Back in May, 2021, the Colonial Pipeline, which originates in Houston, Texas and carries gas and jet fuel to millions of consumers throughout the eastern United States, was hit by a ransomware attack. The attack shut down the pipeline for one week, caused panic gas buying by the public, and brought home to even the ordinary lay person that critical infrastructure in America is extremely vulnerable to an ever-increasing amount of cyber-attacks.
Indeed, the ominous headlines come with an almost monotonous regularity. From the Solar Winds malware attack that affected over 33,000 businesses and organizations, to JBS, the world’s largest meat packer, the Washington DC Metropolitan Police Department, and hundreds more in 2021 alone, cyber security has emerged as a top threat to government, business and even individuals in the 21st century. Cyber-attacks threaten shutdown of critical infrastructure which can lead to shortages, panic buying and rapidly increasing cost of goods and services, massive financial loss and more.
“If it were measured as a country, then cybercrime — which is predicted to inflict damages totaling $6 trillion globally in 2021 — would be the world’s third-largest economy after the U.S. and China,” said Steve Morgan, Founder of Cybersecurity Ventures.
And, as we rush to integrate just about every facet of our personal and business lives into the digital sphere, –cloud computing, the internet of things, the push for remote working environments–it’s a problem that’s only getting bigger. Cybersecurity Ventures expects global cybercrime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion annually by 2025, up from $3 trillion in 2015.
“This represents the greatest transfer of economic wealth in history,” Morgan said.
Of course, while all this spells bad news for businesses and individuals, it means a massive opportunity for IT security sales teams.
According to Gartner Consulting, worldwide spending on information security and risk management technology and services is forecast to grow 12.4% to reach $150.4 billion in 2021, up from 6.4% in 2020. 61% of the more than 2,000 CIOs surveyed by Gartner said increasing investment in cyber/information security this year was a top priority.
But while you might initially think that selling to desperate and frantic CISO’s (Chief Information Security Officers) will be easy-pickings, you need to understand that selling IT security systems in this environment comes with many dangerous pitfalls and hidden problems that can make the task arduous and tricky. Fully understanding these issues can save your company a lot of time and money, and help win the sale.
The first thing that IT sellers need to understand is who they are dealing with. Gone are the days when information security professionals were mere advisors playing a support role in a company. These days information security professionals are considered integral parts of the company and have enormous sway over the direction of projects.
Also, information security officers are notoriously hard to access. Not only are security professionals secretive by nature, but they are busier than ever, especially since the pandemic forced many of them to roll out massive new systems in record time.
Sales cycles in the security realm can be extremely long and costly. And you don’t only deal with the CISO and their team. Security also involves the legal department, the accounting department and nearly every other department inside an organization. Each department will have a different risk profile when it comes to security matters.
Perhaps most challenging of all is the explosive growth of competition. At present, there are at least 2,000 vendors in the space and more than 6,500 products for a buyer to choose from.
So how do you stand out from the intense competition and get the attention of those making the decisions? According to research by Emissary, it helps to be an expert in your field, not just a mere salesperson.
This means IT security sellers should have a social media presence, be known in the industry as a thought leader, and someone who is trying to improve the field. CISO’s are mission oriented and are often fiercely dedicated to protecting the companies they work for. They want to feel that you are as well.
And don’t promise easy solutions with short implementations. Security experts inside companies already know that security for large organizations is not easy and won’t be quick to implement. Sales people who promise quick turnarounds, easy implementation, and cookie cutter solutions, will not get very far.
All this means IT security sales people need to be fully prepared when presenting before a potential client, and be armed with as much inside information as possible.
In fact, CISO’s will often use sales presentations to stress test the sales person, not just the product they are selling. This is the point where sales people need to show not only the bells and whistles of their product, but also show they can speak to the buyer’s needs, and be able to converse in both technical and business terms. Perhaps even more importantly, sellers need to show they can easily work with company staff in identifying and solving problems that are sure to arise.