace Global Cyber, to explore his incredible journey of transforming a traditional MSP into a leading MSSP. Paul shares how his passion for cybersecurity and a service-first mindset fueled rapid growth, while also addressing the challenges MSPs face in today’s evolving IT landscape.

Discover how Paul developed a risk-based approach to cybersecurity, handled high-stakes ransomware incidents, and built a culture of innovation and adaptability. Whether you’re an MSP owner looking to scale, an IT leader navigating cybersecurity complexities, or a tech enthusiast curious about industry evolution, this episode is packed with actionable insights and inspiration.

Key Topics Covered:

  • Transitioning from MSP to MSSP: Lessons for IT leaders.
  • Risk as a growth driver: Building cybersecurity services that scale.
  • Handling ransomware recovery: Real-world examples and strategies.
  • Recruiting and training top talent in a competitive field.

Join host Chris Massey as we uncover the strategies behind Paul’s success and explore what it takes to thrive in the fast-changing IT and cybersecurity space.

🎧 Tune in now and take your MSP to the next level!

N-able also produces Beyond the Horizon. Hosted by industry veterans, this podcast delves deep into the findings of the annual MSP Horizons Report, providing actionable insights to transform your IT business. Listen & Subscribe Wherever You Get Your Podcasts.

'Now that's it: Stories of MSP Success,' dives into the journeys of some of the trailblazers in our industry to find out how they used their passion for technology to help turn Managed Services into the thriving sector it is today.

Every episode is packed with the valuable insights, practical strategies, and inspiring anecdotes that lead our guests to the transformative moment when they knew….. Now, that's it.

This podcast provides educational information about issues that may be relevant to information technology service providers.

Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice.

The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent.

Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors.

The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe.

All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements.

Speaker 1:

One, two, three, four. My last year there I made 89 people redundant. I put 50 people in Kuala Lumpur. I had 30 open vacancies and they wanted me to get rid of another 40 more and I was like I just can't do this, guys. You know, the thing that we're providing is a service and if you haven't got the people, you know. I just couldn't put my name to it and I didn't want to be part of it.

Speaker 2:

So L I couldn't put my name to it and I didn't want to be part of it. So ListCyber is a little bit different right. It's built around a risk-based security model. Can you explain what that means in practice and why you believe that's crucial for business?

Speaker 1:

today the biggest case. We were on site for two months.

Speaker 2:

We had 21,000 users to onboard, and that was a pretty tough time because they were just overwhelmed. You're growing at a pretty rapid pace and you're having to hire at that pace, right, I think when we spoke in the summer, you were about 45, 50 employees and you had expected to be close to 100 by the end of the year. What's that been like?

Speaker 1:

The key thing for us in our growth has been about the quality of the products and then, most importantly, the service.

Speaker 3:

Welcome to Now that's it stories of MSP success, where we dive into the journeys of some of the trailblazers in our industry to find out how they used their passion for technology to help turn managed services into the thriving sector it is today.

Speaker 2:

Paul Cashmore. Welcome to the Now that's it podcast. Thank you, Chris. Former director of a 250 technical delivery staff department for an over 240 million pound converged IT service provider, you co-founded Solus Cyber in 2021 and led explosive growth, building an over 10 million pound revenue MSSP in just a few years. Thank you for joining the Podball. Nice to be here, Chris. Thanks for the invite. Came all the way over from the beautiful UK and I had a great trip. I know you really enjoyed it. We'll save that. We'll leave that out of the podcast, but, Paul, you had a real—.

Speaker 1:

I missed my flight.

Speaker 2:

Yeah, but he made it in time. He made it in time. We're all here. So you had a long career in IT and cybersecurity. Can you start by sharing what initially drew you to this field?

Speaker 1:

So way back I used to have a fish and chip shop. So there's National Dish in England and they have worldwide following. It was a family business and I worked alongside my dad Three generations of fish and chips. My grandma had a fish and chip shop, my dad had a fish and chip shop and I worked alongside and I love fish and chips. But I didn't want to get out of bed in the morning and I needed to get myself into something. I really liked computers at school and we had a Windows 95 PC in the chip shop and it broke and I couldn't fix it and that was like really really annoyed me and we sold the business and I thought, right, I've got to get into IT. It was really starting to grow massively. So I spent the summer retraining to my Microsoft MCSE and that got me in the door at Blue Chip Data Systems. That's great.

Speaker 2:

So you managed a large team at a significant IT provider before you started Solus Cyber. What was the tipping point that made you consider leaving a job like that?

