Leveraging Cybersecurity to Build Trust in the Sales Cycle Sales + Security = Revenue “You always hear that the cybersecurity professionals just don’t like salespeople, and salespeople are always upset at the cybersecurity team for hindering their efforts and bottlenecking the sales process,” said Zach Fuller on a recent episode of Friends Friday. But what if sales and security could work together to their mutual benefit and the benefit of the organization as a whole? Although security professionals may prefer to steer clear of the sales team, cybersecurity teams and programs can be an important part of the equation in increasing sales and retention and, ultimately, revenue for their organizations. Zach Fuller, founding partner and head of Business Operations & Strategy at Silent Sector, joined Dan DeCloss on the cast to challenge the stereotype that sales and cybersecurity teams have completely different goals. Instead, they consider the business impact that cybersecurity can have on business when leveraged to build trust in the sales cycle. Watch the full episode or read on for the highlights. Sales + Security = Revenue: Leveraging cybersecurity to build trust in the sales cycle Challenging the status quo between security and sales Zach and Dan started the episode by discussing generally held perceptions of the role of cybersecurity and how those aren’t always representative of reality. Although security practitioners may picture their role in one way, the business may see it in another — sometimes even more business critical — light. “So when I got into the cybersecurity industry, I thought cybersecurity was about risk management and protecting organizations. And it turns out that’s only partially true. I mean, that’s the fundamentals, right? We have to protect organizations from cyber criminals. And I thought — again, maybe just a misguided mindset — but I thought that everybody knows they need to protect their technologies and their organizations and so they’re going to be wanting to do cybersecurity in the most effective possible way to protect themselves. Right? Seeing everything that’s going on in the news and whatnot — turns out that’s not the case,” said Zach. He continued, “It turns out that over the years, what we found is more and more organizations have come to us because cybersecurity is actually a business enabler for them. It’s actually a revenue generation tool — and I know some people will cringe — more than it is about risk management and protecting the organization. I’ve had this shift in perspective. While, yes, the fundamentals are always about protecting the organization, there’s so much more to it that I think most people miss. And so I’m just seeing companies win millions and millions of dollars in new revenue because they’ve built certain security capabilities and aligned with the requirements of their customers. And it’s just been a really awesome journey to see that. It’s fun for us, too, because in our business and the professional services world, we get to see the growth and success of the organization.” Leveraging security and compliance to win deals Storng cybersecurity posture and achieving key compliance certifications can be game changing in the minds of clients vetting vendors and partners. Additionally, these factors can make or break funding and acquisition deals. Recognizing that and working to demonstrate and communicate security controls in the sales cycle can result in big wins. Dan shared, “I think that’s what we noticed. By becoming more compliant and becoming more secure, it actually helped us win deals. Right? And I’m sure you’ve experienced the same. So the reality of the situation is that large enterprises have had to become more and more diligent about the vendors that they bring on board. We’ve seen countless numbers of breaches that resulted in a vendor getting breached, pivoting into a large enterprise and compromising that enterprise in a big way.” Zach noted that companies that want to use their security posture to win bigger contracts don’t have to have everything in place to get started. “If you don’t have all these things in place, you’re not aligned to NIST or CIS or ISO, or you don’t have a SOC 2, that’s okay, still go after the enterprise business. Don’t let that stop you. But just know that once you’re talking to them, these things are negotiable. The cybersecurity team is tasked with the decision-making process around can we use this organization to accomplish whatever task or solve whatever problem. And you can talk with them and explain the scenario, explain what’s being handled, and kind of negotiate your way through. And as long as you have a very good plan in place, we’ve seen that be enough to get those deals across the finish line.” Changing the conversation around security and sales Thinking differently about the role of security in the organization can bring great benefits to the cybersecurity program as well. When the conversation expands and leadership better understands the possibilities, security teams often reap the benefits. “I know a lot of security, and it professionals have trouble getting the support they need and getting the budget they need, and they’re, but they’re talking about techy stuff and risk, whereas if they start talking about revenue generation, leadership kind of perks up and says, well, okay, tell me more about that, and then it becomes a different conversation,” Zach concluded. Follow PlexTrac on LinkedIn to catch the latest episodes of PlexTrac Friends Friday.
Vulnerability Assessment vs Penetration Testing: Understanding the Key Differences Vulnerability Assessment vs Penetration Testing READ ARTICLE
Unlocking Continuous Threat Exposure Management: New Features for Prioritizing Remediation Based on Business Impact The evolution of product security READ ARTICLE