Stop trying to sell security technology and start creating relationships

Dale Carnegie once said “You can make more friends in two months by becoming interested in other people than you can in two years by trying to get other people interested in you.”

I love this quote. Dale Carnegie is the author of the New York Times best selling book “How to Win Friends and Influence People.” The book sold over 30 million copies since first being published in 1936.

You’re dealing with a much more educated buyer now. The Chief Information Security Officer (CISO) and other C-level executives who you are trying to hock your latest firewall, network IDS, or endpoint security solution to actually knows more about the product you’re trying to sell her than you do, and you work for the company! With the numerous resources like SC Magazine Group Reviews, YouTube videos, global security conferences, and well, LinkedIn, your buyer is way more informed than the old days when cold calling and unsolicited email actually worked and you got a chance to actually be the one to educate the buyer.

Sorry to say this, but those days are gone. However, you can go read about this in any book written on inside sales, webinars, or free eBooks from What I want to talk about right now is the contorted perception of today’s technology sales rep. Security vendors (whether that be on-prem software, hardware, or cloud software-as-a-service (SaaS) providers) are all trying to solve security problems with technology and why their technology is so great and how it will stop that next advanced persistent threat, or whatever buzzword gets created next (don’t get me started on the vendors actually trying to put their name behind that very attempt).

The problem in IT risk management today isn’t the technology — the technology that exists out there is already great. The problem is the people behind it. After all, as we all know, security isn’t a technology problem, it’s a people problem. Look at the Target breach (yes, 4 years later and we’re still referencing it for lessons learned). Two separate IT security controls (FireEye and Symantec) both alerted to anomalous traffic, which were brushed off.

The problem you see, has never been the technology. Stop trying to use it as a panacea to every security problem. I’ve worked in a professional capacity in information security since 2000. Seventeen years later when stateless packet filters have become stateful UTM firewalls and when signature-less/behavioural anomaly detection has become a real thing, we’re still trying to solve the problem with technology.

Please don’t get me wrong (back off from that keyboard negative nancy) — I’m not trying to say technology isn’t needed. Good technology is always needed, target-aware, intelligent technology is needed — but relationships are more important.

You thought I was going to say people didn’t you 🙂 Well no, people are an obvious part of a relationship, but what I want to focus on is the relationship itself. After all, it was Abraham Lincoln who also said “if you wish to win a man over to your ideas, first make him your friend.”

Let me tie this to real-world story. Tom Goemaat had just taken over as president and CEO of Shawmut Design and Construction when one of his customers began calling him unrelenting trying to get meals and golf outings setup with him. One day, his customer asked Tom if he knew why he kept asking him to go do things with him. Tom replied no, he had no clue why. The customer answered “because we need to have a relationship built on more than just projects. When we run into problems — and we will — we need to have a real relationship, so we can solve the problem together.”

I’m group CEO of Brier & Thorn and our current clients can attest to this. It may have seemed unfamiliar and a bit awkward at first, but our clients now get it. We have a one-on-one personal relationship with every single one of our clients, which has helped weather the storm of any bug we’ve run into with security controls the customer has in place over the years or issues that the technology should have caught. You see dear reader, it isn’t just about the technology. At some point, it will always fail and to be honest, even people — me — will fail. But it’s that relationship we have with our client that stands the test of technology issues, bugs, and even human error.

So the morale of the story here, stop trying to sell based on technology alone. Stop copying/pasting scripts you bought off sales tool web sites. Stop recording robotic greetings that play when your dialer hits a voicemail. Just talk to your buyers like a human. First work on forming that relationship with them, because I guarantee you, she’ll know way more about the technology and will already know if she wants to buy it — she wants to know about you and the company she’s investing in.


Alissa Knight is the Group Managing Partner of Brier & Thorn, Inc. and Senior Partner of its global subsidiaries in international markets in the United States, Europe, and Asia. Alissa has a passion for helping clients secure their most valuable assets; the ideas they bring to market that change the ways in which we work, live, and play. A proven leader with deep domain knowledge in developing strong client relationships, she builds outstanding global teams and partnerships, bringing a disciplined focus to operations and execution. Alissa leads the delivery of IT risk management services to the global marketplace; creating the service roadmap for Brier & Thorn's portfolio of IT risk management projects and managed security services delivered from its global network of Security Operations Centers.

Submit a comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s