Speaker 1:

I was really fortunate at Blue Chip Data Systems. You know I started not knowing anything. I went in the workshop and then I went on the service desk and spent a few years on the service desk, then into projects and then technical director and then service director. When we started really great, just focusing on the managed services it was kind of around the time 2017, we sold to a company called GCI and I stayed on as part of their SLT and then I did three or four years worth of M&A, so we acquired a few businesses and we integrated what they had and we ended up with a really large team.

Speaker 1:

So answer your question, chris. Cyber really evolved into some really significant nasty events with the evolution of modern day ransomware attacks. Ransomware has been around for ages, but it was really the Conti group end of 2020, 2021, where we really started to see the threat actors really going out of their way to destroy businesses. My time at GCI was starting to come to an end. I felt that I'd taken it as far as I could and there wasn't really the growth there for me to get excited about that future Cyber was booming and I thought this is what I want to do next.

Speaker 2:

Was there a point where you took a step back and you said I think I can do this better.

Speaker 1:

Well, the managed service as a business was doing really well and in a large group you've got telephony departments or all sorts of other areas of the business that were underperforming and as a group they weren't achieving and I didn't think they were going to get there. And the one thing that really struck a chord with me is, you know, we never had any customer complaints, or if we did, they were quite sincere and we would really understand any genuine gap and turn them into real positives, really tried to improve our services. But in my last year there I made 89 people redundant. I put 50 people in Kuala Lumpur replacing seniors in the UK for juniors in Kuala Lumpur. I had 30 open vacancies and they wanted me to get rid of another 40 more and I was like I just can't do this.

Speaker 1:

Guys, you know, the thing that we're providing is a service. It's not like a product, like a WAN or another type of sort of like. This is a people service. And if you haven't got the people, you know I just couldn't put my name to it and I didn't want to be part of it.

Speaker 2:

How did those help you shape your vision of what you wanted Solus Cyber to become?

Speaker 1:

I think, from the initial people that we wanted to take as the team, we wanted really flexible people and multi-skilled people. So you know, initially everyone does everything, regardless of what type of work it is maybe a firewall install or installing some EDR software everyone does everything. That was kind of like our first pick of people and we wanted to acquire a team that could do a full-on ransomware right. That's what we set out to do to provide that sort of like emergency incident response. So when an organization does have that moment of need, we've got some capacity to be able to put their way. And ultimately, you know, when you're starting with no customers, that's hard yeah.

Speaker 2:

You brought in top talent right Right from the get-go. You had made connections sort of across the industry, but obviously your past teams. Why was that important? To bring sort of the best of the best in when you were starting out?

Speaker 1:

I think with cyber accuracy is the most important thing. You need to have lots of skills. Organizations have a variety of different infrastructure. A lot of the kids coming through very much M365, azure only focused. They haven't built servers and configured RAID, installed VMware and a lot of the incidents that we go to. They've got on-prem infrastructure. That's legacy. So having people with a whole range of skills has been really important to us Most.

Speaker 2:

MSPs say I sell IT or I sell uptime or something like that. Solus Cyber is a little bit different, right? It's built around a risk-based security model. Can you explain what that means in practice and why you believe that's crucial for business today?

Speaker 1:

I can. That's crucial for business today I can. So when we were starting to sort of define our services and what we wanted to do, we actually worked backwards from a ransomware attack. So we looked at a few incidents that involved Conti they were a big group at the time and responsible for some really devastating incidents for some really large organizations and we worked backwards of all the things that you need to survive a persistent, targeted attack. So it's not just a drive-by Someone's coming to get you, and so we worked backwards on all of those key things. It would be EDR, mfa, firewalls, perimeter security, patching. That was the start of our initial services.

Speaker 2:

So you've turned incident response from a service into a strategic strength. I'm sure you can't share any specific details. Are you able to share any sort of high-stress stories of where your team was involved and maybe saved the day at the end of the day?

Speaker 1:

Well, in the last year we've been involved in a hundred and two cases Wow. So there's been some really big organizations that we've gone in and helped and some smaller ones where it's the difference between making it or not making it right, and I think it's such a rewarding job. Going in I'm still first man in on some of the bigger ones and understanding that business and trying to work out what that recovery plan looks like for them to do that in a safe and secure way and then working with them for the duration of that incident is really rewarding.

Speaker 2:

Yeah, so you just mentioned your first man in. I've seen that a couple of times where we've had meetings scheduled and you're like I'm on the road I got to get to a customer. That's a high level of service, right, like that's really important for Solus Cyber. But that also comes with a lot of pressures and that's probably difficult to scale. How do you handle that?

Speaker 1:

Well, when we were supposed to have a chat because I appreciate I didn't answer your last question I was on my way to a managed service provider, so they'd had a ransomware. They had 1,200 customers that were down. That's quite a significant impact.

