top of page

Stop Trying to Sell Security Technology and Start Creating Relationships

Dale Carnegie once said "You can make more friends in two months by becoming interested in other people than you can in two years by trying to get other people interested in you."

I love this quote. Dale Carnegie is the author of the New York Times best selling book "How to Win Friends and Influence People." The book sold over 30 million copies since first being published in 1936.

You're dealing with a much more educated buyer now. The Chief Information Security Officer (CISO) and other C-level executives who you are trying to hawk your latest firewall, network IDS, or endpoint security solution to actually knows more about the product you're trying to sell her than you do, and you work for the company! With the numerous resources like SC Magazine Group Reviews, YouTube videos, global security conferences, and well, LinkedIn, your buyer is way more informed than the old days when cold calling and unsolicited email actually worked and you got a chance to actually be the one to educate the buyer.

Sorry to say this, but those days are gone. However, you can go read about this in any book written on inside sales, webinars, or free eBooks from What I want to talk about right now is the contorted perception of today's technology sales rep. Security vendors (whether that be on-prem software, hardware, or cloud software-as-a-service (SaaS) providers) are all trying to solve security problems with technology and why their technology is so great and how it will stop that next advanced persistent threat -- or whatever buzzword gets created next.

The problem in IT risk management today isn't the technology -- the technology that exists out there is already great. The problem is the people behind it. After all, as we all know, security isn't a technology problem, it's a people problem. Look at the Target breach (yes, 4 years later and we're still referencing it for lessons learned). Two separate IT security controls (FireEye and Symantec) both alerted to anomalous traffic, which were brushed off.

The problem you see, has never been the technology. Stop trying to use it as a panacea to every security problem. I've worked in a professional capacity in information security since 2000. Seventeen years later when stateless packet filters have become stateful UTM firewalls and when signature-less/behavioural anomaly detection has become a real thing, we're still trying to solve the problem with technology.

Please don't get me wrong (back off from that keyboard negative nancy) -- I'm not trying to say technology isn't needed. Good technology is always needed, target-aware, intelligent technology is needed -- but relationships are more important.

You thought I was going to say people didn't you :) Well no, people are an obvious part of a relationship, but what I want to focus on is the relationship itself. After all, it was Abraham Lincoln who also said "if you wish to win a man over to your ideas, first make him your friend."

Let me tie this to a real-world story. Tom Goemaat had just taken over as president and CEO of Shawmut Design and Construction when one of his customers began calling him unrelentingly trying to get meals and golf outings setup with him. One day, his customer asked Tom if he knew why he kept asking him to go do things. Tom replied no, he had no clue why. The customer answered "because we need to have a relationship built on more than just projects. When we run into problems -- and we will -- we need to have a real relationship so we can solve the problem together."

I'm group CEO of Brier & Thorn and our current clients can attest to this. It may have seemed unfamiliar and a bit awkward at first, but our clients now get it. We have a one-on-one personal relationship with every single one of our clients, which has helped weather the storm of any bug we've run into with their security controls or security events that the technology should have seen. You see dear reader, it isn't just about the technology. At some point, it will always fail and so will people. But it's that relationship we have with our client that stands the test of technology issues, bugs, and even human error. It's your relationship with the client that will last longer than the technology.

So the morale of the story here is, stop trying to sell based on technology alone. Stop saying hello, "my name is Jane, let me talk about myself, and show you my shiny new security toy." Stop copying/pasting scripts you bought off sales tool web sites. Stop recording robotic greetings that play when your dialer hits a voicemail. Just talk to your buyers like a human.

Ask about them and what their problems are, THEN tell them about yourself and your technology. First work on forming that relationship with them because I guarantee you, she'll know way more about the technology than you think and will already know if she wants to buy it. All she really wants to know about is you and the company she's investing in.

5 views0 comments

Recent Posts

See All

Zero Trust Cybersecurity

Introduction In today's digital world, where online threats are a big concern, traditional security methods are not always enough. That is where Zero Trust cybersecurity comes in, it is a new framewor


bottom of page