- Audience 1st
- Posts
- How Cybersecurity Buyer and Seller Behaviors Evolved in the Past 5 Years
How Cybersecurity Buyer and Seller Behaviors Evolved in the Past 5 Years
Today as a cybersecurity seller, being a technical and a business person is very relevant. But in order to keep up with the pace of change, the technologies, the dynamic market and aggressive growth goals, you have to be an active listener and to be present.
This episode is presented together with
When you understand your customer’s goals and challenges, then you can bring a technical enough team to the table that could actually get buyers answers effectively and efficiently.
You drive change by leaning from the front and it's not only on the sales and marketing folks to do that. The C-Suite is equally responsible as well.
Brutally honest insights from Chris Federico, Head of Global Cloud Security Sales of Check Point and Chris Roberts, previous CISO and Senior Director of Boom Supersonic.
Before we dive in, don’t forget to subscribe to join 1700+ cybersecurity marketers and sales pros mastering customer research. You’ll get notified whenever a new episode and buyer insights summary drops.
Insights and Key Takeaways
How have security solutions and buyer behaviors in the cybersecurity space changed over time?
Over time, security solutions and buyer behaviors in the cybersecurity space have gone through significant changes.
At the turn of the century, the industry was still in its infancy, and as Chris Roberts put it, "we were making shit up as we went along."
As the industry matured, so did the solutions and the need for more advanced cybersecurity measures.
However, one of the biggest challenges in the industry is the lack of cookie-cutter companies and organizations.
Each company has its unique needs and requirements, making it challenging to find off-the-shelf solutions that work perfectly.
This has led to the need to customize solutions to fit specific needs, which is where the industry has seen a significant shift.
“I think that's where the huge change has been. It's been an absolute start from scratch. We literally have to customize the heck out of many of these. So those would be the two areas I'd look out,” says Chris Roberts.
In short, the cybersecurity industry has come a long way from its early days, and the need for customized solutions has become increasingly important.
These changes have resulted in the need for buyers to become more educated and informed about the products and services available to them.
Things really changed for salespeople
Sales tactics have significantly changed over the last 25 years in the cybersecurity industry.
In the past, salespeople could approach potential clients and tell them exactly what they needed because the buyers didn't know they had a problem that needed solving.
However, this approach is no longer effective because buyers are now more informed and aware of their cybersecurity needs.
Today, buyers are well aware of their problems and are looking for solutions that can specifically address their concerns.
They may have multiple problems and need a seller who can offer solutions that can solve at least a few of them.
Simply putting a box or a product in front of them and claiming it can solve their problem is no longer an effective sales tactic.
As Chris Federico puts it, people claiming to have a 100% hacker-proof solution may not even know the specific problem their clients are facing.
This is why it's crucial for salespeople to truly understand their client's needs and offer solutions that can specifically address their concerns.
Buyers are more informed and aware of their needs, and salespeople need to approach them with customized solutions that can address their specific problems.
This requires a deep understanding of the client's needs and a willingness to offer solutions that are tailored to their unique circumstances.
Bundling and unbundling of solutions over time
Over time, the cybersecurity industry has seen significant changes in the bundling and unbundling of security solutions.
In the past, companies used to have separate firewalls, IPS or IDs, X, Y, web filtering, and other security measures.
These solutions were later consolidated into Unified Threat Management (UTM) for more efficient management.
However, in recent years, there has been a trend of unbundling security solutions, with companies opting for specialized solutions for different security needs.
Chris Federico believes that the trend may reverse, with companies looking to bundle solutions to save money.
Chris Roberts, on the other hand, takes a sarcastic approach, pointing out that many vendors bundle unnecessary functionalities, and customers end up paying for features they don't even use.
In his view, in 90-95% of cases, customers end up using only half of the functionalities bundled into the solution.
“I'm playing devil's advocate on this one," says Chris Roberts, “because a lot of people have said to me, oh you need endpoint detection of this. I'm like, look, is this an antivirus, you've just put new sales and marketing and you've bundled a whole bunch of other things.”
The bundling and unbundling of security solutions are an ongoing trend in the cybersecurity industry, and companies need to carefully evaluate their security needs before investing in a solution.
Vendors, on the other hand, need to offer solutions that are tailored to the specific needs of their customers, without bundling unnecessary functionalities that end up costing the customers more money.
From the perspective of a CISO, the bundling of security solutions has its advantages and disadvantages.
While bundling can help consolidate various security measures into a single solution, many of these solutions include unnecessary features that are of no use to the customer.
