Buyers of expensive IT security ask why they’re still insecure

© Alexskopje

This is an edited version of a post that appeared in The Write Stuff, the blog of Write Angle — Silicon Valley’s premiere creators and writers of technology content for the I.T. industry.

We do a lot of work for IT security clients and the numbers they share with us about attacks and monetary losses numb the brain. The money spent by corporate America to maintain some semblance of protection and to fend off cyber attacks is astronomical. If you’re reading this, you know what we mean. Still, the attacks and the cost of defending yourself grow unabated. What’s going on here?

One of these clients who does big work for big brands told us recently that a perception of low return on their security dollar has created a growing, board-level frustration and alarm within these companies.  “They question the ROI on the hundreds of millions of dollars invested in IT defenses and they have every right to be pissed,” he said. Of course, our clients have a vested interest in encouraging the upgrade of aging defenses so easily overcome by wily, super-smart and well-financed cyber-criminals today.

Computer security is a multi-billion industry employing some of the most brilliant technologists in the world.  They labor relentlessly to stay a step ahead of the bad guys who, just like terrorists, only have to be successful once, while techno-sleuths and defenders must succeed 100% of the time.  Yet, even in the breaches that merit the bigget headlines, most of the time the crooks used ridiculously simple methods to break in.  In other words, many organizations are overlooking basic precautions even as their security systems grow more complex and expensive.  Just like street crime,  bad guys preyed on victims of opportunity.

Like muggers, Cyber-attackers scan for companies who may not be properly utilizing the defenses they have or whose passwords fail the tough-to-guess test. To us in the business of marketing some truly amazing preventive technology, this is an eye-opener.  Here’s hoping they can open more corporate-security eyes as well.  The chain around the company’s digital assets is only as strong as the weakest link. And the bad guys go straight to it.

 When Stan DeVaughn is not ranting on this site, you can read him and his comrade-in-communications, Peter Davé, on The Write Stuff.

In security-technology marketing, saying “newest” doesn’t convey “more useful”

© Jgroup

 

In a recent issue of Dark Reading, Tim Wilson writes that there is a “happy medium” between grabbing the latest technology at every opportunity and holding onto technologies that are clearly outdated: “The digital certificate is one ‘old’ technology worth another look”, he said. We concur. Security vendors need to factor customer value into their marketing initiatives, especially in how they position and promote all things “new” in the content of their market outreach.  Digital certificates are not invulnerable. They can be breached by the more sophisticated attackers out there, but –  they can still secure your data.  They also can prevent the vast majority of attackers from getting away with pretending they are someone they’re not. “And”, he writes, “there is still great value in that”.

The lesson for technology marketing content creators: Because something is new does not make it inherently more valuable.  “New” may merit a press announcement, but it does not necessarily justify a purchase. Marketing content must still contain–and convey–a real value proposition to the user.  Only then will a purchase be truly compelling to the most buyers.

What does your marketing content routinely contain that establishes and conveys value?  What are you doing to ensure consistent standards for customer value?  How are you communicating it in your marketing content?

(When he is not posting on his namesake blog, Stan DeVaughn sees that technology companies place priority on customer value in their marketing content and communications.  You can also read him on The Write Stuff, the blog of technology writing service Write Angle.)

What gripes CIOs the most about tech vendors

A survey we co-conducted earlier this year with CIO Executive Council and  CIO Magazine revealed that I.T. executives have had it with the lack preparation by unsolicited vendors who, in tough times, have become more aggressive than ever.  In fact, it was the number one gripe of the CIOs we surveyed. Unwanted inquiries and spam are inundating the data center today. Sixty percent of the nearly 300 CIOs who responded to the survey, representing the likes of DuPont, MetLife and Bank of America, say that cold calls are the most annoying thing they experience with vendors. Seventy percent complain that the calls, and the email spam, are becoming much more prevalent.   CIO.com showcased the research findings in a webinar last February.  It was hailed by buyers and vendors alike for its candor and practical tips.  Put simply, vendors can do themselves a big favor by finding out the most pressing issues and needs of the prospect.  (Isn’t this what the Internet is for?)  CIOs can use permission-based filters to ensure that legitimate inquiries get through.  Seems that some I.T. buyers have mixed feelings about these issues.  They need to stay current on vendors, deals and offers but hesitate to take that phone call.  So how about a subscription Web page where a vendor can state their case and engage, Facebook-like, with a prospect more conveniently (read: less intrusively)?  What do you think?