Speaker 1:

Some of those are banks and I was sat in there for a week on their service desk floor and literally customers calling up and not very happy, but we worked with them. They had a lot of talent as well and on that incident they needed the expertise to help them stay safe. We put a whole load of security tools in for them and did a whole load of rebuild to get them back as quickly as possible. But it's quite a common story where an organization has all of their data encrypted. The bad guys do go after your backups, do go after your DR and they're left in a really tight spot.

Speaker 1:

We worked on this case. It was in a medium-sized company. They're a charity, look after old people and know they they're they're all the data have been encrypted that they had an off-site backup that had been deleted and they they had a third-party service to provide dr and they went to invoke the dr and they called them up and it's gone, it's been deleted. So they're in a tight spot and something that we'd you know we we have as part of our run books is to kind of go through all of the infrastructure, look under every stone, to sort of like if there is a big data loss, you need to exhaust everything. So we were going through their SAN and we noticed that they'd had some snapshots on their SAN, so they didn't even know they had them and so, from a no backup, no disaster recovery position, they had literally everything back and they were really starting to be very concerned about their future. And so, in the space of five minutes, to say that all your data is recoverable was a fantastic moment.

Speaker 2:

Yeah, ups and downs. Roller coaster of emotions there. Absolutely, and for your team as well. Right, I'm sure, obviously you're there to be brought in. After the fact, it wasn't your service that didn't back things up. But how does your team walk away? Obviously they're excited. They were able to help you guys save the day. But are they ready to jump into the next issue, or is it like I? Need a day off, so I mean I mean the.

Speaker 1:

They are very resource intensive, yeah, yeah, because the business is battling the sort of like business recovery requirements. You also have the balance of trying to perform the forensics as well. So we turn up with a whole load of hardware and kit to kind of like so we can crack on with the forensics and and then really start on that rapid recovery for that organization. But it's around the clock, right, and you know so it's very intensive.

Speaker 1:

Some of them I think the biggest case we were on site for two months. We had 21,000 users to onboard and you know that was a pretty tough time because they were just overwhelmed. The first part was around rebuilding all of their infrastructure and getting all their services up. I mean, they did most of the app work and all the integrations and a lot of automation, but they needed a lot of help to get all of their users back on. So we set up a sort of like a service desk on site for them and then we're providing sort of like walk-ins to get all of the users onboarded. Just more around a bandwidth piece, more than you know a technical capability piece.

Speaker 2:

How have AI and automation helped you improve service delivery for your security?

Speaker 1:

customers. Okay. So I think from a tool point perspective, we go with tier one products. We like to have that kind of confidence in the vendor. They're always leading edge with the latest evolutions and what they're trying to do for us, and we're quite strategic on who we work with and what partners that we use. The way that we're trying to evolve our security operations is to have the tools that obviously finding all the latest threats. But it's not just a single vendor. We've got a mixture of different tools that we kind of blend to give the outcomes that we want. But our next evolution is around maturing our workflow and automation, so using things like AI assistance to be able to help the sort of like engineers to come to good decisions. Some of the types of alerts that we get are quite subjective at times and you know we need to have some like robust workflow around how we deal with those tickets and the outcomes that we're trying to achieve, you know. So we're striving to have that consistency on every single ticket. That's great.

Speaker 2:

So building and retaining a top team is obviously vital to the success of most MSPs, but especially someone like Solus Cyber that's built around security. What have you done to sort of create a unique environment at Solus Cyber where people want to stay and grow with the company?

Speaker 1:

So we haven't done anything yet really is the honest answer.

Speaker 2:

And.

Speaker 1:

I think that's one of the areas where the biggest improvement so far our journey has just been about land grabbing new managed service customers. If anything that my previous work has taught me is that it's all about achieving that number to be able to do what you want to do in the rest of the business. So you know, our success from converting ransomware customers to provide ongoing security and protection has been really successful for us, and that's still our core focus. We've taken on a whole load of people that we've worked with before that wanted more interest in roles, wanted more diversity, and I think that's key, that it's always leading edge and it's always exciting. Exciting is probably the wrong word, but it's sort of like from a tech. It's interesting what some of these bad guys get up to, and I think from an engineer's perspective, being involved in those types of recoveries is rewarding as well For us. We must develop our people to retain them. We recognize that and as we continue to evolve, that's an area we need to put a lot more effort into.

Speaker 2:

You're growing at a pretty rapid pace and you're having to hire at that pace, right? I think when we spoke in the summer, you were about 45, 50 employees and you had expected to be close to 100 by the end of the year. Yeah, what's that been like to be able to find talent after you got that.

