Ready to Start Your Career?

Understanding the enterprise sales process and its role in cybersecurity innovation

Dr. Edward Amoroso's profile image

By: Dr. Edward Amoroso

September 23, 2020

Every business needs improved cybersecurity, but that doesn’t mean it’s something that sells itself. In fact, many businesses see cybersecurity as a cost center rather than an investment. Security leaders themselves often have a hard time communicating the benefits of improved cybersecurity from a business perspective. For cybersecurity practitioners, the sales process might seem ancillary to their roles, or even irrelevant.

Cybersecurity is, first and foremost, about people and relationships. While technology may be a critical enabler of good cybersecurity hygiene, the sales and marketing process plays a key role in developing and implementing customized solutions, providing support, and educating audiences. Garnering a deeper understanding of how these processes work will help security practitioners improve their communication skills and close better deals in less time.

Tip #1. Security vendors should market to auditors

Auditors have influence, simply because they have a thorough understanding of their security environments. It makes more sense to sell to them, since they are more likely to know where the weaknesses lie and what needs to be improved.

Tip #2. Vendors should also market to boards

Boards have influence across the entire enterprise. When a member of the board mentions a specific company, it tends to reverberate through the security department as well. That is why vendors should always ensure their products are highly visible to boards.

Tip #3. … and to analysts

Security analysts are highly informed, which also means they have influence. As critics, they might be one of the harder audiences to sell to. However, that means they are better placed to make informed decisions that enhance customer satisfaction and success.

Tip #4. Support and sponsor students

Students might not sound like the right audience to market cybersecurity products to, but this is a common misconception. Students of computer science, for example, will have influence, possibly even before they graduate.

Tip #5. Vendors should have their own working CISO

No security vendor can expect to effectively champion their own products if they are not using them themselves. Moreover, vendors should hire and leverage their own working CISO to sell and demonstrate their offer.

Tip #6. Learn the threats customers need to address

Enterprise security products and services rarely exist as off-the-shelf solutions. Vendors must take the time to learn about the unique threats their customers need to address and deploy solutions that mitigate them.

Tip #7. Trim down the presentations

The cybersecurity sales process often depends a lot on citing statistical data and insights. As such, presentations tend to include far too many charts highlighting overly generic information that the audience is already aware of or is not relevant.

Tip #8. Understand the technology customer

Most security vendors market primarily to CISOs and other security leaders. These roles are more aligned with technology and digital transformation rather than high-level business goals. Vendors need to tailor their message accordingly.

Tip #9. Understand the senior executive

Implementing complex cybersecurity products and services often demands buy-in from senior management. A senior executive is more likely to be concerned with high-level business goals. Vendors need to understand and communicate how their solutions align with those goals too.

Tip #10. Understand the law enforcer

Many people come into cybersecurity from a background in law enforcement. Such audiences have their own interests and priorities when it comes to cybersecurity, hence it is important for vendors to understand the role of cybersecurity in law and justice.

Tip #11. Understand the visionary

Visionaries tend to be among the hardest people to convince, since they want to know how a product works, as well as how the company behind it works. Vendors need to communicate the long-term benefits of deploying their products.

Tip #12. Understand the operations expert

Operations experts are typically much more interested in how a cybersecurity product aligns with their existing systems and processes. They want to be convinced that a new solution can be integrated and supported with minimal risk and disruption.

Tip #13. Integrate with other products

No two enterprise technology environments look the same, which means every cybersecurity product has to be adaptable. Vendors need to take the time to demonstrate how their solutions work with existing apps and architectures used in the enterprise.

Tip #14. Know that CISOs know best

Given the importance of their roles in the modern enterprise, CISOs tend to be highly informed. Chances are, they will have a much greater understanding of their needs than a vendor ever will. As such, vendors should prioritize listening over speaking.

Tip #15. Provide educational sales collateral

In cybersecurity, sales collateral should be educational. It should demonstrate how the product works as well as illustrate the wider problem. This is why whitepapers and case studies are far more powerful sales collateral in cybersecurity than things like brochures and spec sheets.

Tip #16. Use customer logos sparingly

Adding logos of other clients to sales collateral is an effective way to provide social proof, but it can seriously backfire if the vendor did not get permission first. Sometimes, potential clients will ask about the customer, so the vendor will need to back up the claim.

Tip #17. Know the product’s limits

A common claim cybersecurity vendors make is how their product would have prevented the latest major incident. The reality is usually far more complex than this, and potential clients are not interested in claims which are inherently unprovable.

Tip #18. Focus on interfaces

Cybersecurity vendors often claim to have complete solutions in the form of an integrated suite that is easily to deploy, manage, and use. A far more effective approach is to focus on open interfaces that can easily be integrated with a company’s existing systems.

Tip #19. Find ways to deploy fast and free

Cybersecurity often carries a degree of urgency. Yet at the same time, it is inherently complex given the huge diversity of different environments. Vendors which can offer ways to deploy quickly and without one-off costs tend to have a huge advantage when it comes to sales.

Tip #20. Congratulate the customer

In a sector that depends heavily on educating audiences and recognizing success, vendors should always be ready to congratulate their clients on their achievements. This can help build a stronger relationship driven by mutual respect and understanding.

Tip #21. Attend conference sessions

As in any industry, cybersecurity vendors should spend plenty of time networking with people like potential clients, as well as ancillary roles. By attending conference sessions and other events, they will have the opportunity to make many valuable contacts.

Tip #22. Highlight the customer

Highlighting a client’s content on the vendor website is a win-win for both parties. For vendors, it provides social proof and valuable content for their audiences, while customers enjoy some extra exposure and recognition.

Tip #23. Ask customers for reviews

One of the most effective ways to sell a complex product is to invite the potential customer to review it. Their feedback can reveal opportunities for improvement, and it serves as a highly effective product demonstration.

Tip #24. Always arrive early and finish early

CISOs and other individuals within cybersecurity vendors’ sphere of influence tend to be busy people with ample responsibilities. Vendors should always respect their time by arriving a few minutes early to meetings and finishing ten minutes in advance.

Tip #25. Work with people who are committed

Cybersecurity vendors can and should target a wide range of roles, but regardless of that role, it is important to think beyond the individual’s job. People who commit their lives to their roles are always better positioned to sell to than those who are just ‘doing a job’.

Tip #26. Keep the red tape to a minimum

Contracts like NDAs and SLAs play essential roles in any cybersecurity vendor relationship. However, they should never delay client onboarding. Instead, vendors should offer contracts immediately, instead of telling their would-be clients to stand by for a few days.

Cybrary helps security leaders close skills gaps and empower their teams to better tackle the challenges of today, and tomorrow. Request your demo of Cybrary for Teams today.

Schedule Demo