This webinar presents Telarus’s 2026 State of the Union on cybersecurity, led by VP of Cybersecurity Sumera Riaz and Solutions Architect Trevor Burnside. The session focuses on how technology advisors can effectively lead cybersecurity conversations with clients in 2026. The presentation covers the evolution of cybersecurity from a technical IT function to a business-critical concern protecting company growth, trust, and revenue. Key topics include cybersecurity market patterns showing that companies typically deploy new technology first, then get hacked, and subsequently rush to buy security solutions – a pattern now repeating with AI. The speakers highlight alarming statistics: 823 million daily cyber attacks, with 300 million turning into actual incidents, and AI-driven attacks comprising over 80% of phishing attempts. They position 2026 as a ‘security power moment’ where two-thirds of organizations have increased security budgets by 25% to combat AI threats. The webinar covers in-demand security solution categories including identity access management, AI security governance, zero trust architecture, and cloud security platforms. Practical guidance is provided on discovery questions advisors can use to open security conversations with clients, emphasizing the importance of building trust and understanding business outcomes rather than just selling technology.
Transcript is auto-generated.
Cybersecurity has changed a lot. It is no longer a technical discussion or something that just lives in IT. Today, it is about protecting a company’s growth, trust, revenue, and business trajectory. So understanding how to position security the right way is becoming one of the most powerful ways you can differentiate yourself to your clients in twenty twenty six.
So to kind of help us get a quick pulse on where you stand, we will be short we will be launching a short poll that we would love you to answer this question. How would you describe your current comfort level leading cybersecurity conversations with clients? Obviously, there is no right or wrong answer. No matter where you land in the poll once it launches, Today’s State of the Union is designed to help give you clarity and help you feel more confident, more prepared, and more effective leading those conversations in twenty twenty six.
So to help us unpack where cybersecurity lands today, I’m excited to welcome Sumera Riaz, our VP of cybersecurity, along with Trevor Burnside, our solution architect of cybersecurity here at Telarus. These two work at the intersection of real world threat landscapes, adviser strategy, and client outcomes. They both are also incredible, and they have this amazing ability to simplify complex security topics and translate them into practical customer ready conversations. Samira and Trevor, welcome. We’re thrilled to have you here with us today. Please take it away.
Hi, everyone.
Happy New Year. Great start to the week. Thanks, Cass. Welcome to the twenty twenty six State of the Union on cybersecurity, everyone.
As Cass mentioned, my name is Samira Riaz, the vice president of cybersecurity here at Telarus. And with me today is my friend and our so solution security architect, Trevor Burnside, who many of you know and love. Great to have you with me, Trev. So we Yeah.
Great to be back.
Yeah. Thanks. We’re a couple of weeks into a brand new twenty twenty six. Trevor, how are you are you so excited about the new year? Like, how do you feel about twenty twenty six?
Yeah. I I mean, we’ve talked a lot about this in last couple weeks. Right? Like, we I really think that this year is going to be a breakthrough in a lot of ways from a cyber side in the channel. And and with AI and security, you know, we we’re seeing a ton of trends that are going the right way.
I’m really excited for I think there’s been a lot of buildup last year and the year before in the AI realm and things like that that are this year is gonna be a change in in in a good way.
Right? And so we honor where we have been by being intentional about where we’re going. And today’s session is all about being intentional in security sales for twenty twenty six. And, Chandler, if we can go to, the next slide, please. I wanna introduce our twenty twenty six security team to walk with you on your journey in selling security.
As you know and you’ll hear me say this often throughout the year, throughout today’s session, that twenty twenty six is more than just a new year. It’s a new moment in security.
And I’m gonna show you why during our time today and help you grow your security practice. So here is the team leading you in these conversations, helping you with the tech technical side of things, strategy side of things.
Myself, Samira, Trevor, most of you know Jason Kaufman. He’s our principal solutions architect. So for Trevor and I, we can go deep into security and wide. Jason, he’s kind of our Swiss army knife.
He can go deep and wide in multiple practice areas. So if you haven’t reached out to him or haven’t had a chance to meet him yet, I I highly encourage that. Angela, she’s the director of our supplier management. Amazing re amazing lady.
She knows everything there is to know about our suppliers and really has her finger on the pulse.
Josh Hazelhorst, he’s our senior field solutions engineer, which if you guys are in the west region, you know him well.
He’s he helps you in your security deals, UCaaS, SD WAN, even CX deals. He’s another great Swiss army knife. And Joe Pfizer, who have recently joined our team as our field solutions engineer for the east, an amazing resource as well for you to launch into your conversations and help you close deals.
So with with this, if we can go to slide yep. Thanks. So for this is, an overview of our security practice. You’ll see security as that horizontal, right, that touches all technologies in a company, touches every person in the company. And it’s if you look at our solutions at the bottom, these are solution categories.
It’s a holistic view of everything that security touches and performs. And throughout the year, we’re gonna show you how to upsell into this and how to cross sell into different into different practice area, leveraging security.
Trevor, any comments on the yeah.
Yeah. I was just gonna say, you know, we’re gonna kinda loop this later on as well as throughout the rest of this year. But, so much of you know, this slide might be familiar to some people. We’ve changed up a little bit based on some of the trends and stuff we’re seeing, in the last this last year.
