EP207 – Why You Need Dark Web Monitoring in Your MSP with Tony Capewell & Ian Luckett

We kicked off with a straightforward explanation of what the dark web actually is. Tony clarified the distinctions between the open web (the visible internet we all use daily), the deep web (pages that aren’t indexed by search engines and require authentication, like online banking portals), and the dark web. The dark web is a hidden section of the internet that’s intentionally obscured and often requires specific software, like Tor, to access. While it’s not exclusively for criminal activity, the dark web is a hub for illegal activities, data trading, and stolen information—everything from personal credentials to corporate data can be bought and sold there.  Tony shared why MSPs should be particularly concerned about dark web monitoring. He emphasised that most MSP clients don’t realise just how vulnerable their data is or how easily it can end up on the dark web after a breach. He recounted how MSP Dark Web was born out of frustration with other vendors and security tools, which weren’t doing enough to protect his clients. Now, his platform allows MSPs to monitor their customers’ domains and personal emails to detect stolen credentials and alert clients before damage is done. With Tony’s dark web monitoring service, MSPs can see if sensitive client information is being circulated on the dark web and act quickly to advise their clients on securing or updating their credentials.  One of the core themes we discussed was how to present this information to clients. For many business owners, technical jargon about dark web monitoring or data breaches goes over their heads. Tony shared that MSP Dark Web provides a comprehensive marketing toolkit for MSPs, which includes email templates, leaflets, and other resources to help MSPs communicate the importance of dark web monitoring in a simple, understandable way. This helps MSPs position dark web monitoring as a proactive, essential service that can protect businesses from potential cyber threats.  During our chat, Tony highlighted a sobering statistic: his database contains 149 billion emails and 88 billion passwords from data breaches worldwide, and this number grows every day as new breaches occur. His platform also tracks “session cookie data”—which can allow attackers to access accounts even if two-factor authentication (2FA) is enabled. This was a real eye-opener, and Tony advised listeners to avoid the “remember me” option on websites and to regularly clear their browser’s cache and cookies. These steps may seem small, but they can make a big difference in protecting your information from dark web exposure.  Another crucial point Tony shared is the importance of educating clients about the risks associated with reusing passwords. If a password is stolen from one site and a client uses that same password elsewhere, cybercriminals can potentially access multiple accounts. Dark web monitoring allows MSPs to detect compromised credentials in time for clients to change their passwords, rendering the stolen data useless.  We also delved into the misconceptions around cybersecurity stacks, particularly the tendency of MSPs to “stack fiddle,” as Paul Green has called it. This occurs when MSPs add endless layers of security tools without a cohesive strategy. Dark web monitoring doesn’t necessarily overlap with other cybersecurity measures in an MSPs stack; it complements them by focusing on external threats. Rather than just looking at data within a business, dark web monitoring looks outward, alerting MSPs to information that might have been exposed in breaches they wouldn’t otherwise be able to track.  Towards the end of the episode, Tony emphasised the growing importance of dark web monitoring for everyone—not just those with large bank accounts. Cybercriminals don’t just target wealthy individuals; anyone can become a victim. For instance, attackers can exploit simple pieces of personal information, like a preference for dogs over cats, to manipulate victims. This was a stark reminder that every MSP should consider dark web monitoring as an essential part of their security offering.  In summary, Tony Capewell made a compelling case for why dark web monitoring is a must-have service for MSPs. It’s not just about selling a new tool; it’s about proactively protecting clients and building trust. With resources like MSP Dark Web, MSPs can offer their clients peace of mind by ensuring that if their data does appear on the dark web, they’re immediately informed and can take action to secure their information. If you’re an MSP looking to strengthen your cybersecurity stack and communicate its value to clients, dark web monitoring could be the solution you need.  Connect with Tony Capewell through their website by clicking HERE  For full details of our Business Blueprint Workshop on Tuesday 3rd December, click HERE.  Connect on LinkedIn HERE with Ian and also with Stuart by clicking this LINK  And when you’re ready to take the next step in growing your MSP, come and take the Scale with Confidence MSP Mastery Quiz. In just three minutes, you’ll get a 360-degree scan of your MSP and identify the one or two tactics that could help you find more time, engage & align your people and generate more leads.  OR   To join our amazing Facebook Group of over 400 MSPs where we are helping you Scale Up with Confidence, then click HERE  Until next time, look after yourself and I’ll catch up with you soon!