Embed Size (px)
DESCRIPTION
An introduction to selling security for technicians by Bill Kasper
Citation preview
Selling Security
You must sell IT securityIt does not sell itself
(Eww, sales)
Bill Kasper from HackerVaccine.com
Selling SecurityStart from the end. Work our way back from our goals.
Visualize World Peace (Through Strength)
Goal: The System Is SECURE!
Goal: The System Owner is HAPPY!
Goal: You are a HERO!
Selling SecurityReport your success (blow your own trumpet)
Goal: Inform the client
Goal: Emergencies averted
Goal: Boss looks good!
Selling SecurityRe-check the SYSTEM (every day is Groundhog Day)
Goal: Verify predictions/fixes
Goal: Avoid surprises
Goal: Reduce your stress
Selling SecuritySchedule and act on deployment/downtime as agreed
Be when and where you said you'd be
Goal: Demonstrate timeliness
Goal: Avoid cascading crises
Goal: Predictability = trust
Selling SecurityGet client to commit to time/date/resources to secure the SYSTEM
Convey that your time and schedule are valuable
Goal: Communicate your value
Goal: Share responsibility
Goal: Determinism is our friend
Selling SecurityOffer goodies to meet a deadline to secure the SYSTEM
Encouragement in search of excellence (not manipulation)
Goal: Organize your calendar
Goal: Commit your client(s)
Goal: Speed up sales cycle
Selling SecurityPick a time you want to secure the SYSTEM
24 hrs from now, this weekend, before Simpsons is on
Goal: Lock gates before escape
Goal: Communicate urgency
Goal: Chance to be a hero
Selling SecurityFind your sponsor's hot button/deadly sin
Fear, greed, ego, pride
Goal: Know your customer
Goal: Speak in effective terms
Goal: Build relationship
Selling SecurityWhoever owns the SYTEM will respond to SOMETHING
Communicate that SECURITY represents money, peace, time
Know: Psychology opens doors
Know: You're right, that's a fact
Know: Common ground = sale
Selling SecurityIn order to secure the SYSTEM, we must sell securityOvercome “The suits sell, we actually do stuff” attitude
Know: Ninja sales skills = work
Know: Technicians can sell
Know: Selling is being friendly
Selling SecurityHate not the ways of The Suits
For tho they are but non-technical, lo, they bringeth in the buck$
Know: Technicians don't like suits
Know: Suits don't grok technicians
Know: Suit skills + tech = Winning
Selling SecurityWhat established personal interaction model works?
White Hat Hacking the stakeholder's psyche
Goal: Succeed with least effort
Goal: Get that SYSTEM secured!
Goal: Get paid to succeed
Selling SecurityGetting the SYSTEM secured requires personal interaction
Stakeholders like to be wooed
Know: Technology doesn't sell
Know: Solutions/sex sells
Know: You solve client problems
Selling SecurityProspect Theory (Daniel Kahneman, 1979, eventual Nobel Prize)
Why 85% of people would rather risk losing bigthan losing a little up front for sure
Know: Risking big loss is preferred
Know: Security is an uphill psych war
Know: There are psych war weapons
Selling SecurityWho is in charge here?
There is a behind on the line. Find out whose.
Goal: Don't bother talking to minions
Goal: Identify “launch” authority
Goal: List areas of responsibility
Selling SecurityPreemptive security is obviously a great way to spend money.
Why are we even talking about this?
Know: You're smarter than your client
Know: What's obvious to us, ain't
Know: Security is a negative
Selling SecurityOMFG!
Does anyone know about the lack of security in the SYSTEM?
Goal: Find someone who can agree to fix
Goal: Be Paul Revere 2012!
Goal: Apply your passion profitably
Selling SecurityOMFG!
The SYSTEM is unsecured!!!
Know: You see a problem others don't
Know: You can't fix it all by yourself
Know: It's probably worse than you think
Selling Security
Www.HackerVaccine.com@hackervaccine
Bill Kasper from HackerVaccine.com