But, every different advanced solution, whether that’s CEX, AI, SD WAN, you know, whatever it is, whenever we’re changing something in the network, there’s a security conversation, a security consideration that has to take place, and we’re seeing that we can inject that security conversation in at different points. So, you know, this is really about the there’s a ton of security products. Security cybersecurity, obviously, is is made up of, you know, tons of products. And a lot of these can be, you know, within our portfolio, sold to vendor or to customers in different areas that are, you know, looking to expand in the cloud, looking to expand in the CX and other areas where the security conversation can go hand in hand and actually enable that.
So, it it’s can be part of every other conversation and technology that we see across the board.
It it can. So true. We were talking yesterday that security is instinctive. Right? Because security is just another way of self preservation, whether it’s personal security or company security. And because it’s instinctive, it comes naturally. And we’re gonna help you this year to tap into that to to make the conversations flow easier for you and give you that boost in confidence as you’re entering conversations when it comes to security.
So today, we’re gonna our agenda for the day today is we’re gonna look at twenty twenty five. We’re gonna see the path to what led us to today.
Chuck Shannon, if you we can move to yep. Perfect. Thank you. So we’re gonna look at twenty twenty five, the path to today.
I’m gonna show you market pattern behavior patterns, how to know when, how, and why of security security selling patterns, when companies buy security. And twenty twenty six is going to be the security power moment. We’re gonna look at that. We’re gonna show you ten trends and solutions, and, we’re gonna close it out with, educations and trainings that are gonna be available for you.
So, Trevor, let’s dive in and look at our, look at twenty twenty five real quick. Just a quick look back at what we faced what we just came out of.
So, you know, two hundred and twenty two hundred and twelve billion in global security spend versus a ten point five trillion in estimated global crime, cost of crime. And for those, of you on the call, if you if you wanna know a little bit more on the difference in the two numbers. So, basically, the global spend is the amount of money organizations worldwide have spent on cybersecurity in a given year. And then cost of crime means it’s an estimate of the total economic damage caused by cyber incidents worldwide in a given year. So those are gonna be, like, your direct financial losses, ransomware, fraud, stolen funds, business impacts, downtime, loss of productivity, lawsuits, data related damages, reputational harm, like stock market drops, that’s what that number is comprised of. So those two numbers, Trevor, your thoughts on on these numbers that we’re looking at.
Yeah. I I think sometimes, you know, when we we we do these annual reviews, the number always goes up, right, on, on cybercrime, how much, you know, the industry is actually expanding in revenue. So it might sound a little bit like a broken record, I think, of, like, hey. Every year, we’re talking about, like, this is getting bigger and bigger and bigger, and I you know, it doesn’t you can only be on x or or Google too long. Right? Then you see the next, you know, whatever company got breached yesterday.
So, I think that’s kind of resounding, and everyone’s aware of that. Something that is, I think, kind of unique lately is this the AI driven attacks. I was actually talking to Proofpoint a couple weeks ago, and they were saying, that from a phishing attempts, what they’re seeing, what they’re catching through their gateways and things like that, you know, Proofpoint’s a very large, email security provider. They’ve got other things too, but, they they see a lot of this every day.
And they were saying that over eighty percent of phishing attempts now have some type of AI aspect to it, whether written by AI or the QR codes are are set up by AI or they’re using reverse proxy, to bypass MFA through AI tools.
So that has definitely changed. Obviously, the numbers go up, but the use of AI in malicious attempts, is certainly, you know, expanding. Even just general I mean, I was talking to them as well about, hey. Normal people using public LLMs, or, you know, generative AI, you know, chat GPT, quad, and drop it, those those things.
That’s already doubled last year. So if you think about a normal person just using AI, think about bad guys doing the exact same thing. Right? If if normal work was doubled, it’s at least the same for for, you know, bad guys going to work as well and doing what they do.
Exactly. So what you’re saying in sum it up is with AI entering the market space, we’re gonna see a rise in crime rates, cybercrime rates. Right?
Yep.
And just the the pure amount of attacks has gone up. Right? Of the ability the ease of how how easy it is to to launch an AI generated phishing attempt or something like that, has gotten so easy that the amount of attacks, have increased too. So it it’s not just, you know, that that bad guys are getting better, that, you know, people are still getting compromised. It’s it’s the rate that it’s occurring is skyrocketing.
Exactly. And which for us in the channel in in the industry we’re in, it’s it’s sad, but it is good news because this is when we wanna reach out to our client base and say, we know you’re facing these threats. We can help take the complexity out of solutions and help you find a clear path to securing your enterprises better than you were doing yesterday.
And so that’s that’s a great point.
One of the numbers I want you to look at is the three hundred million on the screen and then the eight hundred and twenty three million right under it. What that means is so when researchers and data analysts gathered all the attacks that came in last year, it was eight hundred and twenty three million attacks per day were were clocked. Right? So those are attempts that are made by bad guys to hack into companies.
Only three hundred million and I say only three hundred million. Right? Three hundred millions of those attempts turned into security incidents, your ransomware, your data breaches. So out of eight hundred twenty three million attacks per day, which is relentless because there’s AI, as Trevor said, AI bots now attacking that bad guys are using to three hundred million that actually got through.