Marketing consultants, CIOs and cost-cutting in the Hurd-HP scandal

As if the term “marketing consultant” wasn’t already a lightning rod for boardroom skeptics…

Seems that Jodie Fisher, the actress-cum-realtor-cum-HP consultant, brokered high-level connections between  HP XOs and customer CIOs at corporate gatherings. And received good days’ pay for good, however short, days’ work. So much for cost-cutting.  It strikes this observer as odd in other ways, however.  And making it all the more curious and mysterious were the private reactions and observations shared with me over the weekend in Palo Alto.  Some very prominent IT industry people, including a noteworthy HP competitor, confided that while they were surprised by the circumstances, they were not at all shocked by the swift departure — read: lack of support — shown for Mark Hurd.   This may strike outsiders as strange, in light of the way shareholders have been so richly rewarded during Hurd’s tenure.  OK, so he wasn’t Steve Jobs when it came to the vision thing.  But a 136% stock price jump in a lousy market wasn’t too bad.  And what if he was known as a ruthless cost-cutter?  Certainly, there are worse images for CEOs.

HP partners have a different take. The customer experience was suffering, they say.  The cost-cutting had gone too far.  Buyers were reduced to doing their own fixes, for example. As for now?  Expect low clouds and fog along the Halls of Bill and Dave, at least from the outside looking in.  And whither Ms. Fisher?  Will she leverage her CIO meet-and-greet credentials elsewhere?  One thing is clear: outside of HP’s CIO shmooze-fests, she no longer owns a low profile.  Maybe it’s exactly what this particular Fisher was angling for all along.

How many people use Microsoft products? More than a billion.

A couple of eyebrow-raising and easily overlooked factoids in this piece: the number of Microsoft users there are and the number of billion-dollar business units this company has spawned.  If ever there was a consumer brand, it is Microsoft.  As the media drool and fawn over Apple, Google and Facebook, the force-field surrounding the Microsoft brand should never be dismissed in technology circles.  As the SAI article emphasizes there are a lot of very smart, ambitious and driven Microsofties.  They, and their outfit, will not be going away anytime soon.

http://www.businessinsider.com/microsoft-doing-well-2010-7#theres-11-billion-people-using-microsoft-products-9

CIOs are vendors to their users and users to their vendors

Reality check: Not all comments from users are usable.

UserVoice in San Francisco enables their users to make customer comments more actionable. The problem is that a lot well-intentioned comments have to be ignored. Period.  You can’t do everything for everybody all the time.  Same is true for the comments that CIOs and I.T. people get from their users.  At a given time, there is an overwhelming number of really great, really cool things to be doing.  But maybe two or three of these things are the really, really high-return initiatives that merit precious resources. The trick is to pinpoint those things.  CIOs could use a”UserVoice model”.  What do you think?

Seven steps to a reputation as a ROI marketing-and-sales pro

ROI:  the expressway to executive hearts.

We hear regularly from CIOs whose gripes about salespeople and marketers typically contain the the letters ROI, as in return on investment.  More specifically, they will tell us how R.O.I. is M.I.A. from too many sales pitches.   A value proposition that doesn’t address a return on the buyer’s investment is a rudderless, leaky boat.  It just drifts.  Then it sinks. Here are seven things to keep in mind:

1.  Find out how your prospect makes money.  If your offering contributes to this, explain why and how.

2.  Help your prospect build a business case for the purchase.  Example:  Reduce the cost of _____, while increasing ________.