“From the CISO standpoint, I'm sitting there going, hey, I know I'm a technical CISO and I'm fortunate. I kind of know what I'm looking for. And so, I'll discount half of the products because they've got too much junk that I know I'll never use,” continues Chris Roberts.
Legacy solutions also pose a challenge for CISOs. Some of these solutions may have been effective in the past but are now outdated and no longer bring the same value.
Renewing these solutions may be necessary because they perform a specific function, but they don't provide the same level of protection as they did before.
Additionally, getting 25,000 alerts a day from a solution is meaningless if you can't extract meaningful information from them.
To make the most of security solutions, CISOs need to have the right tools to automate responses and distill data into something meaningful.
This requires an understanding of the customer's environment and needs, which can only be achieved by having the right APIs to pull in critical information and send it to the right tools.
By doing so, CISOs can automate responses and distill data into meaningful insights that help them protect their organizations effectively.
What is real differentiation in the cybersecurity industry?
In the crowded cybersecurity market, real differentiation is crucial for vendors.
This differentiation needs to come not just from the products and messaging but also from how vendors engage with their clients.
Without real differentiation, vendors risk being just another player in the market.
Chris Roberts emphasizes the importance of trust in choosing a Managed Service Provider (MSSP).
When he started at Boom, he needed to know where his assets were because, without that knowledge, he couldn't protect them.
He ended up choosing an MSSP based on trust, not just the one person he met but the team that person brought with them and the diversity of the board of directors and the team.
In the cybersecurity industry, clients need to have confidence in the vendors they work with.
The vendors they choose must be able to offer real differentiation and build trust through the quality of their products, the expertise of their people, and the diversity of their teams.
By doing so, vendors can differentiate themselves from the competition and build strong, long-term relationships with their clients.
“I bought based on trust, not just the one person that I met. I bought based on that one person and the team that she brought with her and the other folks that were part of that organization. I looked at the board of directors, there was diversity. I looked at the team that was brought to me, there was diversity,” said Chris Roberts.
What can actually help to build and gain trust with cybersecurity buyers?
In the cybersecurity industry, building trust with clients is crucial.
To build trust, vendors need to have open and easy communication with their clients and avoid being pushy.
They need to conduct research in advance to understand the client's business, avoid changing the numbers, and not move the rules.
As Chris Roberts points out, vendors need to take the time to understand the client's company, including their roadmap and growth pattern.
This understanding allows vendors to bring the right technical team to the table at the right time, ensuring that the client gets effective and efficient answers to their questions.
Here are some quick points that help Chris Roberts build the trust with vendors:
Easy communication.
No pushiness.
Research in advance.
Understand the business.
No changing the numbers.
No moving the rules.
“They did their research on me because I'm pretty blunt online about what I'm looking for and how I look for it. And if you can't be bothered to spend 5 to 10 minutes to figure that out, then why should I give you that time?,” he further states.
It’s important to take time to understand and learn about the company you are trying to do business with, so make sure you know:
What are they doing?
Where is their roadmap?
Where are they now?
Where are they going to be in 12, 24, 36 months’ time to the best of their knowledge.
When you understand their growth pattern then you can bring to the table a technical enough team that we could actually get answers really effectively and efficiently.
What are the old sales and marketing tactics that companies still use that just won’t fly anymore today?
In the current economic climate, customers want predictability around their spend, which means that old sales and marketing tactics just won't fly anymore.
Chris Federico noticed this trend about 5 years ago, and it has become increasingly important.
Customers want to know that they have some flexibility with vendors and won't get hit with unexpected overage charges.
Vendors need to understand what their customers want and craft bespoke pricing and terms that are easy to get through with legal.
This approach requires financial engineering, which can help vendors build long-term relationships with their clients based on trust and mutual respect.
Chris Roberts had a frustrating experience with some tier one vendors who were still playing old games with him.
He realized that he needed to take a step back and not deal directly with vendors anymore.
Instead, he now works with someone who deals with vendors, and he avoids dealing with vendors who use old tactics such as starting with high prices and then bringing them down.
How to successfully identify customer needs and the challenges
Successfully identifying customer needs and challenges requires active listening and asking the right questions.
As Chris Federico explains, salespeople should avoid pushing for proof of concept or demo in the first meeting.
Instead, they should focus on listening to the customer's challenges and understanding if they can help.
“It may sound like a total cliche term, but you have one mouth and two ears so you should do twice as much listening as you do talking,” says Chris Federico.
Salespeople should ask questions about who the customer is and what their challenges are, and they should be willing to take the time to listen and understand.
They should present themselves in a manner that can be considered trustworthy, and customers should feel that the salesperson is not there to crawl all over them.