So crazy numbers. Next year, as we look at, you know, history and we look at the numbers for next year, I think it’s gonna be I would I’m gonna call them a shot caller here. I’m gonna call it they’re gonna double or triple next year because of AI.
What do you think, Trev?
Yeah. I it’s it’s, I certainly it’s gonna go up. It always does. Right? All the numbers go up.
I was also reading something, interesting as well from the numbers perspective saying, you know, we’ve done more on the cyber side. You look at that two hundred twelve billion global spend that equates to EDR, MDR, XDR, socks in. Right? All these all these topics that we talk about all the time.
And if you’re not familiar with them, we can we can explain those. But those are all these, you know, products in the essentially sensors. Right? We have way more sensors out on workstations and endpoints than we’ve ever had before.
So we’re able to get a a more accurate view of what’s actually happening. So I think these numbers aren’t necessarily inflated because we have, you know, on on most enterprise endpoints, some type of EDR platform or a sensor, really, detecting these type of these attacks. So I think we’re getting better at the numbers than we have ever before. And they’re getting closer to reality and less inflated or less underreported than they’ve ever been.
Agreed. And, that brings me to the next point, and our next slide is twenty twenty six, guys, is going to kick off a security solutions shopping spree because companies need advanced solutions to protect themselves from the AI threat. And that’s why I’m gonna keep calling twenty twenty six a security moment because there are cycles that companies go through to buy security. There are market cycles that happen, and I’m gonna show you that on the slide in just a second and why I’m saying that twenty twenty six is gonna be a great year to sell security because the market is ready. And here’s why. This slide let me introduce you to this slide real quick.
What we just talked about global spend. That’s the amount of money organizations are worldwide spending in security every year. Cost of crime again, it’s an estimate of total economic damage that’s cost. So you see the you know, from the year two thousand to today, you can see kinda cost of the spend in cybersecurity sales and then the crime rate that’s gone up.
At the bottom of the slide, I show you the solution evolution, how we went from just securing perimeter and firewalls and deploying VPNs all the way now to where we actually have bots and a Gentek AI that does it for us is it’s been it it really, really interesting the last twenty years how this technology has evolved and, how solutions have evolved and so has the crime, obviously. There is a lot of great data on this slide that we can spend hours on. But for today, I want you to walk away with the single most important point that I wanna show you is the when, why, and how companies buy security.
So after after a new technology hits the market, there are three things that happen, which triggers a spike in security sales. We saw this with cloud. When Cloudera began in two thousand six, we saw this the same patterns that developed. Right?
So what happens is new tech comes out, companies go and buy the new tech, they train their employees on it, then they get hacked, and then they rush to market looking for a security solution that can stop their bleeding. It’s not ideal, but it is the reality. When I was a CISO, you know, was a CISO practitioner for many years, been in security now for nineteen years, It is it’s the reality. We all know it’s not ideal, but that is what we have right now that how people buy.
And, until, there’s a tech a new technology that comes out that has security built into it, this is gonna be the pattern.
And so here, it’s interesting to note that between twenty ten and twenty fifteen, this is when cloud entered the market space. Right? The growth rates here when you look at your spend of security, what companies were spending.
Just between these few years from twenty ten to twenty fifteen, companies were spending that spend rate went up fifth only fifty percent, but the crime rate went up hundred fifty percent. That’s crazy because when and it goes back to my point. Companies bought cloud. They trained their people on cloud.
They deployed it, and then they got hacked. And then they went shopping for security solutions. You see that happening. Crime rate increased.
Spend rate was still at fifty percent. But then you see the shift in twenty fifteen where when companies started to spend more money to protect their companies, the crime rate went down to a hundred percent between these years. So very interesting. And, you know, I share with you a personal story actually is I was a new CISO during this on prem to cloud era, and my training, mind you, up to that point had been just on prem.
It’s visible perimeter. I could see, touch, feel it. I know where my edge is. I know where my DMZ is.
I know what I’ve deployed in both sides. I could, you know, I could conceptualize it because I can see it.
Cloud came on the scene. Everybody then started talking about cloud, how great it is. And it it is great. Right?
It was great. It had benefits, ROI, ability to scale faster and grow. You could spin up a server in, you know, twenty minutes versus three, four weeks that it takes to spin up an actual server on on prem. So the scalability and the growth was amazing, and every, you know, everybody wanted cloud.
And my company at the time, I was a CISO, I show up to our next board meeting. Right? And everyone in that room drank the cloud Kool Aid. There were thirteen guys in there and myself, who’s our CTO, CEO, and our c levels, ELT, and then our board members.
And and they you know, we’re all all talking about how great cloud is. We wanna migrate. And then at one point, all thirteen of them stopped talking and then look at me and say, how soon can we get a security sign off for the migration? And what am I facing in that moment?
I just wanna, you know, say this question out loud to to you guys, the audiences. What am I facing in that moment when my board and my c level is telling me, we need to deploy this new tech ASAP. When can we get your sign off? I’m facing impossibility just like your clients are facing impossibility every day as they are also tackling the same issues.
Right? So that because I don’t know what this new tech is capable of doing. I don’t know what is not capable of doing, and I don’t know at that point any battle tested security solutions that can protect my environment from attacks if we do if we move to cloud because it was so new at that time. So I needed data quick on this new tech. I needed security solutions that will work from my company’s DNA.
