Nadav Shenker’s 5 Essentials for MSP Email Security

Episode #719 of the MSPi PrimeCast

Email continues to be the number one entry point for cyberattacks, and no one understands this better than Nadav Shenker, who has been vocal about how MSPs must rethink their approach to protecting clients. His perspective emphasizes that email security is not just a technical challenge but a leadership responsibility for MSPs who want to safeguard businesses and strengthen trust.

Here are five essentials Nadav Shenker highlights for MSPs — with actionable steps to implement each one.

1. Treat Email as the Primary Attack Surface

Despite decades of innovation in cybersecurity, email remains the most exploited vector for phishing, malware, and business email compromise. MSPs must prioritize email security as a core service offering, not a secondary add-on.

👉 MSP Action: Make email security part of every managed services package. Present it as baseline protection rather than an optional upsell, ensuring every client is covered.

 

2. Build a Culture of Security, Not Just a Stack of Tools

Technology can only go so far if end users remain the weak link. Leadership means creating a culture where security is everyone’s responsibility — from executives to frontline employees.

👉 MSP Action: Run quarterly awareness sessions for client leadership teams and regular phishing simulations for employees to reinforce a “security-first” mindset.

 

3. Commit to Continuous Education

Threat actors are evolving faster than most organizations can keep up. Shenker emphasizes that education can’t be a one-time event — it has to be ongoing, adaptive, and engaging.

👉 MSP Action: Provide monthly micro-trainings on new phishing tactics and share short “security bulletins” that clients can distribute internally.

 

4. Connect Security to Business Outcomes

Clients care about risk, compliance, and uptime — not acronyms or technical jargon. Nadav Shenker stresses the importance of framing email security as a business enabler that protects operations, reputation, and compliance standing.

👉 MSP Action: Translate technical risks into financial terms during client reviews. For example, show how preventing a single ransomware incident could save thousands in downtime and lost productivity.

 

5. Lead by Example with Your Own Practices

Clients trust MSPs who practice what they preach. Shenker notes that credibility comes from adopting the same safeguards internally that you recommend to your customers.

👉 MSP Action: Implement advanced email security controls, MFA, and internal phishing tests within your own MSP. Share these practices with clients as proof that you live by the same standards.

 

Nadav Shenker’s perspective on email security is clear: MSPs can’t afford to treat it as optional. By embedding email protection into core services, building a culture of awareness, educating continuously, aligning with business outcomes, and leading by example, MSPs elevate both their clients’ defenses and their own credibility. These essentials are not just about keeping inboxes safe — they’re about securing trust and leadership in the MSP market.

Catch the full conversation on MSPi PrimeCast Episode #719 and connect with Nadav at https://www.vircom.com/