Successfully reported this slideshow.

Surviving the lions den - how to sell SaaS services to security oriented customers

1

Share

Sep. 24, 2015
1 like 654 views
Upcoming SlideShare
Aligning Risk with Growth - Cloud Security for startups
Aligning Risk with Growth - Cloud Security for startups
Loading in …3
×
1 of 33
1 of 33

Surviving the lions den - how to sell SaaS services to security oriented customers

Sep. 24, 2015
1 like 654 views

1

Share

Software

Passing through the Lion’s den – How to sell cloud services to security guys:
Pitching your SaaS offering is usually fun, until the security guys walks into the room as anyone who try to promote cloud services to organizations probably knows. On the other hand, for the CISO, sometimes cloud vendors represent the sum of all their greatest fears.

So, how can providers of cloud based software do better job in satisfying those gate keepers? Learn to speak their language and understand their terminology and way of thinking. In this presentation we will walk through the do’s and don’ts when pitching to information security professionals, and try to better understand their motivation and how to address their concerns.

This presentation is an introduction to a workshop providing better tools for cloud based companies to overcome challenges when selling their offering.

Passing through the Lion’s den – How to sell cloud services to security guys:
Pitching your SaaS offering is usually fun, until the security guys walks into the room as anyone who try to promote cloud services to organizations probably knows. On the other hand, for the CISO, sometimes cloud vendors represent the sum of all their greatest fears.

So, how can providers of cloud based software do better job in satisfying those gate keepers? Learn to speak their language and understand their terminology and way of thinking. In this presentation we will walk through the do’s and don’ts when pitching to information security professionals, and try to better understand their motivation and how to address their concerns.

This presentation is an introduction to a workshop providing better tools for cloud based companies to overcome challenges when selling their offering.

Software

Recommended

More Related Content

Viewers also liked

Cloud Security Certifications Landscape
Moshe Ferber
Cloud keybank privacy and owner authorization
Pvrtechnologies Nellore
Cloud risk and business continuity v21
Jorge Sebastiao
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
Amazon Web Services
Cloud security
BikashPokharel3
null Bangalore meet - Cloud Computing and Security
n|u - The Open Security Community
Cloud Security & Cloud Encryption Explained
Porticor - The Cloud Security Experts
cloud security ppt
Devyani Vaidya
Cloud Security Demystified
Michael Torres
Cloud Access Security Brokers - CASB
Samrat Das
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
Workshop: Threat Intelligence - Part 1
Priyanka Aash
Cloud Access Security Brokers
Abhishek Tripathi
2012 10 cloud security architecture
Vladimir Jirasek
Cloud Computing Security - Cloud Controls Security
Hari Kumar
Strategy Cloud and Security as a Service
Aberla
CSA SV Threat detection and prediction
Vishwas Manral
Cloud Security - Kloudlearn
KloudLearn
Webinar Express: What is a CASB?
Bitglass

Similar to Surviving the lions den - how to sell SaaS services to security oriented customers

Notorious 9 ciso platform moshe
Priyanka Aash
Cybersecurity and the regulator, what you need to know
Cordium
The evolving threats and the challenges of the modern CISO
isc2-hellenic
Reality of cybersecurity 11.4.2017
japijapi
Showreel ICSA Technology Conference
Institute of Chartered Secretaries and Administrators
Point of Sale Insecurity: A Threat to Your Business
SurfWatch Labs
How to Rebuild the Controls and Confidence after Data Exfiltration Occurs
InnoTech
NZISF Talk: Six essential security services
Hinne Hettema
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
BeyondTrust
Sem 003
SelectedPresentations
Multi cloud governance best practices - AWS, Azure, GCP
Faiza Mehar
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
North Texas Chapter of the ISSA
How To Stop Target-Like Breaches In Their Tracks
Resilient Systems
Cybersecurity in Sudan: Challenges & Opportunities
Mohamed Amine Belarbi
Using Threat Intelligence to Address Your Growing Digital Risk
SurfWatch Labs
ScotSecure 2020
Ray Bugg
CIS Compliance Automations Eevidence Collection, Security and Compliance Be...
Faiza Mehar
Overcoming Hidden Risks in a Shared Security Model
OnRamp
iDEAFest Enteprise InfoSec Program Lessons Learned
Michael King
Cyber threat enterprise leadership required march 2014
Peter ODell

