Cybersecurity is more important than ever right now, and a breach could be costly and damaging. As we’ve seen recently with the high-profile breaches following the aftermath of executive departures, companies are giving cybersecurity the attention it deserves.
According to Gartner, market spending is expected to more than double from its current size of $75 billion to $170 billion by 2020: what this leads to is an explosion of new cybersecurity solutions.
There’s a lot to keep up with: apps that may need patching, vulnerabilities to manage, and a bunch of fires that will need to be put out swiftly and efficiently. This market is growing, but with so many emerging vendors it becomes a challenge to understand which solution is the best one to fit your organization’s needs.
Whether your organization needs deception detection, user behavior analytics, or a threat intelligence management solution, there are vendors that can help with that. While this has traditionally been a highly time intensive and manual process, finding the right solution can be much faster and easier.
Likewise, as a vendor, there should be an easier way to make sure customers understand your value add and to discover what challenges they are looking to solve.
Top Vendor Challenge – Getting Customer Visibility
One of the biggest challenges any new business faces is getting in front of customers. We are currently living in an accelerated climate of startups and highly necessitated interest in cybersecurity, but this explosion of vendors has made it harder than ever for customers to actually know who does what, let alone which vendors to choose from to move to from a Proof of Concept.
As a former sales engineer for one of these startups, I can attest that we all hunt for customers in a lot of the same ways, which is a combination of highly manual efforts that go something like this:
- Go to conferences and conventions and entice prospects with sweet swag during booth duty.
- Publish articles.
- Form partnerships with resellers, groups, or other vendors.
- Contact customers from previous roles.
- Cold call/email.
- Frantically answer a new RFI that has come in from a prospect.
While all of these are effective and necessary, they are also very difficult and time consuming. Nearly all of these startups are funded by venture capital firms and as a result, have quotas that they need to hit. Yet marketing and advertising is very expensive and you have to be smart with your runway of cash. While it’s hard being a vendor, it’s hard being cybersecurity customer too.
For a Customer – Finding the Right Solution
Because security teams are almost always understaffed, there is only so much time in the day to research the right vendor to fit your organization’s needs. A typical customer follows these processes to choose three vendors to evaluate:
- Asking around with friends and colleagues.
- Spending time on Google researching something like, “top [insert niche] cybersecurity vendors”
- Attending conferences and conventions and get your badge scanned at the vendor booths in exchange for sweet swag. Ask for two or three for the other kids. Remember the ones that oblige. Vow spam filtering on those that don’t (kidding...I hope)
- Taking calls from trusted reseller
- Receiving 10,000 cold calls/emails from vendors a day. Maybe kick over to the right team member for answering the vendor
- Sending out an RFI and spend weeks receiving and answering questions from vendors before you read 200 essay questions from each vendor
Just like a vendor, it is a very time consuming and highly manual process and this is all just to choose which several vendors to even call back! We haven’t even gotten to the actual evaluation stage yet to see if the technology does what the vendor says it does. Nor have we considered moving the vendor into the RFI or RFP stages prior to the PoC.
This is made all the more difficult because maybe the right vendor exists, but they’re simply starting out and analyst firms only evaluate vendors of a certain size and reputation before writing about them, or they don’t quite yet have the marketing budget to make themselves well known.
This is where joining a marketplace makes sense
The 21st century has given us some amazing marketplaces to connect customers to the exact vendors they are looking for, and there is a need for a cybersecurity marketplace too. That’s what we’ve tried to do with rfindery.com, creating a cybersecurity marketplace platform to quickly and easily connect vendors and customer procurement teams from the both large and small companies all over the world.
We are on an accelerated frontier of cat and mouse. With there being so many new solutions to the same old problems, what this industry needs is a centralized location to exchange ideas and knowledge.
Josh Fu, CISM, CISSP, is a technical account manager from St. Louis, MO. Josh has experience as a channel manager and consultant in cloud infrastructure and as a sales engineer in cybersecurity. Josh founded the west coast chapter of the International Consortium of Cybersecurity Professionals and has presented in front of industry audiences across the country.