Cutting Through the Noise with Cybersecurity Straight Talk
Regaining customers' trust provides formidable challenge for the cybersecurity industry.
![Straight Talk Road Sign Straight Talk Road Sign](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltf03c981d4e547d65/65243b27f091f0177a2b47f4/Straight-Talk-Road-Sign.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Lumen’s Bryn Norton said a recent survey on the impact of increasing ransomware shows 70% of all consumers “don’t trust us.”
“So what are we going to do about that?” he said. “That’s a real problem because we’re now in a world where data is really important to us. So you think about retail for a second. A retailer earns on average twice as much if you’re in a physical store. But if you’re like me, I pathologically hate shopping, so I’m never going to go back to a store ever again because the digital world has pivoted so much over the last two years and I do everything on my mobile devices also.”
With physical product placement no longer a gauge of what customers want, companies need more data from customers to understand their needs, Norton said.
“If I’m a retailer now, I want more data from Bryn because I want to understand what Bryn wants,” he said. “But at the same time, Bryn does not trust me, so Bryn is not going to give me that data because of the bad reputation we all have because of security. So what are we actually going to do about that? And to me, I think that’s quite an interesting thing to see how we build consumer confidence as an industry over the next couple of years. If we don’t, we are slightly knackered.”
Check Point’s Frank Rauch said there are so many voices telling organizations what they should be buying when it comes to cybersecurity, and it’s off-putting.
“It’s the old diapers-and-beer scenario,” he said. “There was a study that was done probably about a decade ago that if you put beer next to diapers, you would sell more beer just simply because the father’s frustrated, etc.,” he said.
ThreatProtector’s Carl Katz said what’s concerning about selling and evangelizing cybersecurity is everyone has a plan until they get a “punch in the face.”
“When I speak to the consumers, everybody, especially if you’re talking to a CISO or CIO, or whoever you’re talking to within the organization responsible for the cybersecurity infrastructure, always has a plan,” he said. “They know what they’re doing. They’re cognizant of the threat in their mind, and they have a solution they believe is ready for the threat until they get punched in the face. And everybody here knows a prospect they went after and then nine months later, they came back and said tell me more about your product. And you say what changed in nine months? Why are you interested now? Well, I got breached.”
All of a sudden they have to come back and “obviously we could have been more proactive in creating the solution for them,” Katz said.
“So that’s a concern I have with people in general, the end consumers,” he said. “They have a plan until the plan doesn’t work. And then they don’t trust what you’re offering in many cases because they think you have ulterior motives in selling your product. And then they get hit and all of a sudden there’s interest. There’s a lot of reactiveness in this industry, which is not good.”
Secureworks’ Maureen Perelli said too many organizations still won’t face the fact that “it’s not if, but when” they’re going to be attacked.
“When you look at like, here’s my analogy: I liken this to a treadmill,” she said. “People have put endpoint devices throughout their environment. Did you upgrade your firewall for the next year and have you upgraded your antivirus technology? Have you done all that? And it’s like a treadmill. You buy it and think magically you’re going to lose weight. I wish mine would work like that. But no, you have to actually get on it and test it, and continue to work with it to make sure that it’s working for you. People aren’t saying it’s not if, it’s when that happens. I think people are afraid to have that conversation because then they have to go inside their environment and test it. And that’s when they realize the holes that they have. It’s a scary conversation, but we don’t believe enough people do it, and it’s something that has to be addressed at the forefront of it.”
Katz said ThreatProtector provides its customers with National Institute of Standards and Technology (NIST) security policies, “and that’s critical.”
“And whenever I present it, I ask people if they have security policies and they’re like not really or just basic security policies,” he said. “And I’m like, ‘Well, and do people acknowledge it?’ Yeah, they acknowledge it when they first started employment here. And when it changes, they don’t even put new security policies out.”
That’s a disaster waiting to happen, he said.
Cybereason‘s Abigail Maines said a hard truth is that “we are too similar in cyber.” All the providers came up the same way and they all sort of look the same.
“So our struggles with how do we trust it could be enhanced if we spend a little bit more time diversifying who looks like what and what cyber humans look like,” she said. “That’s my experience having been in a handful of (cybersecurity companies) over the last few years.”
Cybereason‘s Abigail Maines said a hard truth is that “we are too similar in cyber.” All the providers came up the same way and they all sort of look the same.
“So our struggles with how do we trust it could be enhanced if we spend a little bit more time diversifying who looks like what and what cyber humans look like,” she said. “That’s my experience having been in a handful of (cybersecurity companies) over the last few years.”
The cybersecurity industry is quite noisy with sales reps and analysts pointing out cybersecurity problems and solutions for organizations. So how about some straight talk?
What’s not being talked about that should be talked about in cybersecurity? What are organizations not doing that’s putting them in jeopardy?
At this fall’s Channel Partners Conference & Expo, we conducted roundtables with channel experts addressing hot topics in areas such as cybersecurity, cloud and MSPs.
During our roundtable, the experts doled out some straight talk about cybersecurity, including what’s working and not working.
Panelists included:
Maureen Perelli, Secureworks‘ senior vice president and chief channel officer.
Carl Katz, ThreatProtector Cybersecurity Advisors‘ senior vice president of worldwide partner sales.
Frank Rauch, Check Point Software Technologies‘ head of worldwide channel sales.
Abigail Maines, Cybereason‘s vice president of commercial and channel sales for North America.
Bryn Norton, Lumen Technologies‘ vice president of platform and IT solutions.
Norton said end customers don’t trust the cybersecurity industry, and that presents quite a problem for providers. And Katz said organizations think they have enough protections in place until they get attacked.
Scroll through our slideshow above for cybersecurity straight talk from this roundtable.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like