Cyber security is changing, and so is the way it’s being sold

Cyber security vendors still have sales targets to meet and their own products to glorify, but a “weird sales dynamic,” as Brian Krause describes, is also creeping its way into the market.

“Every single person in here is a salesperson, there’s no denying what we’re doing here … it’s our software first,” said the director of North American channels for Centrify, referring to a room full of cyber security vendors at Optiv Security‘s 2018 Toronto Enterprise Security Solutions Summit last week. “But we’re seeing more, especially in the software community, most of us are partnering with each other.”

Customers are becoming increasingly overwhelmed by the thousands of products available on the market today, said Krause. There’s an overabundance of companies making niche products, many of which seem great in a vacuum, but don’t actually work well with other previously installed products. According to Cisco’s 2018 Annual Cybersecurity Report, nearly half of the security risk that organizations face come from having multiple security vendors and products.

“More and more, customers can’t even begin to figure out what products they need, let alone how they’re going to get this new product to work with what they have,” he explained. Helping potential customers answer some of these initial questions with competing vendors has opened new doors. “All of a sudden we’re offering a bigger solution together. It’s better for the customer and a better value proposition overall.”

From left, Peter Evans, chief marketing officer for Optiv and J.R Cunningham, Optiv’s vice-president of product management, talk cyber security during their keynote in Toronto. Photo by Alex Coop.

Since entering the Canadian market in 2016, Optiv Security’s Canadian business has grown significantly. A small team of five has since ballooned to a team of 50, and recently, three new leadership positions have been filled. This growth has largely been fueled by Optiv’s ability to help clients integrate security products with surgical precision, while ensuring they all communicate with each other properly, said Cheryl McGrath, Optiv’s area vice-president and general manager for Canada.

“We’ve got around 1,800 technical resource employees, so rather than have the client stitch everything together, we’ll do that for them,” she said.

Quick facts:

  • IoT attacks were up 600 per cent in 2017. (Symantec)
  • 69 per cent of organizations don’t believe the threats they’re seeing can be blocked by anti-virus software. (Ponemon Institute’s 2017 Cost of Data Breach Study)
  • Microsoft Office formats such as Word, PowerPoint and Excel make up the most prevalent group of malicious file extensions at 38 per cent of the total. (Cisco)

At times, this strategy conflicts with a security vendor’s ability to install a new product for a customer.

“From the software vendor side, we’ll have our own little battles with a partner like Optiv, we’ll go ‘how come you’re not talking about our software first?’ Well it’s because they’re looking at the overall solution,” said Krause. “Maybe it’s not the right time for me to step in, I need to let that other partner or manufacturer install their part for the customer first. So when you’re partnering with three software vendors, all of a sudden it keeps everyone playing together a little nicer.”

Stop trying to be perfect at everything

The tech industry is good at making lists and developing standards. Organizations are desperately trying to adhere to them all, even if some of those best practices don’t make sense for their business, according to J.R Cunningham, vice-president of product management for Optiv, who was a keynote speaker at the summit.

Peter Evans, chief marketing officer for Optiv, told ITWC that in the company’s entire history, only half a dozen organizations have ever received a five-star rating from Optiv when it comes to security compliance – a five-star rating is the highest rating one can achieve. Evans zeroed in on one five-star business that scored so high on its physical and access control standards, it made up for the other areas that it failed in. That business was a zoo.

“Obviously, that access control and physical security is important there, but they failed on certain other metrics. But that’s okay, because it didn’t matter for their business model,” he said.

On the other hand, retailers that process credit cards need to emphasize network segmentation and strong endpoint security, Evans explained. Manufacturing businesses, which are often short-staffed in the IT department, are prime candidates for automation.

Optiv rolling out new solutions

Last month, Optiv announced a new suite of security solutions, beginning with EnemyPerspectives@Optiv, a service that gives users an attacker’s perspective of the company’s overall security program, helping them identify security gaps and potential attack patterns. Evans said Optiv plans to roll out more solutions this year, one of which, he teased, will scan all of an organizations devices and produce a prioritized list indicating which ones are behind on security patches.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Alex Coop
Alex Coophttp://www.itwc.ca
Former Editorial Director for IT World Canada and its sister publications.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now