​​[05-04-23] How Should Security Vendors Engage With CISOs?

​​How Should Security Vendors Engage With CISOs?

May 04, 2023

CISO Series

Defense in Depth

How Should Security Vendors Engage With CISOs?

How Should Security Vendors Engage With CISOs?

CISO Randall Frietzche of Denver Health has had enough of the security vendor marketing emails and cold sales calls. He's blocking them all. But it's not a call to avoid all salespeople. He just doesn't have the time to be a target anymore. So how should vendors engage with such a CISO? And does this CISO represent most CISOs today?Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap , CISO, LinkedIn. We welcome our guest Joy Forsythe, VP, security, Thrive Global.Persistent follow up often generates the opposite effect. “The sales ‘system’ is essentially broken and really needs to be reworked,” said Brian Teusink of EY. Teusink was speaking of the volume demands of calls, emails, and outreaches sales managers impose on their staff. Persistent follow up, and going over a CISO’s head to the CIO is not landing well, resulting immediately in lost trust, said both Rich Cen of West Monroe and Al Berg, CISO of Tassat. "Escalating tactics are a great way to get my attention, but probably not the attention you want,” said Justin Kingston, CISO of Farnsworth Group.It may be a numbers game, but many security professionals don’t want to be caught in the numbers. "For all the folks who will block the sales attempts, some will be open to a discussion and that is enough to solve lots of problems. People are busy and don't typically respond with the first attempt. So what may seem annoying to you is necessary to reach the intended audience," said Tracy Aymond of CBM Technology. John Overbaugh, CISO of ASG, doesn’t like getting caught in the funnel. "Sales come from building relationships,” said Overbaugh. "’Sales Bro’-oriented environments don't get that, so they live, sleep and die by the funnel - make 200 calls, make a sale. I refuse to be part of those 200 calls."Part of a CISO’s job is being aware of solutions in the market. We got a lot of controversial discussion in response to Pierrot Ferland of SPAK chastising the CISOs who didn’t welcome vendor outreach. Ferland said, “Your job as a CISO is to be open to the market and evaluate new products. By doing this (ignoring calls and marketing emails) you will miss a lot of opportunities to learn about new trends.”The marketplace is confusing and it’s expensive to get recognized. Given the sheer volume of security vendors in the marketplace (I’ve heard 4,500 being repeated) it can become very expensive just to be visible, noted Magdalena Kernie of Egnyte. "The vendor landscape is already huge and crazy,” said Mark Fermin of Ingram Micro. “We're all trying to get a piece of the addressable market, but at the end of the day we need to go back to basics and focus on the things that ultimately bring mutual success in solution sales: building TRUST and RELATIONSHIPS." Please listen to the full episode on your favorite podcast app, or over on our blog where you can read the full transcript. If you’re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now. 

Thanks to our podcast sponsor, Code42

Code42

LIVE!

 Cyber Security Headlines - Week in Review 

Make sure you 

 to join the LIVE "Week In Review" this Friday for 

Cyber Security Headlines 

with CISO Series reporter Richard Stroffolino. We do it this and every Friday at 3:30 PM ET/12:30 PM PT for a short 20-minute discussion of the week's cyber news. Our guest will be NAME, title, Company.

Thanks to our Cyber Security Headlines sponsor, Trend Micro

Trend Micro

Cyber chatter from around the web...

Jump in on these conversations 

"US/EU bans TikTok" (

)

"Go back to government/clearance work or lose my clearance" (

)

"What news website do you use to keep up with the latest threats & emerging technologies?" (

)

Coming Up On Super Cyber Friday...

Coming up in the weeks ahead on Super Cyber Friday we have:

  • [05-12-23] Hacking Security Culture

  • [05-19-23] Hacking the Software Supply Chain

  • [06-02-23] Hacking the Future of Risk Management

and register for them all now!

Thank you!

Thank you for supporting CISO Series and all our programming  

We love all kinds of support: listening, watching, contributions, What's Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!

Everything is available at cisoseries.com.

Interested in sponsorship, contact me, David Spark.