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
Hamlet's BlackBerry: A Practical Philosophy for Building a Good Life in the Digital Age William Powers
(4/5)
Free
In the Plex: How Google Thinks, Works, and Shapes Our Lives Steven Levy
(4.5/5)
Free
An Army of Davids: How Markets and Technology Empower Ordinary People to Beat Big Media, Big Government, and Other Goliaths Glenn Reynolds
(4/5)
Free
World Wide Mind: The Coming Integration of Humanity, Machines, and the Internet Michael Chorost
(4/5)
Free
Tubes: A Journey to the Center of the Internet Andrew Blum
(4/5)
Free
Emergence: The Connected Lives of Ants, Brains, Cities, and Software Steven Johnson
(4.5/5)
Free
The Impulse Economy: Understanding Mobile Shoppers and What Makes Them Buy Gary Schwartz
(4.5/5)
Free
Blog Schmog: The Truth About What Blogs Can (and Can't) Do for Your Business Robert W. Bly
(4/5)
Free
The End of Business As Usual: Rewire the Way You Work to Succeed in the Consumer Revolution Brian Solis
(5/5)
Free
Socialnomics: How Social Media Transforms the Way We Live and Do Business Erik Qualman
(4/5)
Free
Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live Jeff Jarvis
(3.5/5)
Free
The Nature of the Future: Dispatches from the Socialstructed World Marina Gorbis
(4/5)
Free
Talking Back to Facebook: The Common Sense Guide to Raising Kids in the Digital Age James P. Steyer
(4.5/5)
Free
The Thank You Economy Gary Vaynerchuk
(4/5)
Free
Blog, Inc.: Blogging for Passion, Profit, and to Create Community Joy Deangdeelert Cho
(3.5/5)
Free
What Video Games Have to Teach Us About Learning and Literacy. Second Edition James Paul Gee
(4/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
New Dark Age: Technology and the End of the Future James Bridle
(4.5/5)
Free
The Emperor's New Mind: Concerning Computers, Minds, and the Laws of Physics Roger Penrose
(3.5/5)
Free
Blockchain Revolution: How the Technology Behind Bitcoin Is Changing Money, Business, and the World Don Tapscott
(4/5)
Free
Alone Together: Why We Expect More from Technology and Less from Each Other Sherry Turkle
(4.5/5)
Free
The Death of Expertise: The Campaign Against Established Knowledge and Why it Matters Tom Nichols
(4.5/5)
Free
Algorithms to Live By: The Computer Science of Human Decisions Brian Christian
(4.5/5)
Free
Who Owns the Future? Jaron Lanier
(4/5)
Free
The Social Life of Information: Updated, with a New Preface-Revised John Seely Brown
(0/5)
Free
An Introduction to Information Theory: Symbols, Signals and Noise John R. Pierce
(4.5/5)
Free
The Dark Net: Inside the Digital Underworld Jamie Bartlett
(4/5)
Free
Cognitive Surplus: Creativity and Generosity in a Connected Age Clay Shirky
(4/5)
Free
The New New Thing: A Silicon Valley Story Michael Lewis
(4.5/5)
Free
Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Seth Stephens-Davidowitz
(4.5/5)
Free
Ten Arguments for Deleting Your Social Media Accounts Right Now Jaron Lanier
(4/5)
Free
The History of the Future: Oculus, Facebook, and the Revolution That Swept Virtual Reality Blake J. Harris
(4.5/5)
Free
Once Upon an Algorithm: How Stories Explain Computing Martin Erwig
(4/5)
Free

Surviving the lions den - how to sell SaaS services to security oriented customers