3.  Make financial reasons for buying your stuff absolutely clear.  IT salespeople should know that technology metrics will never find the heart of a CFO, but a focus on financial metrics just might.

4.  Show the CIO (or anyone you’re selling to) how to calculate the ROI.   Calculate the cost of NOT purchasing and compare it to how the customer gains by buying.

5.  Talk economic benefits of ownership.  If you discuss features,  link them to specific financial outcomes.

6.  Help the CIO and CFO visualize changes in their company’s business model and how it gets improved with your solution.

7.  If you’re pitching the CEO, use a one-page exec summary.  If it’s the CFO, show the detailed ROI analysis. Share the application benefit(s) with the users.

Have we missed anything?

The best way to get meetings with CIOs and I.T. buyers

OK, CIOs would probably take a cold call from Steve but you’re not Steve.

Seth Godin, A.K.A. the world’s most wanted marketing dude, reminds us again that Starbuck’s became successful one cup at a time, one store at time.   It wasn’t suddenly discovered by Oprah or blessed by Warren Buffet.  Like achievers of all stripe, it took them years to become overnight successes.  He specifically cautions entrepreneurs, or anyone else with something to sell, to hope for that bolt of lightning that will change your destiny is a sucker bet.  You owe yourself much more:

“Here’s another way to think about it…amaze the customers you can already reach, dazzle (those) who already trust you enough to listen to you. Take the permission you have and work your way up. Leaps look good in the movies, but in fact, success is mostly about finding a path and walking it one step at a time.”

So, as a vendor, what’s your experience here?  Do you count on lucky breaks or do you focus on the little things? If you’re a buyer, what does it take to get an audience with you?

Getting the most out of I.T. vendors

Giving cold shoulders to cold callers may be self-defeating.

OK, you might not have to go as far as Zappos’ Tony Hsieh, but treating vendors as you want to be treated can pay off.  Yes, even unsolicited vendors.

IT executives should, for example, use permission-based spam filters, so that the
promising and respectful vendors’ messages do come through.

Routing e-mailers and callers to a supplier portal is useful, too. When they arrive there, vendors can articulate their value proposition and cite an example of a similar customer for whom they delivered
quantifiable and relevant value.

Finally, CIOs should be more willing to reward good vendors with detailed case studies that relate the value delivered by the supplier, and thus help their colleagues better screen solicitations and develop potentially valuable business relationships with vendors.

Yes, there are cold calls that offer valuable solutions.  And there is need for buyers to have
a way of hearing what those vendors have to say and filter out the rest. None of
these tactics are revolutionary. The best companies already implement them to their
business advantage.  With no coldness.

Are CIOs more prone to isolation from vendors?

Isolation is never good thing.

Wary industrial buyers today face the dilemma of having to make purchases from suppliers who, those buyers complain, are woefully uninformed about their product needs.  How ironic that much of the information they say the vendors should have  is exactly what those buyers won’t make the effort to share.  As vendors grow more aggressive in selling and outreach efforts, their targets retreat deeper into the bunker.

Isolation in the digital culture has become a cliche.  To paraphrase the line in Funny People: The more friends you have online the fewer you have in real life.  Our own findings in a survey of I.T. buyers, CIOs and CSOs revealed evidence that many otherwise “plugged-in” leaders can become remote from vendors.  This is self-defeating, of course, but we can hardly blame them, cold calls being what they are.  Technology can indeed make leaders more current and knowledgeable, but James Champy writes that he sees the potential for plugged-in leaders to become more distracted and remote. A sense of connection can be deceiving, he warns: “Technology, in the hands of unskilled leaders, can create distance, and even a false sense of security”.   CIOs, of all people, should be the best practitioners of technology application.  In sales, you have to make the calls.  In applying technology, you have to know what’s out there and how to make the most of it.  In other words,  there are times when you have to take those calls.  Full disclosure: Turner DeVaughn Network makes dealing with unsolicited sales inquiries — cold calls and email –  virtually painless and far more productive but it still requires some engagement.  Isolation is never a productive condition.