Chris Roberts emphasizes that a 30-minute initial conversation is a good starting point to understand the customer's priorities.
This initial conversation should be focused on getting to know each other and building trust.
It's important to approach the conversation with a sense of curiosity and a willingness to learn about the customer's needs and challenges.
By doing so, they can build long-term relationships with their clients based on trust and mutual respect.
Accountability for cybersecurity is finally being held at the board level
The accountability for cybersecurity is finally being held at the board level and this is a refreshing change, according to Chris Federico and Chris Roberts.
Boards are now asking about security and compliance, which were previously less intriguing topics to them.
However, CISOs now need to go beyond being technical experts and approach cybersecurity from a business perspective, as they need to help boards understand their world through their eyes.
It's also important to operationalize solutions and make them functionable in a customer's environment, which can be done by having a team or managed service provider who can do this.
“What I've seen change in the last few years is when I speak with anybody in a C level or an executive level position, all of a sudden, they said, my Board of Directors cares about security. My Board of Directors is asking me about compliance.”
Those were the less intriguing topics to a Board of Directors in the past and he definitely sees it changing now.
“It's such a refreshing change because now the board is being held accountable.”
Chris Roberts absolutely agrees. He’s seen a huge evolution in it both personally as a VC (so for a number of organizations behind the scenes over the years) and then absolutely drastically when he walked into Boom.
You may end up with two different boards:
The ones that still just don't want to care, don't know or for whatever reason, haven't grasped that fact yet.
Or the ones that have questions, they want to know more and they want to understand it.
Now, they want to understand things at their level but they're also willing to take side channel conversations outside of board meetings.
“As a CISO, I can no longer go in as a technical geek CISO and knock them down with stats. I have to go in as a very, very business, focused, operationally aware, financially, fiscally kind of like business degree type CISO and have those conversations at their level. I can't go in and expect them to understand me. I have to go in and help them understand my world through their eyes,” Chris Roberts explains.
So being a technical person and a business person is very relevant today as a cybersecurity seller.
“It’s important to operationalize things:
If you can't take your solution today and present it to a customer beyond, say, it solves this problem technically, it detects X. But how do I operationalize that into your environment?
Either you have your own team who does it, or a managed service provider. If somebody can't take that and easily make it functionable, then it's a no-go.”
Steps that can start affecting that change within the organization and among the buyer and the salespeople community to allow for more successful collaboration and output
You have to be present
Chris Federico says, “I think you have to be present. So, if you think that you can sell something and then you come back a year and you renew it and you're not present, then you're never going to make any change.”
Now, that's not always true but in the majority of cases, your presence means something. If you're not going there, you're not going to drive change.
Chris Roberts agrees: “If you never did the install properly, you never took time and you don't care. And so, I'm like, you don't get the chance to even walk through these doors anymore.”
Quit the free lunches
“The other big thing, quit the free lunches! I'm fed up with the free lunchtime, these big gifts and this big mess that's going on.
A cup of tea or a cup of coffee, that's all I need to do to understand one. If it's something I'm interested in as a buyer and as a seller, it's something I need to know very, very quickly and effectively to see if it's on my three-to-six-month roadmap or if it's on a 24-month roadmap,” says Chris Roberts.
You effect change by leaning from the front.
It's also important to recognize that both vendors and buyers need to meet in the middle and find a balance between quantity and quality.
Vendors need to realize that not everyone is ready to buy at the same time, while buyers need to understand that vendors still need to make a living.
It's also important to put yourself in the buyer's shoes and truly understand their problems and needs, and this only happens through conversation and building relationships.
It's important to respect people's boundaries and give them space, such as offering an opt-in option for communication rather than bombarding them with messages.
“You go to a conference, you end up on a hundred mailing lists. Well, do me a favor. Just reach out and say, hey look, would you like to hear from us? If we don't hear from you, we are not going to put you on a sales call. We'll let you go in peace. Have a good day. If we need to help you, you know where we're at. I want that.
It's tough because it's going to take two things:
It's going to take the CISO recognizing that vendors still have to put food on the table, and there's an honorable way of doing it.
It's also going to be the vendors realizing there's thousands of buyers and not all of them have their checkbooks open at the same time. And so there has to be a meeting in the middle somewhere.”
Until next time,
Dani
Subscribe to Audience 1st Podcast Newsletter
Thanks for reading! If you like summaries like this, subscribe to Audience 1st Podcast Newsletter to get notified whenever a new episode drops.
Excited to collaborate? Let’s make it happen!
Check out our sponsorship details to connect with real security practitioners and showcase your brand to an engaged community of cybersecurity decision-makers giving and seeking real buyer insights.
Reply