Everyone always thinks that what they do is different, unique, and extremely valuable. It’s a marketer’s job to make this case for their solution or service. It’s our job, as sales people, to take that case and make it a reality. Unfortunately, when it comes to cybersecurity, it’s not a simple sale.

The Cybersecurity Market is Vast and Only Getting Bigger

Particularly, when you look at the nature of the cybersecurity market and the rate in which cybersecurity companies are innovating and bringing out new capabilities to address the ever-evolving threats targeting organizations. It is virtually impossible for customers, who are focused on their business, to consume, or even know about, all the information coming from all the different companies on all the different cybersecurity issues they have. (This issue is compounded by the well-documented shortage of cybersecurity expertise out there – unfilled cybersecurity positions are predicted to reach 3.5 million by 2021.) Forget about trying to make sense of it all to determine what they really need.

We are talking about a $137.85 billion USD market that’s expected to grow at a compound annual growth rate of 11% over the next five years. It’s a market made up of hundreds of technology companies – Cybersecurity Ventures whittles it down to 500 every year. These companies play in dozens of different cybersecurity categories – Gartner breaks it down to 5 segments, each of which contain multiple sub-segments that address different components of that category. These companies are constantly bringing out new innovations in the race to get ahead of attackers who, unfortunately, continue to increase in number and sophistication – just look at 2017, which was a banner year for damaging cyberattacks, worldwide.

Customers (and their VARs) Are Overwhelmed

Due to this market landscape, customers are increasingly overwhelmed and turning to value added resellers (VARs) to help them make sense of it all. They want their VARs to give them the solutions and guidance that will enable them to address their specific cybersecurity requirements and protect their business. (The costs and ramifications of cybercrime are big and far reaching.) VARs, however, are also dealing with the same market conditions, finding it hard to cut through all the noise and figure out what they need to offer to help their customers achieve their cybersecurity objectives.

As a result, there’s a disconnect between what technology vendors are putting out in the market and what VARs and customers are able to integrate and use. I saw this disconnect and thought I could establish a bridge between technology vendors and VARs/customers that could help everyone get what they want and need.

Establishing a Better Distribution Model

This is why I came up with holistic distribution and established Cloud Harmonics. Typically, distribution is relegated to providing supply chain services; a distributor will streamline and support the operational aspects of a sale, from ordering and financing to fulfillment and asset disposition/renewal management. But the unique vantage point of a distributor, who is looking at the market as a whole, means they could be doing so much more than creating supply chain efficiencies.

I wanted to build a more holistic distribution model, one that could cut through the clutter to identify where the real needs and opportunities are in the market and then provide VARs the technologies, tools and services they need to deliver on those needs. To do so, I built out our in-house technology and market expertise that focused on spotting early indicators of trends in the market and then identifying companies and technologies that could address what’s coming.

Cutting Through the Cybersecurity Noise

I committed to working with those technology companies that were really solving customer problems. I helped them establish effective go-to-market strategies that enabled VARs to confidently integrate their technologies into their portfolio to accelerate their adoption and profitability. And because the VARs knew we had taken the time and effort to evaluate the vendors and technologies available in the market, they could focus their own resources on working with their customers to deliver the solutions that would address their needs.

Why is Selling Cybersecurity Such a Challenge?

With cybersecurity that’s a challenge in and of itself because:

  1. Cybersecurity is not a box sale – the value of the sale is increasingly not in the hardware, but the software. A trend, by the way, that’s only going to amplify, as more and more workloads and capabilities move into the cloud/software as a service (SaaS) offerings. It’s not about speeds and feeds and checking the boxes of a customer’s requirements, because there are no simple requirements. If there were, everyone would be secure! Often, customers don’t know or truly understand what they need.

    For example, is malware on the endpoint a malware problem or a mobile security issue? Could it be something that the firewall could address, or does it require an endpoint security agent? Is it managed by a security incident and event management (SIEM) system or a mobile device management (MDM) solution?

    The answer is yes – it could be any and all of these things. It depends on the customer’s environment, the resources they are trying to protect, their tolerance for risk, their security objectives, the other solutions they have in place or are considering, etc.