I I I didn’t know tech advisers existed at that time. I wish I did.
You guys would have saved our bacon, but, you know, we didn’t I had no idea tech advisers was a thing. And so I did what most CSOs do in my situation. I started researching on my own. It was and it took a long time.
Right? My research was taking months because the research wasn’t my only job. I’m firefighting every day, in a firefight mode. And so it was taking long, and the business couldn’t wait.
So they so they went ahead and did the migration without a security sign off.
Six months in, we got hit with ransomware. We were down for three months. We lost forty percent of our revenue, lost half our workforce, thirty percent of clients. And most of all, we lost the trust of our customers. We lost the trust of our partners.
We lost our investors.
And it took us, about nine months to a year to actually recover. But then at that point, my budget was tripled. So the the our board gave me three times the budget to bring in the best solutions money can buy. And that, unfortunately, for, you know, companies, but fortunately for us and the channel is, that’s where a lot of these companies are today.
With, say, the repeat pattern we have in AI, that that’s twenty twenty six is that time to buy security. Because when AI got launched in twenty twenty three and twenty twenty four, we saw AI attacks rise last we just looked at the stats from twenty twenty five. As you see, the tax have gone up with almost fifty percent with AI. This year is gonna be much worse.
And every my my watering hole is, you know, I’m friends with a lot of CSOs, CIOs, my peer group, and I attend a lot of these conferences.
And, you know, we chat over the phone, almost everybody’s talking about, I need AI to fight AI. I need AI in my SOC. I need AI integrated into my security solutions to fight this new wave of attacks that are coming that I can’t see or conceptualize.
So that is why I’m saying twenty twenty six is gonna be a great year for security sales. And because your clients are gonna need you to have these conversations because nobody else is. And so I’m gonna pause there for a second. I know I threw a lot of information out there. Trevor, what do you think?
Yeah. Well, I agree. We were kinda talking about, you know, memory lane a little bit. You know, looking at the chat, there’s a lot of, you know, advisers on the call that have been doing this a lot longer than I have. I started the channel in twenty fourteen.
You know, twenty fifteen, twenty sixteen, twenty seventeen, we started bringing on security specific vendors, and I remember thinking I’ve never I’ve never even talked to a customer about security. No one asked about this stuff. Right? And and when you know, it gone a long time without really it being a mature practice in the channel, I’d say. And now we’re looking at today.
It it’s just never ending, nonstop. I think part of that is, advisers asking about those things, obviously, you know, you know, following the market, following the industry, but also customers reaching out to them, you know, needing a trusted adviser to help make these decisions and help navigate, cybersecurity and especially, you know, now with AI and other things. So how do we do how do we, go after business objectives in a secure way? And everyone’s looking for an adviser to do that.
Right. Exactly. I mean, to me, just up until even early twenty twenty three, I didn’t so as most of you guys know, I’m new to the channel. About a couple years into the channel, I didn’t know what the channel was.
I didn’t know there were technology advisers was a thing. Mean, you guys were unicorns in my mind. I wish there was somebody who could guide me through the complexity, who knew my risks, who knew my business, who knew what was important to me, and bring me solutions that are custom fit for my company, for my DNA. Because what we do in the CISO world when we don’t know tech advisers exist, we make we make decisions that are not good for us.
We will buy technology, and it will be paperweight. We will buy tech, and it would be, sitting in the shelf because we bought it because our friends use it, or we’ve heard, like, hey. This will solve your problems, and nobody in my company knows how to use it or even has an, or even it’s necessary for my company. Right?
Because, the way one com companies are different, the way we use technology. Technology is the same across the board, but the way a company uses it depends on the values, on our processes, on our growth models, on the people in the company. So it’s different for everyone. And and I wish I had known you guys were around so that, you know, I could have tapped into your genius to help me guide through some of those complex times.
You are what you do is invaluable. Now it’s I say that with conviction. It’s so important, and it’s it’s important for you to have these conversations with your clients because they are yearning for it. They just don’t know where to go.
They don’t know who to look to. And that’s why I encourage you, please reach out to your clients and have these conversations because they need your help.
Right? So if we go to the next slide, I’m gonna show you this pattern that’s that emerges, and I’m gonna harp on this a little bit more.
It’s the behavioral economics of security buying. Why when, why, and how companies buy security? So you see new tech gets deployed. Employees use it.
Bad guys figure out how to hack it, and then companies go searching for security solutions. There’s going to be a shopping spree for security in twenty twenty six. I want you to be a part of that. So bring security into the conversation early and stay relevant when it matters most.
Yeah. I think, you know, these this kind of buying pattern or these behavior, I think, is gonna, be familiar with a lot of people, at least on the on the call. Sometimes, at least on the advisory side where we trust advisers, when a company says, oh, we just we just bought this new tech, and we think, man, we just missed out. Right?
We we we we could have got that. And and that there’s some truth to that. But that cycle and the the them being, you know, implementing, there’s there’s a bunch of other things, and that cycle act is actually gonna repeat itself. It’s gonna come up again on the other side.
