<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=522217871302542&amp;ev=PageView&amp;noscript=1">

From Prospect to Client: 5 Tips for a Successful Security Audit

Posted by Christopher Parisi on May 12, 2017 11:16:14 AM

When selling security solutions to your prospects, building trust and being seen as an advisor and subject-matter expert sets you apart.

It’s not just about selling point products, but rather it’s about solutions that can scale with threat trends and future unknowns. Here are five tips for your next security assessment to help you turn a prospect into a client:

  1. Speak with the right stakeholder.

    When discussing security needs with a customer, start the conversation with the data owner. The CEO, CIO, or department heads are the typical job titles you're looking for. The data owners have the most to lose as they face the media, the stockholders, and the board when disaster strikes. With their buy-in and attention, you can make sure the data owners understand the impact a breach can have on their company financially and overall reputation.
  2. Engage data custodians in conversations, too.

    Don’t let someone trying to save their job jeopardize your clients’ security. Data custodians, IT engineers, security analysts and network engineers will do everything in their power to assure upper management that they’ve got it under control. Invite these stakeholders to your briefing after the audit when you have a complete view of the systems and state of the company’s data as it relates to security.

  3. Keep your distance from the blame game.

    Keep explanations of audit findings centered on the resolution, not attacks on those trusted with the security of our environment. It’s better to have data custodians as an adversary who feels you are there to help them. You don’t want to be abrasive with your findings by placing blame. Careful language in your briefing, both written and verbal, is important.

  4. Educate your client with statistics and examples of breach scenarios.

    This is your best defense against push back. Experts agree that the Wall Street Journal's Tech News Briefings is one of the most authoritative, relatable sources you can use with the executive decision makers you’re advising. If you see an area that’s often a point of entry into a company’s network your assessment has flagged as vulnerable, provide examples and potential costs to the client if they were to be compromised. With many publicized breaches such as Yahoo!, Target, and local governments, finding numbers and how they were compromised, makes it easy to reference.

  5. Be honest and upfront with your prospect.

    Your conversation should be realistic on the ability to mitigate risks. No security measure, practice, or appliance will reduce the risk of a breach to zero. Your job is to reduce the risk to as close to zero as possible and help mediate a network breach when it takes place. The quickest way to lose credibility is by telling your client the solution is foolproof.

An advisor looks after a customer’s network even when an immediate sales opportunity may not be apparent. A customer’s attack surface size is fluid. It may be well protected from today’s threats but could become much larger if targeted by a zero-day attack. Continuous engagement with a customer is one of the top actions a service provider can take to offer customer satisfaction and often leads to repeat business. With these tips and effective assessment tools, your future and current customers can implement healthy cyber hygiene practices and remain vigilant.

For more information on how you can implement security assessments into your business today, contact a Tech Data Security and Information Management specialist at 800-237-8931, ext. 73246.


Tags: Security Audit