I was sitting with my Sales Team last Friday, listening to their experiences with prospects. They had some great stories about wins and interesting stories about losses. When I asked them about their biggest frustrations, they turned the tables and put me on the spot.
My biggest frustration? It comes in the form of three objections that can surface during the sales cycle. Let me explain.
Sometimes the sales process is easy. The prospect has a real need and a budget and understands the importance of building security into their cloud environment, and we form a winning relationship almost from the start. We’re on the fast track to closing, and from there on out we have the opportunity to form a long-term relationship.
Other times, there’s no compelling need, or budget, or we’re just not the right fit. If this is the case, the prospect moves on, we move on, and there’s nothing more to it.
But there’s a third scenario that really frustrates me because the prospect has a real need (and knows it), and they like our solution, but they get hung up on one (or more) of three objections — which all defy logic. For that reason, I refer to these objections (at least to myself) as Myths. And what do you do with myths? You bust them!
The 3 Most Common Objections
Most often when we fail to convert a qualified prospect into a customer it’s not because we’ve been bested by a direct competitor. It’s because the prospect has raised one of the following 3 objections:
- We don’t have a budget.
- It’s not the right time for us to buy.
- We really like your solution, but we’re going to build our own using open source components (or COTS point solutions).
I’m frustrated when I hear any one of these and sincerely hope the company doesn’t get forced into action by an “unpleasant compelling event” like losing an existing customer, or not being able to sign a new customer because they don’t have adequate security provisions. Or worse — having to respond to a data breach. And I hope no one spends too much trying to build their own solution (unless they’re in the security business).
I don’t have a magic bullet, but I can, at least, shed light on why there’s no logical reason for letting any of these objections delay or derail the prospect’s need to start building security into their organization.
Objection/Myth #1: No Budget
In our current cyber climate, risk — whether it’s from internal or external factors — is ever-present. It’s a fact of business, and therefore some form of security is essential. It’s a cost of doing business. You don’t buy a car and not expect to budget for fuel. (I wonder how Marissa Mayer feels, having denied her newly appointed CISO the financial resources he needed to build proactive security defenses!)
If you want to ensure business continuity, if you want to scale organically or through relationships with other companies, you must have a working security strategy and solution.
You can make the cost more palatable if you shift your mindset and look at security as an investment rather than an expense. And any investment you make becomes a permanent asset in your security arsenal, and you can add to it as you go along.
You can also reduce the initial spend if you start with no-cost or low-cost measures such as training your employees on something as simple as security best practices. The reward is immediate: as soon as you implement an improvement, you’re stronger than you were before.
Objection/Myth #2: It’s Not the Right Time
Waiting won’t bring you any closer to achieving your business or security goals. But it will prolong the risk, exposure, and limitations you currently face.
The bad guys, the inadvertent insider lapses that can lead to security breaches, and the customers who want to do business with you if you meet their security criteria, aren’t waiting. So the only “right” time is now. If you’re growing, the problem is only going to become bigger and more complex as time goes by. So it’s best to be proactive, to take initial steps, and at least be partially prepared.
Objection/Myth #3: We’re Going to Build Our Own System
Many companies feel they can create their own solution using open source tools or a series of COTS point solutions. But it’s been proven time and again that, if security isn’t your core competency, this will put a tax on your IT or engineering resources and also run up your costs without delivering the results you want. (If you need a fleet of vehicles for your business, you don’t build your own. You call the leasing agent!)
So don’t try this at home! That is, don’t try building your own solution from scratch or from open source technology.
Talk to companies like Threat Stack who build integrated platforms based on extensive R&D and multiple decades of collective experience. Today’s comprehensive solutions are built for the cloud and bring together multiple functions that give you deep visibility into your data and systems and let you view critical data in a comprehensible, actionable manner.
A Final Word . . .
Don’t let myths govern your security strategy. Start building a cloud security strategy based on common sense and, as they say, Just do it!