The nice thing with security is it’s not a one and done deal. And security itself is a journey, obviously, that we all know about. Just because a a customer has bought something to mitigate some risk doesn’t mean that they’re done now, that we’re we’re it’s over. Right?
So staying ahead of it, and understanding these behaviors of these patterns and when you can interject yourself to to help them, whether that’s professional services, managed services. You know, there’s there’s a whole slew of things. It doesn’t have to just be the tool.
It can be when we’re outcome focused, make sure that they’re getting the outcome that they need, when they’re implementing. And, oftentimes, when they buy the tool, they don’t get the outcome they need, and that’s as when a trusted adviser can come in and help.
Yeah. Exactly. And it’s it’s it’s security solutions. Like, I don’t want you to think that you can’t sell it any other you know, at any other time. Of course, security solutions are being purchased all throughout the year as budgets are evolving and, you know, as the need grows.
We we we sell those. But the the differentiator right now, what we’re trying to highlight for you is the difference in twenty twenty six and the rest of the years that have been. There there’s going to be an uptick in the number of security solutions that are gonna be sold today compared to the to the previous years as AI has entered the scene. And we want you to take advantage of that. We want you to lean in because if you don’t, somebody else is going to.
The these companies are gonna buy security whether you are involved in this cycle or not. And what we’re encouraging you to do is get involved. Stay get in the conversations and leverage your Telarus team to help you. You’ve seen you know, we’ll we’ll look again at the engineering team in just minute so you can see the breadth and the width and the depth of knowledge you have at your fingertips to bring in into these conversations. So you don’t have to be the expert. You need to bring the people to the right people to the conversation so we can help you expand the deals, close the deals, and in increase your revenue growth than what it is today.
And if we, just to make this point even more, driving it home is slide number four is our, the AI stats. What we’re why is AI the you know, I’m calling AI the new tech kinda like cloud was a new tech. AI is the new tech now. And let’s you know, just look at these numbers. Right?
With AI, there’s a hundred times faster ex code exfiltration. That’s crazy. A hundred times faster. If you can imagine the threat rates, AI ransomware versus human attackers. Did you know that on the dark web, bad guys can purchase ransomware as a service? It’s become an MRR thing. You can actually go and buy a package of ransomware as a service.
Breaches, these so you see a group of attackers now coming onto the scene that are nontechnical.
They they don’t need to know technology in order to take advantage of a company. They just need to purchase a solution from the dark web on ransomware as a service. And that’s gonna that’s creating a lot of nervousness in security leaders right now, and it’s creating this uneasiness that they’re you know, they there’s just they don’t know enough. When you’re a practitioner, all your world revolves around your company and to protect it and to protect the employees.
That’s the only job Asiso has. Protect the company, protect the employees, and that is your world. So you’re not you you don’t have enough time to research the market. You don’t have enough time to to look up and look at the horizon, what’s happening.
And that’s why you guys are so critical is because you’re bringing that that that data that the security leader needs to make informed decisions.
So look at that hundred x, we see machine identities just in in the last year. Eighty two machine identities to one human. Wow. That’s crazy. Right? I wonder what that number is gonna look like next year.
Gotta be insane.
I was yeah. I was talking to you. You know, I was in Times Square a couple months ago, you know, in in New York City with all the, you know, digital billboards and everything all around. And one of them a big one was stop hiring humans, and it was all about, you know, AI workers and things like that.
And when I was like, well, I I hey. There’s a lot of people here that still need to work. So, I’m not a big fan of that. Right? But, also, you think about, managing you know, traditionally managing service accounts or account, like, accounts that aren’t a person, but they need access to certain, tools. And so you give them, authorization and identity and access and things like that to access these accounts or or applications.
It’s only increasing with AI, and then you have to take a look at, you know, what kind of privileges are we giving those accounts? What are they able to do, you know, from a database? Can they drop a whole table? You know, what does that look like from a, impact analysis if if someone was to do that? So there’s all sorts of out, risks that are being taken on when you go to this type of model. And that’s where security right now is is at, you know, honestly, bleeding edge when it comes to that agentic AI of, how do we make sure we protect our organization against our own AI agents that and what they could potentially do.
Yep. Exactly. And to that point, I’m gonna look there’s a question that’s being asked in the chat right now that I absolutely love it. It’s Larry Henshaw.
Can you speak to how best approach customers? We typically engage with traditional IT leadership, voice and data. They don’t think of us as security experts. To your point, CISOs typically have a very close net network trusted providers.
How do you how do you shift from a voice data conversation into a security conversation? I can tell you from my there’s we’re gonna show you in a minute how to do that. And in fact, I’m gonna put a plug in for the content that’s gonna be given to you this year from Telarus. We’re gonna show you how to do exactly that.
But for this time that we have together, the from a practical experience, how I when I listened to my, the the the vendors or the folks pitching to me was when they said something that resonated with me about my business, about my, environment. When when I heard them say, Samira, we’ve done some research, and I know we’re we’re doing your network refresh right now, but, you know, have you signed off on the security plans for the network? Have you seen that what we’re bringing in to it? And it’s usually in conversations, the net our network our CTO, the head of network, he would bring in the vendor that he wants to deploy and bring me into the meeting to ask my questions.
And the the the vendor because we didn’t have advisers at the time, so we had vendors.
