%20(1).png)
When clients won’t buy security awareness training — what do you do?
Most MSPs know the problem.
You explain the cyber security risks.
You show real-world breaches.
You recommend security awareness training.
And still — clients say no.
Too expensive.
Not a priority.
“It won’t happen to us.”
Craig Fisher, CEO of Technica Solutions, hit that wall with 100 clients and ~3,000 users.
So he made a decision most MSPs wouldn’t:
He stopped asking them to pay.
The decision that changed everything
Craig rolled out usecure across every client — and absorbed the cost himself.
Not as a promotion.
Not as a short-term incentive.
But because:
- The cyber risk was too serious to ignore
- Traditional security awareness approaches weren’t working
- Clients needed proof — not explanation
“It keeps me up at night.”
This wasn’t about selling training.
It was about reducing human cyber risk across his client base.
The turning point: day three
Then came the moment that changed every conversation.
On day three of a new deployment, a prospect — whose CEO was convinced there was no problem — ran their first phishing simulation.
Someone clicked.
Immediately.
No debate. No pushback. No delay.
The data spoke for itself.
Why human risk data changes everything
Security awareness often fails for one reason:
It’s theoretical.
Clients don’t engage with generic risks.
They engage with their own data.
Once users see:
- 📧 Their own phishing click rates
- ⚠️ Real behaviour under pressure
- 📊 Measurable human risk scores
The conversation shifts from:
“Do we need this?”
To:
“How do we reduce our risk?”
Turning human risk management into MSP growth
What started as a defensive decision quickly became a growth opportunity.
By rolling out Human Risk Management across his client base, Craig was able to:
- ⚙️ Automate security awareness training across multiple clients
- 📈 Create new revenue opportunities through managed security services
- 🤝 Increase client engagement with measurable security outcomes
Instead of pushing training, he was showing risk — and solving it.
The takeaway for MSPs
If clients won’t engage with security awareness training, the issue isn’t always the message.
It’s the lack of visibility.
You can’t sell what clients can’t see.
Human Risk Management solves this by:
- Making human cyber risk measurable
- Providing continuous phishing simulations and training
- Delivering audit-ready reporting and compliance support
See the full story
Craig shares the full journey — from client resistance to measurable results — in his own words.
Subscribe to newsletter
Discover how professional services firms reduce human risk with usecure
See how IT teams in professional services use usecure to protect sensitive client data, maintain compliance, and safeguard reputation — without disrupting billable work.
Related posts
Explore more insights, updates, and resources from usecure.
.png)
