Archives For training

data-security-picWhat’s The Point of Your Security Assessment?

Are Your Clients Actually Taking Any Relevant Action?

This week on a coaching call with one of our Mastery Security Training Attendees we were discussing the role of the consultant in the security assessment process. In this case the Assessment Sales were NOT closing.

In other cases we discussed conversions from Assessment to Remediation or Managed Service were weak.

The complaint: Can I rely on our security consultants to deliver, or should I sell something else?

The Problem is Sales, Not Technical

First, sales people should never turn the SELLING over to a consultant or engineer unless that technology expert has a track record of closing. Knowing a lot about security does NOT lead to selling assessments. Selling and marketing are not driven by sound bites, technical know-how, or certifications.

In the Security Sales Mastery Program we teach sales people to speak about security at the business level. Executive Management is where the assessment should be sold.

Assessments are about risk. They measure Impact vs. Likelihood. At least they should. 

The Point of the Assessment is NOT Just About Risk: It’s About Conversion

In a sense Assessments are a marketing effort.

The Sales person sells the deal to measure risk. The consultant measures risk. But then something salesy has to happen.

Like the Cardio Doctor, if your patients are about to die but don’t take on the treatment plan, the doctor is failing.  It’s the doc’s job to sell his patient on doing something. Yes, ultimately the patient is responsible for their health, but if the diagnosis is poorly communicated or risk poorly described, the doc is doing something wrong.

Look at the Deliverable.

In many cases it will be a 50 page paper (enterprise size deal) or something much shorter in the SMB.  But is it written to the person who cares about risk? In most cases the answer is NO.

This is a sales problem. If you, the sales person, sold the assessment, hopefully you sold it to to someone at the business level to help them measure something specific – risk.

It might be compliance like HIPAA or it might be to identify the likelihood of data theft, system disruption, or data misuse.  Theft, misuse, and disruption can all be in the same report, however your findings must be written to the asset owner. The person with liability.

Don’t let the consultant take this to the client before reading and understanding what it says.

Are there mistakes?

Was the paper written using an old assessment from another deal?

If so, are there facts left over such as a “company name” that just don’t belong in this paper?  Believe it or not these are common problems. But it’s the sales person’s job to read it and scrutinize the value of the report.

Sure, the technical team shouldn’t be making mistakes like labeling a diagram with Cisco routers when the client uses Juniper (Yes, I’ve seen this happen!). But technical people are rarely writers. They won’t write at the executive level, they’ll miss edits that are obvious to the sales person, and they’ll often use an older document rather than starting from scratch. It happens even with the best teams.

Should You Keep Selling Assessments?

Yes, your clients need them. And they’re one of the best avenues to big business.

But sell them at the business level. Don’t succumb to IT people wanting assessment quotes. Unless they’re high dollar projects, they’re not worth doing. Make your way upstairs and find out what’s really needed.

When it’s time to assess, make sure your technical team knows exactly what you sold. It should be a measure of risk as described in The House & the Cloud. And when it’s time to deliver. Read it. It’s your deal. It’s Your client. It’s your responsibility. And it’s your biggest up-sell opportunity.

© 2016

Advertisements

2016-06-14_15-12-33How is Your MSP Retention?

If you’re losing customers over the year, you’re losing money – big money.

The average stay for a client on an MSP contract is a few years, but if you look at a single year’s profit for your average customer (12 months of payments), losing adds up quickly.

Tomorrow Ingram Micro will be hosting a Livecast where I will be addressing this issue. Of course, I will be pointing back to security, and how to leverage security to increase retention. But not just security – there are some great strategies that you can put to work right now to increase retention and keep your value proposition strong. Hope to see you there.

Sign up right here (CLICK)  <<< Click to grab your free seat on tomorrow’s Ingram Micro Livecast.

 

moneyAre You Getting New Customers Every Month?

Not everyone is – especially in the Small Business Market.  

The economy is shaky, and in an election year, many small business owners are waiting to see what’s going to happen.

In the mean time, you could be capitalizing on the security trends.  The news is full of horror stories these days.  But the sale isn’t as easy as it sounds.

Last week I presented a livecast workshop on WebinarJam – I’ve been using a strategy for the past 15 years that does not depend on economics or budgets.  And it’s proven to work over and over, even with people who don’t believe they need more security.

This is so important that I’ve gone out for sponsorship so you don’t have to pay the $500 I normally charge for the workshop.  Check Point and Ingram Micro have agreed to sponsor a second run of this program on April 7th! That’s this week!

Grab your seat here   <<<  CLICK TO GET YOUR SEAT!

Be sure to click the calendar icon when you see the confirmation webpage so it’s on your calendar!

© 2016, David Stelzl

 

appleApple Does Not Have to Decrypt the Phone After All – This is a Historical Moment.

But Once Again, No Technology Is Really Secure…The FBI Has Managed to Break Through Apples iPhone Security.

