There’s a common saying that you should never ask a barber if you need a haircut because the answer will always be “yes!” Likewise, it would be pretty unusual for cyber security sales reps to give you any reason why buying their products would be a bad idea. That’s why the business buying model of asking a salesperson whether you should buy his or her product is an outdated one.
In fact, the whole way you purchase all products and services has changed dramatically over the last few years. These days you can read white papers, online reviews, case studies, and peer reviews all before you ever talk to cyber security salespeople and hear their take on how they think you can benefit from their products or services. That’s a great thing for consumers. But all that access can lead to information overload; that’s why you need an expert to help you create a security solution that meets your company’s unique needs.
What is a security partner or cyber broker?
One of the best resources for learning about cyber security is a local security partner or cyber broker. If you’re unfamiliar with the model, cyber brokers are a lot like a walking, talking Travelocity for all security products. But rather than gathering your range of dates and travel preferences, they identify what it is you’re looking to fix, avoid, or accomplish within your company networks and security position.
These seasoned consultants work on your behalf to understand your network and environments from a holistic point of view, seeking first to understand and evaluate before any product or security solutions are even discussed.
How are cyber-security agents compensated?
First things first, how do cyber-security agents get paid? Agents are commonly compensated in one of three ways:
- A traditional VAR (value-added reseller) model wherein they buy wholesale and mark it up a few percentage points and pass that along to the customer.
- A monthly or annual consulting fee directly from the customer as a contractor or professional service fee.
- A commission payment payable by the individual products or services vendors the customer ultimately chooses to use.
“It’s not a tumor.” Misdiagnosing can lead to bigger problems.
In an effort to avoid paying any fees or markup, some customers try to go it alone and purchase directly from the internet. These DIY-ers think they can self-diagnose AND remedy security problems and issues they’re trying to patch, fix, or avoid. This is the same mistaken thinking that has people scouring WebMD, convinced that they have some advanced, terminal disease when, in reality, a little allergy medication would suffice.
Likewise, cyber security self-diagnosis can lead to one or more of these problems:
- Overspending. Some customers believe they have to purchase the latest and most expensive option in order to feel comfortable.
- Underspending. Just as problematic, or even more so, is the customer who purchases only for today’s problem or buys a solution that doesn’t properly address the security issue within the network.
- Ignoring. The greatest error stems from customers who believe they don’t need a security solution at all, which leaves them with bad or incomplete configuration/installations and underwhelming results.
A professional can help you get the right cyber-security fit. Peace of mind comes from relying on another set of technical eyes and experience to confirm you have the right solution, the right product, or the right configuration of existing products. While there is no “secret weapon” that’s going to bring your organization into cyber security utopia, having a credentialed and capable team confirm your decisions will give you confidence in the long run.
Using an agent or a specialized security consultant can save you countless cycles trying to educate and re-educate your revolving door of salespeople on the nature and culture of your business as well as the systems, network, and applications that are the most critical to defend.
Cyber-security agents offer customized solutions.
Personalization and specialization with the customer in mind are perhaps the most valuable thing your cyber security agent brings to your organization. A good agent will help you avoid needless research time and hone in on the specific solutions that will bring you happiness. A cyber-security agent can then leverage super skills with relationships when it is most critical–during an outage or to secure better pricing on your behalf with vendors and suppliers.
By taking the long view on relationships with their customers, agents become trusted advisors or the consiglieres to customers who are building up their own thriving organizations. In our roles, as we see it, whether it is Hyper Networks or Optiv (a competitor we could recommend), we want to be sitting on your side of the table, helping to navigate the procurement and political limitations of your company while making sure our customers are sleeping well at night knowing they’ve made the wisest choice.
Independent cyber-security agents can give unbiased recommendations.
Finally, and perhaps most importantly, an independent agent or cyber broker has the ability to stay both agnostic in their recommendations and solidly holistic in support of those security products and security services you’ve employed.
This means that when there is a breach or an issue with your AWS container or Checkpoint firewalls, or when you’re experiencing a difficult audit, you only need to make one call to marshall the resources of all currently supported vendors.
That’s when you’ll be grateful you aren’t asking just anyone for a favor. Instead, you’ll have your trusted advisor on speed dial, which allows you to work on the other pressing and pertinent issues within your organization. Maybe you’ll even have time for that haircut.