  1. 1. Pitching cloud services to security folks Moshe Ferber, CCSK  Onlinecloudsec.com Surviving the Lion’s den…
  2. 2. About  Information security professional for over 20 years  Working on cloud strategy with the world largest software vendors  Founded Cloud7, Managed Security Services provider (currently 2bsecure cloud services)  Partner at Clarisite – Your customer’s eye view  Partner at FortyCloud – Make your public cloud private  Member of the board at Macshava Tova – Narrowing societal gaps  Certified CCSK instructor for the Cloud Security Alliance.  Co-Chairman of the Board, Cloud Security Alliance, Israeli Chapter
  3. 3. Cloud Computing How the CIO see it?
  4. 4. Cloud Computing How the End-user see it?
  5. 5. Cloud Computing How the CFO see it?
  6. 6. Cloud Computing And how the CISO see it?
  7. 7. Mistakes Cloud provider do #1
  8. 8. Mistakes Cloud provider do #2
  9. 9. Mistakes Cloud provider do #3
  10. 10. Mistakes Cloud provider do #4
  11. 11. What else ciso’s don’t like
  12. 12. AgilityAgility What do you say… And how the CISO understand it
  13. 13. ScalabilityScalability What do you say… And how the CISO understand it
  14. 14. ComplianceCompliance What you say? How the CISO understand it
  15. 15. ManageabilityManageability What do you say… And how the CISO understand it
  16. 16. ReliabilityReliability What do you say… And how the CISO understand it
  17. 17. So what is the ciso looking for?
  18. 18. So, how do we create trust? 1. Transparency 2. Competency
  19. 19. Transparency
  20. 20. Transparency #1 takeout Security in the cloud is a shared responsibility Source: Trend Micro Blog
  21. 21. Transparency #2 Security Policy Security Policy is mandatory, it should contain all aspects of how you protect your customers data.
  22. 22. Transparency #3 Audits Don’t run away from security audits
  23. 23. Competency Skill Design Governance
  24. 24. Skill • Make sure your sales / pre-sales understand cloud security. • Understand the standards and regulation relevant to your sector.
  25. 25. Skill #2 • Make your security building block tangible to the customers. Monitoring and Incident management Application Security Data Security Infrastructure Security Data Center Security
  26. 26. Understand Cloud threats & Risks Threat RISK Losing Money Theft Unsecure Door Attack Vector
  27. 27. Cloud Attack vectors Cloud attack vectors Provider administration Management console Multi tenancy & virtualization Automation & API Chain of supply Side channel attack Insecure instances
  28. 28. Understanding controls Preventive • Firewall (Security Groups) • Authentication • Anti Virus • Guards Detective • IDS • System monitoring • Motion detector Corrective • Upgrades & Patches • Vulnerability scanning Compensatory • DRP & Backup • Firewall logs • Reviews • Audit & reconciliation
  29. 29. Design Threat Security Service Spoofing Authentication Tampering Digital Signature, Hash Repudiation Audit Logging Information Disclosure Encryption Denial of Service Availability Elevation of privilege Authorization • Integrate security to your software lifecycle. • Account for cloud specific threats. • Think about separation of tenants. • Explore encryption at all layers. • Think about 3rd party access.
  30. 30. Governance • Most security companies simply don’t know how to do ongoing operational security. • If you are guarding banks data, you need Banks operational capabilities.
  31. 31. Questions?
  32. 32. To wrap things up Speak your customers lingo Use good building blocks Don’t hesitate to be transparent on your security controls. Cloud Security is very much about your customers market sector. Be proactive in your security, think ahead of your customers.
  33. 33. Moshe Ferber   www.onlinecloudsec.com http://il.linkedin.com/in/MosheFerber KEEP IN TOUCH Cloud Security Course Schedule can be find at: http://www.onlinecloudsec.com/course-schedule

Editor's Notes

  • Thank you for inviting me, I am very happy to be here in Athens.
  • My name is Moshe Ferber, and I am working with some of the world largest software vendors in order to help them define and achieve their go-to-cloud strategy. I am also very kin on educating about the cloud, so I am helping in creating some of the world cloud security certification.

    • ×