Did you doubt they could? Did you think the iPhone could really stand up to this?  If you did, you need to know more about security. Good security means fast detection and real-time response.  The front door can always be broken into.

Security is a funny thing. If Apple had given in, case law would have been established. Any future crime could have forced the developer to change the code, create a backdoor, or make things less secure. I know there are many people saying this isn’t true, but most of them can’t claim any security expertise.  As a CISSP, I’m stating my opinion.  I haven’t met one serious security expert who disagrees with me – although I’m sure there are some.

On the other hand, security can always be broken into…that’s why there’s a huge opportunity for every technology company right now.  If you take on security there’s new business out there. We have a problem. If the FBI gained access (or some of their third party contractors), the bad guys can do it too.

There’s still time to join me for this week’s free online WebCast.  

This week I’ll be showing you how to create an annuity business that will far outlast the tradition commodity MSP business everyone is already doing.  You won’t have to abandon anything you already do. But you will be adding some things, and approaching the deal differently…and in a far more effective way.

YES! I want to Attend…  <<<  CLICK here to read more and grab your seat!

This training is so important, I wanted to find a way to get it to you without it costing you a fortune…so I’ve partnered with two technology companies that want the same thing!  Join me this week – Check Point and Tech Data have teamed up to bring this program to your laptop or phone.

Plus, they’re giving away additional training and products!  Click the link above now and find out more!…see you on Thursday.

© 2016, David Stelzl

IMG_2104Ransomware, ID Theft, Hidden Attacks…

This is the time to be investing in security services.

Find Out How You Can Turn Your Technology Reseller Business Into a High-Margin Profit Machine… 

On March 31st, Check Point, in partnership with Tech Data will be hosting a special LIVECAST event where I will be sharing key strategies that can open doors you’ve never imaged going through.

This is for resellers only!  Join us by clicking on the link below!  But don’t wait. Seating is limited…

YES! I WANT A SEAT…(CLICK). <<< CLICK HERE TO LEARN MORE

BONUS #1!  During this event, Check Point will be giving away 10 seats in my most popular online training program – The Security Sales Mastery Program.

BONUS #2! One lucky attendee will leave with a brand new 700 series Check Point security appliance!  All you have to do is show up and tell us you want one…

© 2016, David Stelzl

plug and playSelling Security is Not The Same As Selling Insurance

You can spin security a million ways to make it sound like there’s a return on investment, but you’re only kidding yourself.

So how exactly do you sell something that many people think they don’t need more of, and that really has no ROI?

I just wrapped up two training days with Brian NeSmith, President and CEO, and his team at Arctic Wolf, a security operation center that targets small and medium businesses.  As always I’m sure I learn more than anyone at these meetings.  And I have to say, I’m impressed with the technology and the team.

Arctic Wolf is exactly what small and medium businesses need as they move toward more IoT, mobility, and BYOD.  This morning as I’m wrapping things up and getting ready to head home for the weekend, a few key principles are on my mind…these are foundational mindsets every sales person must have if they want to sell security or managed services.

  • Security is not a product. Even if you are selling a product, don’t present it that way.
  • Every small and medium business needs more security. Specifically, they need the intelligence and insight into what’s going on in their network as they create and use data.  According to Gartner, 80% of these companies are working without any realtime detection element. Even if they have the UTM firewall, they probably don’t watch it. And if they did, they wouldn’t understand it. That means every one of these companies is a qualified prospect.
  • If budget comes up, something is wrong. Security is sold based on high impact of a likely event. Most decision makers won’t understand their risk, so start there. That means you’ll need to gain access to those decision makers early in the sales process – but not to show them your corporate presentation. Instead, talk to them about technology trends like IoT that will be used to grow their business.  That’s what they want to hear…then transition to the security risks that come with new technology.
  • The sale requires justification. Justification comes with getting them to see they have urgent issues – risk. Most assessments, like 90%, show urgent findings.  That’s justification. If you still can’t close, you are either talking to the wrong people, or hiding the urgency in the language you use. Be bold and upfront – be clear. People from China are potentially in your data!
  • Whatever you do, don’t get bogged down in the technology and how it works. This discussion can come later with the IT people – but the sale is made at the business level, and should be conceptually made before diving into the weeds.

For more on how to effectively sell security, check out The House & The Cloud…you can get it here for a limited time for $1.00 – free shipping, and no strings attached.

$1 HC Book Ad

 

Today I’m out in Sunnyvale visiting Arctic Wolf – A Cyber SOC company that provides the detection element of security so many are missing!  We really do need more detection…check out this video. If the hacker hadn’t announced himself, the victim would still be clueless.

This Story Tells It All – Man Hacked On Go-Go Wireless. It could have been Starbucks, City Wireless, McDonalds, or any other public wireless network. Something you should be passing on to your clients who still think their firewall is keeping them safe – even when they are working at Starbucks.

Copyright 2016, David Stelzl