Archives For CISO

img_4188

Stage Set Up

300 Security Leaders Meeting in Miami

Looking for More Tools to Combat Cybercrime!

I’m just heading back from meeting with over 300 CISOs and CIOs, all part of the Florida International Banker’s Association –  Celaes Event, at the Trump Hotel, Doral.  

Great event, very well run, and an opportunity to connect with security leaders from all over Central and South America.  I was also able to reconnect with old friends from Kaspersky and Dimension Data.

Here are a few pictures…You’ll notice Former Mayor Giuliani on stage as well!  The living room shot was part of my amazing suite…

And I’m leaving just in time to avoid Matthew, the latest hurricane headed this way.

 

Advertisements

IMG_3863Last week I spoke to the High Performance Technologies Sales Team…

Delivering a Keynote on, The Secrets of High Priced Consultants…lessons I’ve learned from the Big Six and others, who know how to call on C-Level Executives.

There are 5 major disciplines I see high-priced consultants mastering.  For instance, they sell one of 4 things – Customer Experience Gains and Risk Mitigation being the two most compelling value propositions.  Technology is then just a means of achieving these things.

But perhaps the most important aspect of my message came from a recently interview with the CISO of Sodexo. From our 45 minute discussion I gleaned 5 important things sales people should stop doing if they really want to peer with C-levels.

  • Stop calling with generic messages like, “I wanted to introduce myself.” CIOs get thirty to forty of these every week from technology sales people. They don’t have time for this.
  • Stop Showing your generic corporate presentation. I know your marketing people think it’s great, but it looks like every other company’s presentation. There really is nothing unique or compelling about it.
  • Stop making things sound worse than they are. Security is a big issue, but without proper justification, you can’t just start throwing statistics at them.
  • Stop calling to tell them about the latest hack printed in your local paper. They probably knew about it before you did. It’s not interesting or insightful to them.
  • Stop showing up with nothing meaningful to say. Instead, start reading about the things they care about, become an expert in something they would find helpful, and then give them a call about something specific.

I’d love to hear more from anyone who has first hand experience with “What not to do” when meeting with an executive…

Copyright 2016, David Stelzl

PS. I was on a call years ago with a sales rep from the company I was involved in. The sales rep managed to get a C-Level meeting, which I attended. One of his first questions was, “So what does your company do?”  Big mistake…

 

The New Data Center

The New Data Center

IT Spending Is Shrinking – The Cloud Is Growing

If you happen to be selling hardware to Amazon or Google, you’re probably in good shape. Especially if you sell storage. Cloud storage requirements are growing. IT spending isn’t.

Steve Norton, contributor for the Wall Street Journal published some figures last week from Gartner and others that should serve as a wake up call to you if you are a technology reseller – especially if you are selling to the small or mid-sized businesses.

Here’s What Gartner Predicts:

“Global IT spending will shrink 1.3% to $3.66 trillion in 2015 amid a strong U.S. dollar, slowing PC sales and a continued switch to software-as-a-service, research firm Gartner Inc.IT -0.72% said in its latest quarterly forecast.” They were calling for 2.4% growth. New predictions are negative. 1.3% might not sound like a big deal, but you can multiply that for small companies looking to cut costs. They’re likely to move to cloud services first. Forrester was calling for 80% of these companies to be in the cloud within 5 years, but the time is shorter now. In other words, expect it to be far less than 5 years.

Also from Gartner: “Microsoft killed the XP licenses, but people are still running XP,” Gartner analyst John Lovelock told CIO Journal. “PCs are plummeting, but there is still a desire to get some of that new functionality.” In other words, people are going to keep their old computers and run their apps from the cloud – Microsoft 365, Google Apps, etc.

Steve Norton’s Comments:

“Gartner noted a substantial reduction in their forecast for office suite spending, reflecting an uptick in adoption of cloud services like Microsoft Corp.’s Office 365”, says Steve Norton.

He also notes that “IT services spending is forecasted to shrink…this year, with the largest drop seen in implementation services.” Expect it to drop more than you think. With Microsoft moving more to the cloud, your support services will be in less demand.  Less infrastructure also means less installation. The smaller the business, the less likely it is that they’ll be adding servers or disk.

What About Managed Services?

This is clearly becoming a price war. Managed services is a commodity business right now, and it will get worse.  Many of the resellers I am working with tell me their prospects just want to know how much they charge per device. That’s a bad sign!  They are also being undercut with low prices from both very large providers and the guy who works out of his garage.

Security is Still In Play

The good news is, there’s still a strong market for technology. Amazon will certainly cash in on cloud services. Apple is killing it with the iPhone. But you can grow too if you’re selling something clients really need. Security demand will continue to grow. The more companies more to mobile devices and cloud apps, the less secure they’ll be. There’s also an opportunity to move upstream with compliance and assessment offerings. Firewall management is not what I’m talking about.

Consider services like hosting policy, ongoing assessments, event correlation services, and monitoring for breaches. The small business can’t afford the technology required to detect a breach, and they most certainly can’t staff a team of responders. Virtual CISO services are another great offering. People need help with their security strategy as they move toward digitization. The CISO function will become more important for smaller companies, yet still unaffordable.

© 2015, David Stelzl

P.S. Find out how to sell into the security market…. (Read More)

The fastest way to inculcate the concepts from our Making Money with Security Class is to try it.  Last week I had opportunity to interact with one person attending the 3-day virtual class currently in process…

He writes, “I thought I would try to apply some of the nuggets I have learned this week, in a meeting I had earlier this morning.  It went really well!  I met with a CISO and we discussed assets and started applying the likelihood vs. impact philosophy.  As I was doing this, my customer said the biggest problem he has is understanding likelihood.”

…This is predictable.  As I stated in last Thursday’s session, everyone seems to focus on the impact side of the security equation, but CISO’s and asset owners are already well aware of this, and continue to hear the same ROI and Insurance sales pitches almost daily from your competition.  By taking the “Likelihood” approach, a new discussion evolves.

He continues with a great question, “Based on this approach, is determining likelihood done through risk assessment or are there more dimensions to consider?”

If you’re in the class, you know we have one more session to cover, and this is where we will address this in detail, …but, this is the right question to be asking…how do we move this conversation forward to create business?  Here is a portion of my reply:

“…it means starting with executives rather than IT, and interviewing them to understand the assets; how they’re used, who uses them, who can’t use them…etc.  Then, armed with a complete understanding of the data (the assets), the technical side of the assessment should be used to discover how the necessary security is being achieved, or how to reduce the likelihood to an acceptable level of risk.  The ‘’Impact vs. likelihood” graph from by book, The House & the Cloud becomes our primary deliverable, backed by data from the assessment.

His final comment: “Application to real world is the best way to learn… I personally missed focusing on the asset and pitched it more towards the vulnerability discovery.  The asset that has the vulnerability determines the impact and the level of the vulnerability determines the likelihood.  Starting to add up.’’

This is exactly right and leads to the justification this sales person needs to create new business.

© 2011, David Stelzl