I arrived this morning at 2 AM in Bangalore India – I’ve spent the last 9 hours on the plane to the left, a 747 Lufthansa aircraft (traveling from Frankfurt to Bangalore). Note, that’s after spending 9 hours traveling on a USAirways Airbus 330, Charlotte to Frankfurt. Tomorrow I will be working with SEs from Cisco Systems on executive level conversations around information security…everything from global cybersecurity trends, to creating justification, to presentation skills required when engaging executive level audiences.
Two Wall Street Journal articles grabbed my attention while laying over in Frankfurt yesterday. One on the importance of training your employees, the other on the need for better presentation skills when working with executives on information security issues.
The ROI on Training SEs to Sell
The article on training didn’t concern SEs – however it did say that today’s employees, especially those with more desirable skill-sets, are going to demand further training. Everyone wants to grow, everyone wants to improve – at least those employees worth keeping. It’s a sign of poor character to accept the status quo. The writer went on to say that the promise of training is important when trying to attract the right people to new jobs, and that attrition is significantly reduced when training is regularly offered. My focus on the SE is just an observation. It’s been my experience that SEs tend to like sales training. They get the technology – and of course they want to continue to grow that, but adding the ability to sell to their resume is a big boost to their value. The person who is both tech-savvy and knows how to sells is rare and desirable.
When I teach sales classes I find that SEs are often more attentive, and more serious about learning the content than any other group of people attending. I’ve seen some very technical people become superstars overnight simply by learning how the sales process works, and how marketing science is almost exactly the opposite of the way an SE tends to approach a sale. When a technical person’s eyes are open to the influence they can have, simply by changing a few things about the way they approach sales, a powerful transformation begins to take place. Both resellers and manufacturers of technology would do well to invest more into their SE’s training programs – specifically on sales and marketing strategies. In fact, I know of two very successful resellers who have grown significantly, without the addition of more sales people, simply by empowering their SEs through this type of training.
An added benefit is that it helps sales people work more closely with their SE team on the sales process. When both parties understand where the conversation is going and what it will take to close the sale, they stop stepping on each other’s toes in the sales process.
Board Level Presentations Have to change.
The article on Board-Level Presentations was specific to information security – the topic we’ll be addressing over the next two days. Really, this applies to all executive level management. The bottom line was that executives and board members need to know about security. However, when IT people, and even CIOs and CISOs approach these discussions, they tend to go into too much detail (according to the article). I was excited to see that the very graph I use in my book, The House & the Cloud, was described in the article as “What they need to know”. I’m talking about the “Impact vs. Likelihood” graph. In my Making Money w/ Security workshop, I refer to this graph as “The Most Important Part of The Assessment Deliverable”. Almost nothing else is needed other than some basic descriptions of what goes on the X and Y Axis of this graph. If the technical part of the organization (or more importantly – you) could figure out what assets belong on the X-Axis (the high-impact applications), and how high on the Y-Axis to put them (the measure of likelihood – how likely the organization is to experience a breech or loss of data), executives would know what decisions must be made. Of course they will need to believe your data is correct – but that’s the definition of Trusted Adviser – trustworthy and able to advise – as stated in my more recent book, from Vendor to Adviser.
On Friday this will be the topic of discussion in our SE workshop. We’ll learn how to take the raw data and put in into this format – and then, more importantly, how to present it. This is something every company that specializes in cybersecurity offerings should be doing.
© 2013, David Stelzl