Cybersecurity companies need to change their approach when it comes to acquiring customers as security leaders are becoming weary of aggressive sales tactics. The industry is a two-way street, and it is important that both parties treat each other well to make the security industry a better place. While there is a lot of advice available for cybersecurity startups on how to engage with security leaders, little attention is paid to how security leaders can make life easier for cybersecurity vendors.
Chief Information Security Officers (CISOs) should approach cybersecurity startups from a place of curiosity. It is important to recognize that most startup founders are passionate about solving hard problems and do not typically quit their jobs to make the industry a terrible place. Understanding their view of the world and being curious about it is a great start. Without innovative founders willing to take risks, the industry would not have been able to evolve.
When security leaders articulate the problem they are trying to solve and provide context, conversations tend to be more productive for everyone involved. Without context, vendors have no choice but to offload the list of features instead of explaining how their offerings can address the buyer’s needs. Conversations that start by clearly articulating a problem instead of listing abbreviations that the customer is looking to buy tend to be the most productive.
It is important to remember that people who work for vendors are also trying to feed their families. Sales development representative is one of the lowest-paid and hardest occupations, and it’s not uncommon for companies to hire fresh graduates and entry-level workers for these roles. Companies that use aggressive sales tactics should be held accountable. However, there is no need to tell the person trying to put bread on their table what you think of them, their family, and their life. Cold-calling is a soul-crushing grind, and they probably hate their job anyway.
Proactively offering transparent feedback helps startups innovate and prioritize solving the right problems. Most people, even those working for companies that security leaders do not agree with, are genuinely trying to do work they can be proud of. Hearing new ideas and perspectives can help startups innovate and prioritize the right problems. The bug that has been annoying the team for months could have been fixed a year ago if it had been reported.
Early-stage startups are struggling to get the word out about their work. To discourage companies from using unethical, aggressive sales tactics, it is important to not only bring attention to the bad in the industry but also to evangelize the good. Recommending companies you trust to your peers can make a significant difference. Making an introduction to someone who may benefit from their work, publishing a good review on social media, or giving them a testimonial they can put on their website are all great ways to help startups.
Lastly, it is important to manage expectations when working with vendors. It is painful to see security leaders and their teams ghost vendors after spending time going through demos and even doing a few weeks-long proofs of concept. If you see that you won’t be able to implement the solution within the timelines you have initially communicated, simply say so and provide a new target. This will help the vendor update its forecasting and plan the capacity of support teams. If you decide to not go ahead with the solution, send the people you spoke with a brief email explaining what you decided and why. Providing feedback on the experience, what went well, and what the vendor can do better can also be helpful.
Both parties – vendors and buyers – have the power to help make the industry a better place. More collaboration, mutual support, and respect are needed to achieve this. At the end of the day, both parties are fighting on the same side.