So, you know, whether it’s whoever we’re buying it from, they would they would ask me the question is, have you seen the new have you seen the plan? Do you approve? Do you have any questions? And what would get me what would really resonate with me is when when the vendor knew what my risks were.
They’re like having you know, doing this project p this, proof of concept with the CTO. We uncovered some risks in the environment that, we just wanna have a conversation with you about. That was like, wow. These guys didn’t just wanna sell us tech.
They actually took time to see what my business is all about. What are my risks? What is most concerning to me? And then they’re they wanna have a conversation about it.
And that that was very endearing to me, and that helped me to build that trust.
What, you know, what keeps us away, I think, from having these hard conversations is intimidation at times. Right? So when we get familiar with something, that reduces intimidation. So familiarize yourself with your client’s environment, your clients, with their personalities, and that is gonna help you reduce that intimidation and and that overcome that, the fear factor in it all.
And, of course, you bring in Trevor. You bring in me. You bring in our engineers to have these conversations with you. You’re not you’re not out there doing it for your alone.
We’re there to walk with you every step of the way through this.
So if we go to the next slide, please, this is where I wanna land at, is twenty twenty six being your security power moment. This is this is kinda what we’re looking at at a high level for twenty twenty six. Two out of three organizations have increased their spent security budgets. Budgets have increased by twenty five percent for this year to buy more security to help against AI threats.
Top spending priorities are outsourcing, incident management and response, hiring. I find interesting, Trevor, that incident management and response was called out as one of the priorities, not just wrapped up in security services. You think AI has anything to do with that. Right?
Right.
Right.
Time to detection, time to respond is is getting slimmer and slimmer, and the gap the the tolerance for, that is going down to nearly nothing at this point.
Yep. Exactly. And then seven out of ten companies have experienced a breach in the last twelve months from AI. That’s insane.
Those are crazy numbers, but good news for us is this is exactly what makes security leaders nervous, and they go and buy solutions. And that’s where you are help you’re there to help guide them to the one that’s right sized for them. That’s within their budget. That’s within their risk profile, and it’s with to be deployed within their timelines.
Right? So if we move on to the to the next slide. And, Trevor, the these are the in demand solutions categories that are gonna be, you know, on top of everybody’s on top of all the company’s minds and hearts. They want these solutions. Can you tell us about them?
Yeah. So we we talk about all of these. These are our our top, you know, requested, I’d say, if you wanna call them considering products or otherwise or topics within, you know, the practice that we talk about weekly with clients at this point. Some of it is because, one, current initiatives that they’re trying to from the business organization. Two, I think some of these things are, less understood and as well as, the the landscape’s changing. When you look at identity access management, like we talked about, you know, so many people are remote.
So many of our applications that we use are in the cloud. There’s no longer a physical infrastructure, you know, that that all of your data is kept in and then everything you know, the firewall blocks it all, and then you know where all of your your crown jewels are. So much of that so much of that is dispersed in in actual you know, we’ve we’ve changed the moniker now, and it’s it’s you know, you can look this up where people would say that, you know, identity is the new, wow. I just missed it.
Identity is the new firewall in some ways, where, hey. That what you can and can’t do, your your access is going to determine, what that boundary looks like, you know, for a for an attacker specifically. If I can gain access to some compromised credentials, that identity and that access of privileges that a user has is what I can do now and what I can exploit and then exploit further. So, identity access management’s been huge this last year.
Obviously, AI security and governance, we’re we’re been talking more about, data governance, data classification, data labeling than I’ve ever talked about it before. A lot of that, I think, is because, hey. When you’re when you’re deploying these AI initiatives, you have to have your data, set up correctly, data preparedness, data cleanliness. And part of that is labeling classification.
Right? Understanding how, in you know, how secret or how, impactful is that data if it was to be exposed to the Internet. So we’re doing a lot of that. Zero trust is something that I think is still a lot of people, don’t understand.
We’re doing a ton of it, though, obviously, with the amount of remote workers or users that are hybrid workers.
You know, VPN has been compromised multiple times this last year in twenty twenty five, you know, since we’re on a a state of the union. And it goes across the board. It it’s not just one vendor, one one platform, a lot of VPNs, a lot of firewall VPNs have been had zero data attacks. So we’ve actually had talked to customers that have been compromised from that this last year. Yeah. So moving towards zero trust architecture, continuous monitoring, you know, micro segmentation within a network, all of those things kinda come into play into Zero Trust, and we’re helping a lot of clients would do that. And then, obviously, in the cloud security platform, where cloud security is still paramount, with everyone still moving to the cloud, and that’s where a lot of crown jewels are kept.
You know, that’s where people are spending a lot of money protecting it.
So true. So true. But that you know, these are the solution categories, and there’s tens and you know, there’s tens and twenty solutions under each of these categories. We wanna we wanted to for this for this today’s topic, we wanted to bring it up a level and just show you the high level categories.
And there are many solutions that go under each that your clients are gonna be looking for that we can help you guide those conversations. And I love the questions in chat where you’re asking us how do we pivot from IT leaders to CSOs and the stats that you’re showing us. It’s it’s amazing. Like, I I love this conversation.
We’re gonna try to get to all these questions. And just in case we don’t have time to get to them, please reach out to us. Email me. Email Trevor.