    As a result, a cybersecurity sale is much more consultative and involved than other technology sales. A VAR needs to spend the time to identify and understand what a customer is really looking for and have the expertise to be able to match their requirements to the best solutions.
  2. Cybersecurity is not a set and forget sale – the customer purchase is just the beginning. There’s the design, deployment, configuration, integration, management and maintenance of the solution that must be considered. If the customer falters during any one of these steps, the solution will falter, and the sale will be considered a failure.

    As a result, VARs have a vested interest in making sure everything goes smoothly and continues to run effectively, which is why many are building out and offering services that can support the customer throughout the lifecycle of the solution. Unfortunately, due to the aforementioned cybersecurity talent shortage, it can be challenging for both the VAR and the customer to dedicate the time and resources required to make the most of cybersecurity investments.

    For example, a firewall isn’t configured once and then left to do its job – new rules are added, exceptions are made, new circumstance are accommodated, etc. These changes can erode and impact the overall security of the firewall, so they need to be monitored and audited to keep the desired security stance intact. This is something VARs can support, with the help of new and emerging automation tools, to alleviate the burden on the customer and improve overall security and satisfaction.
  3. Cybersecurity is not a stationary target – everything is always changing – there are new threats that require new approaches and technologies to keep up. VARs have to prepared to evolve. They have to be prepared to adopt new solutions and business models, so they can best meet the needs of their customers.

    This is hard to do, particularly when a VAR has invested heavily in a particular vendor or particular technology. They need to diversify and be open minded, often working with smaller ‘upstart’ companies a lot earlier than they may in other industries. Ultimately, to survive, long-term in cybersecurity, VARs have to be prepared to adopt solutions that may cannibalize some of their traditional revenue streams – if they don’t they will find themselves relics in an industry that’s left them behind.

    These aspects of cybersecurity make it a difficult market for VARs to enter and a difficult market for them to grow their business. But a holistic distributor can help address these challenges and reduce the barrier of entry to make it less risky for a VAR to offer, and ultimately profit from cybersecurity technologies.

The Three Pillars

This is why our holistic distribution model includes programs, tools and services that can support a VAR throughout their unique cybersecurity sales journey. It’s made up of three pillars:

  • Educate – With our proprietary, purpose-built instructor-led platform, we deliver the broadest range of technical classes and certifications available on a wide variety of next generation technologies. We make it easy for VARs (and end customers, as needed) to build awareness and competencies around these cybersecurity technologies. Education enables VARs to quickly build proficiency around emerging solutions, making it easier for them to identify a customer’s issues and confidently offer the right solutions that will address their needs.
  • Engage – We offer virtual sandboxes and demo units that give VARs (and customers) hands-on experience with the technologies they are selling, so they can see for themselves how they would fit and work in a customer’s production environment. We create ultimate test drive (UTD) days that provide access to complete, working ecosystems of next-generation solutions to demonstrate the power of coordinated strategies and capabilities. This gives VARs a friction-less way to adopt new technologies and maximize profitability.
  • Enable – We provide services and support that augment a VARs resources and expertise to not only ensure a smooth, seamless sale, but also smooth, effective ongoing deployments. We provide a single point of contact who knows the unique business of the VAR, pre-sales services, logistics, partner programs, a renewal portal, etc. We also offer post-sales services that support the design, implementation and configuration of the cybersecurity solutions, as well as automation tools that make it cost-effective and profitable for a VAR to keep their customer’s cybersecurity in force.
  • This unique approach has generated a lot of success. Since I founded Cloud Harmonics five years ago, we have over trained 10,000 engineers and grown our business from zero to $300 million. It’s why, in that short period of time, we have had dozens of cybersecurity technology companies and hundreds of VARs signing up to work with us to help them accelerate their cybersecurity business ramp. It is also why Ingram Micro acquired us. We are excited by the additional resources and focus this acquisition brings to our ability to build out our new, holistic distribution model. Only with a different approach to cybersecurity selling and distribution will we be able to meet the different needs of the cybersecurity market.