HackerVaccine - Selling Security


Published on

An introduction to selling security for technicians by Bill Kasper

Published in: Education, Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

HackerVaccine - Selling Security

  1. 1. Selling Security Bill Kasper from HackerVaccine.comYou must sell IT security It does not sell itself (Eww, sales)
  2. 2. Selling Security Start from the end. Work our way back from our goals. Visualize World Peace (Through Strength)Goal: The System Is SECURE!Goal: The System Owner is HAPPY!Goal: You are a HERO!
  3. 3. Selling Security Report your success (blow your own trumpet)Goal: Inform the clientGoal: Emergencies avertedGoal: Boss looks good!
  4. 4. Selling Security Re-check the SYSTEM (every day is Groundhog Day)Goal: Verify predictions/fixesGoal: Avoid surprisesGoal: Reduce your stress
  5. 5. Selling Security Schedule and act on deployment/downtime as agreed Be when and where you said youd beGoal: Demonstrate timelinessGoal: Avoid cascading crisesGoal: Predictability = trust
  6. 6. Selling Security Get client to commit to time/date/resources to secure the SYSTEM Convey that your time and schedule are valuableGoal: Communicate your valueGoal: Share responsibilityGoal: Determinism is our friend
  7. 7. Selling Security Offer goodies to meet a deadline to secure the SYSTEM Encouragement in search of excellence (not manipulation)Goal: Organize your calendarGoal: Commit your client(s)Goal: Speed up sales cycle
  8. 8. Selling Security Pick a time you want to secure the SYSTEM 24 hrs from now, this weekend, before Simpsons is onGoal: Lock gates before escapeGoal: Communicate urgencyGoal: Chance to be a hero
  9. 9. Selling Security Find your sponsors hot button/deadly sin Fear, greed, ego, prideGoal: Know your customerGoal: Speak in effective termsGoal: Build relationship
  10. 10. Selling Security Whoever owns the SYTEM will respond to SOMETHING Communicate that SECURITY represents money, peace, timeKnow: Psychology opens doorsKnow: Youre right, thats a factKnow: Common ground = sale
  11. 11. Selling Security In order to secure the SYSTEM, we must sell security Overcome “The suits sell, we actually do stuff” attitudeKnow: Ninja sales skills = workKnow: Technicians can sellKnow: Selling is being friendly
  12. 12. Selling Security Hate not the ways of The Suits For tho they are but non-technical, lo, they bringeth in the buck$Know: Technicians dont like suitsKnow: Suits dont grok techniciansKnow: Suit skills + tech = Winning
  13. 13. Selling Security What established personal interaction model works? White Hat Hacking the stakeholders psycheGoal: Succeed with least effortGoal: Get that SYSTEM secured!Goal: Get paid to succeed
  14. 14. Selling Security Getting the SYSTEM secured requires personal interaction Stakeholders like to be wooedKnow: Technology doesnt sellKnow: Solutions/sex sellsKnow: You solve client problems
  15. 15. Selling Security Prospect Theory (Daniel Kahneman, 1979, eventual Nobel Prize) Why 85% of people would rather risk losing big than losing a little up front for sureKnow: Risking big loss is preferredKnow: Security is an uphill psych warKnow: There are psych war weapons
  16. 16. Selling Security Who is in charge here? There is a behind on the line. Find out whose.Goal: Dont bother talking to minionsGoal: Identify “launch” authorityGoal: List areas of responsibility
  17. 17. Selling Security Preemptive security is obviously a great way to spend money. Why are we even talking about this?Know: Youre smarter than your clientKnow: Whats obvious to us, aintKnow: Security is a negative
  18. 18. Selling Security OMFG! Does anyone know about the lack of security in the SYSTEM?Goal: Find someone who can agree to fixGoal: Be Paul Revere 2012!Goal: Apply your passion profitably
  19. 19. Selling Security OMFG! The SYSTEM is unsecured!!!Know: You see a problem others dontKnow: You cant fix it all by yourselfKnow: Its probably worse than you think
  20. 20. Selling Security Bill Kasper from HackerVaccine.comWww.HackerVaccine.com @hackervaccine