We can get we’d love to have a one on one conversation with you and answer some of these questions that you you have you have today.
If we go to the next slide, please.
Here is just some easy, simple discovery questions that can help you open doors, how to start these conversations, and I’m gonna give you a disclaimer that any question you ask all well, these these discovery questions are obviously situational. You have to read the room, and then, you know, you can ask the questions just like everything else. They can help guide your clients towards the right security decision. They will help they will help your clients kind of sit back and think allow them to think through their environment to it it encourages reflection, and it helps it positions you to be a thought leader that and, you know, just having these questions, it’ll help you open these conversations with with your clients. So some of these are, when was the last time you reviewed your security strategy?
Oftentimes, they haven’t. They don’t have time to review it. So most of the time, you’re gonna get an answer like, you know what? I haven’t lately.
I know what my budget is. I know I’m above my over budget, and I gotta cut corners, but I haven’t really reviewed it. It’s a great time to bring us in to help you because we you know, for me, I mean, I I laugh about this, but security and strategy is, like, in my DNA. I’ve doing it so long.
I love it. I I I think about it even when I’m not working because it’s kinda built into my personality. I love having security strategy conversations with clients.
If you have clients that need that guidance, that wanna whiteboard, that wanna know you know, discover their north star, help and help get a road map built in place to help them get there, pull me in. I I can help with those conversations.
Trevor can help with those conversations.
The next question, what do you worry about most when it comes to protecting your business? This is gonna reveal business drivers that go beyond just technology needs. So as you ask these questions, you wanna ask open ended questions that can help you really get a view into their environment. One thing I love asking customers is describe your environment to me. I wanna see it through your eyes. Because when they when they speak from it personally, you can pick up on what the risks are, but you can pick up what matters most to them. So having open ended conversations that’ll get you a a look inside are are the best ones to start with.
Do you feel confident today? Trev, I’m gonna let you take the last two, of the questions.
Yeah.
Oftentimes, when we’re talking about you know, part of that’s like, hey. Let let’s review your security strategy. Some of those were, like, kind of sort of, like, where do you feel confident today? Where do you feel less certain?
There’s always something that we end up talking about with a CISO or an IT director or something like that where they’re either they’re evaluating and they’re like, you know, we we we have this. It works well, but we’ve spent too much money on it. Or, you know, that confidence could be different things, I think. It it doesn’t necessarily have to be it’s not working.
Sometimes it’s, hey. We I I’ve got less budget this year, actually, and I’ve gotta do something with it. I gotta I still have to mitigate all my risks with less budget now.
And, you know, we could say, hey. Let’s let’s do an evaluation. Let’s look through some of your your platforms. Can we, you know, still mitigate those gaps or mitigate the risk that you have with potentially something else? Can we consolidate? Can we look at other things?
So that I mean, that’s really open ended, I think. Doesn’t necessarily have to be a a technology that’s not working. It could be other reasons why they feel less certain. And then the other one, are you actively evaluating any security initiatives?
This is, just asking that question, so many times like, I kinda mentioned earlier in the in the call. So many times we get brought in, we’re like, hey. Let let’s talk about security. Like, well, we just got CrowdStrike three months ago.
They’re like, if we could’ve just asked this question three months ago, right, we could’ve helped either make sure they’re buying CrowdStrike the right way, or if they were evaluating, make sure they’re evaluating options that were, you know, available to them. And maybe there was other options they didn’t consider to be better within our portfolio that we could have, presented. So, you know, that’s one thing that we can help with. But then, also, there’s there’s always an ongoing evaluation. So security is a journey, obviously.
Everything is is being constantly evaluated. Is it working for us? Is it addressing our needs? Are the alerts we’re getting? Is it too many alerts? Do we know how to handle those alerts? All of that stuff is always going all always on.
And so sometimes it’s just, hey. We’re we’re in a current evaluation of our firewall. Firewall comes up next month or next year. We’re starting now.
Right? So there’s there’s always something to evaluate. And sometimes we just set I say I help, on due care due diligence. If you like what you’re doing?
Great. But if you need to evaluate from a board perspective, we need to show the board that we’ve gone through, we’ve actually done our evaluation, and what we’ve got is still working for us and the best fit, no problem. But give us the opportunity to help with that due diligence, and we can potentially show some vendors that can do something maybe a little bit different, save some money, or potentially, you know, are using next generation tool sets that can get them into that, you know, AI security tool set.
Yep. Agree.
A lot of different ways that could go.
Yeah. And, again, guys, we are here to help you guide this conversation with your clients. Quick win story. Last week, I was I just picked up the phone, called one of our one of our partners.
And just over the cell phone, we’re talking about email security, and he’s like, hang on, Samara. He three weighed in just on the cell phone. He three weighed in his client, and it wasn’t just any client. It was a, you know, a CTO of a major corporation, over two hundred thousand employees in this company, and just a quick conversation on, hey.
You know, we need email security. What do you have today? And it was forty there wasn’t a Zoom call. There was no prep. It was just a quick phone call, and he walked away with a deal reg of two hundred thousand k in licenses. And we registered the following morning, and it’s gonna it’s got a ninety five percent probability of closing.