Speaker 1:

We've kind of moved past now, the sort of like the previous gene pool.

Speaker 2:

Yeah.

Speaker 1:

Right. So all the people that we worked with before we kind of worked past that. Some of the types of people that we're after are very flexible. So if you need to get a site, then you have to drop everything, and that doesn't work for everyone, right? So that type of person is challenging to find, you know, and we've got three incident response teams now, which is great. You know they're all rounders and you know they can go off and you know help that business recover.

Speaker 2:

So, looking back on your journey with Solus Cyber, what decision or moment sort of stands out that particularly is defining for you? Is there anything that you've done or that you've accomplished that really stands out?

Speaker 1:

Well, I think, to be honest, that our journey is up and down right. I mean it's had more ups than downs. It's like we're kind of like Ghostbusters really, in that we're sort of like waiting for the phone to ring and then it's all systems go and then you're waiting for the next one. You know so as waiting for the phone to ring and then it's all systems go and then you're waiting for the next one. So, as we've matured the number of managed service customers that we've got now we've been able to balance it out, get some balance between the different types of teams that are doing incident work, then they may be doing project work or they might be doing some help on support. So it's been really an evolution of all of those different things that we're just executing the plan.

Speaker 2:

What are the new challenges or opportunities that are on the horizon, that are the most exciting for you, paul?

Speaker 1:

You have to evolve with cyber right, yeah, and so we've looked at how we get bigger, how we continue to double each year. I said to you that we'd kind of doubled since last time I was in Texas, which was in April.

Speaker 2:

Yeah.

Speaker 1:

So we're continuing to win new business all the time. So we have an instant. We're converting that into a managed service, that ongoing support and protection piece. We're winning sort of like five or six average new customers a month, which is great, and that's leading to the staff growth. Some of the new services that we're providing as well are also really interesting, right. One of the ones that I'm most interested in at the moment is threat intelligence software.

Speaker 1:

We've just bought a volume license deal for a company called Flare. We have our risk platform and we're integrating Flare into all of our customers. And what Flare does? It looks for security information outside of your organization. What's really interesting is how people are starting to look at their supply chain. So one of the new modules that we have in our portal is around managing your supply chain. So one of the new modules that we have in our portal is around managing your supply chain. So we're using this threat intelligence to have a look at external information about an organization and how that might impact your business. Quite often we see very heavy integrations APIs, vpns between some of your key partners or suppliers, so providing that extra insight into what's going on on something that's outside of your business but could impact your business is really exciting actually, and all of our customers that we've shown it to so far are super excited about it and all of our customers that we've shown it to so far are super excited about it. But what we want to use that for is how we can then develop the network of next lot of customers.

Speaker 1:

So we have two, I would say, key areas of new business growth. One is our partners. Partners where we provide 24-7 stock services and instant response. They may not have 24-7 themselves and they need someone to watch that around the clock. They might not have the capacity or the skill set to do the instant response. So we partner and they bring us customers and we're trying to grow that way. We're also trying to grow through new services and the supply chain is a really good way of being able to talk to our customers, customers, partners, suppliers. So if you've got, say, 10 key customers or partners part of your business, what a great way for us to be able to open the door, to be able to start a conversation.

Speaker 1:

What we've learned is when you buy cyber, it's about that trusted introduction. I think the key thing for us in our growth has been about the quality of the products and then, most importantly, the service. We've always had a service-centric ownership type position for all of our customers and we go out of our way to make sure that customer's happy right. So we develop really great relationships during ransomwares. We want to maintain that. But for customers that we haven't been through that with net new customers we really need to go out of our way to look after them when they have that moment of need. Let me ask you this last question Paul when did you know?

Speaker 2:

now, that's it.

Speaker 1:

Good question, chris. So we developed this risk portal and say it's a real-time risk view of your organization's cyber status. And the first time that we built the mark, we got some great guys that are involved in that Pete Jackson, adam Mitchell, craig Sterling, lee Snyder and we put it up there and we sort of saw how to present risk to an exec, an exec team, the decision makers to really highlight real glaring gaps and then demonstrate through actual data and then be able to articulate a scenario where they could be breached or they could be put in danger was to see that I'm like this is great.

Speaker 2:

This is what that was it.

Speaker 1:

That was the moment.

Speaker 2:

That's great, paul. Paul, it has been a real honor to have you here. I really appreciate you coming all the way from the UK to be part of the podcast, be with us here in Austin this week, and it's been great to get to know you over the last year and stay in touch, and so thank you very, very much for being here. Thank you very much, Chris.

Speaker 1:

Thank you, Abel.