The the CTO I was talking to is super excited about this. And, again, it doesn’t have to be formal. It doesn’t have to be informal. It’s situational. Pull us in when, you know, when you, are ready to have these conversations with clients, and we can help make your sales cycle hopefully shorter and bring in depth of expertise that you need to close these deals and stay relevant with your with your clients. So that is the Telarus advantage, which takes us to our next slide.
Being a hundred percent vendor agnostic works in your favor because you’re building trust from day one. We are business outcome guided. We wanna when we come into a call, as you know, we will start with outcomes. We will do discovery.
We will align security investments with what matters most to the companies. We have a complete ecosystem. Our suppliers are top tier suppliers, and we’ve got all the solutions you need for any digital landscape that’s out there. And with and, again, also with compliance, same thing.
Your one stop shop for every need, and I’m gonna spend just a minute on expert access. You’ve heard of our engineering team. I I was on that team as an architect for a short time, and we have over four hundred certifications in this team. When we go to slide thirteen, Chandler, I’m just gonna give you a quick view on our our engineering team and just kinda brag on them for a little bit led by Josh La Presto, our SVP of sales engineering.
And if you see these solutions engineers and architects, over four hundred search between them. They come from, you know, all different walks of life, but our engineers can go wide into any practice areas. So whether it’s network, cloud infrastructure, c cat CX, UCaaS, AI, security, and they know how to cross sell between them. So it’s, you know, just amazing group of folks to tap into.
Our architects are awesome. They can go deep into the their niche technology areas. So leverage them. They are here to help guide your conversations.
Right? They are they they can get you from point a to point b faster, with the right insights that help that can help guide your clients.
So from here, I wanna just the last slide I have for you is, well, I take that back. I have two more slides left. This is quick quick intro into outcome based educations and trainings that we’re gonna have for you this year. This is the content.
My predecessor and my dear friend Jason Stein did an amazing job laying out the foundation for security. I’m building on that foundation that he’s laid and taking it to an outcome based education and trainings that we have, marked out for you this year. Security simplify, cross sell like a pro. Wanna show you how to cross sell into different areas of, technologies.
I’ve got for our, one on ones, I’ve got easy to sell bundles, so packages that you can talk about with your you can have comfort in talking about, easing to easy to sell bundles. And then for those of you who wanna dive deeper with me, kinda where the angler fishes swim, we are gonna go security by design, selling the stack, defense layer, layer by layer in-depth. And you can experience all this content in, beyond the solution events we’re gonna have this year in person virtual, our tech summits, our hit calls like this one, lightning sessions, one on one, our regional events. And, of course, all this data content is available to you on demand twenty four seven, three sixty five on Solaris University and Next Level BizTech.
And lastly, the most important point I’m gonna make all throughout the call today is twenty twenty six is your moment to lead security conversations. You have the competitive advantage because business leaders are looking for spokes like you to help them bring clarity into complexity. Right? They’re looking they’re not looking for another vendor pitch because vendors are tied to a certain set of technology.
Security leaders need agnostic. They wanna know what all is out there and what’s gonna work for me for my DNA. And you can cut through that noise for them. And they need a guide they can trust, somebody who understands their business.
We talked about that earlier.
This is gonna be your moment to lead. And I’m I’m hoping and walking with you that this year, we can turn security into your strongest growth lever.
So with that, Trevor, any last thoughts from you?
Yeah. I mean, we were talking about this. You know, the competitive advantage really for trusted advisers is in the name. Trust. Right? Trusted adviser. And there’s not there’s nobody that can take that away, you know, with that position that you have with your customer.
Specifically in cybersecurity sales, trust is a requirement as part of that. You know, once you build trust with them, maybe selling other solutions, you have that trust. The trust is required to for cybersecurity. They wanna know that you are gonna be an adviser that can help them, reduce their risk, to you know, specifically with with the individual people, right, that that you’re going to help them in their day to day lives, you know, look good to their boss and but also not add more work for them because they’re already, you know, in the security realm, usually task saturated and, facing burnout and all these things. Right? On the personal level, they’re looking for trusted advisers, and that can’t be replaced, like I said. So leveraging that trust is really what your competitive advantage is in the marketplace, and I think nowhere better than in cybersecurity sales.
Yeah.
Wonderful. Well, thank you guys so much for your presentation today. It’s been fantastic, and I’m gonna quickly transition us into q and a. We only have a few minutes left, and there are so many questions in the chat that we probably won’t get a chance to get to, but there are a handful I would like to go over. For both of you, for the advisers who feel behind on security, what is the fastest way to get caught up without getting overwhelmed?
Oh, you wanna take that one here?
Yeah. This. Can you go ahead and take that one, Tra?
Sorry. What was the question?
I was reading through the No.
No. No. Just for, like, advisers who feel behind on security right now. What is the fastest way to get caught up without getting that overwhelmed feeling?
So it’s easier to get overwhelmed. I do all the time. Right? I’ve been, I always say cybersecurity is like a an information security. Someone mentioned that earlier. Right? There’s a difference.
Really, the topic, it it’s like a treadmill that’s set to ten, and you just gotta jump on and start sprinting.
There’s I don’t see much of another way around it. Now everyone can do that. Everyone can jump on and just start going. If you feel like you’re getting behind, part of it is just going for it and and getting on the wagon or getting on that treadmill and just trying to take in as much as you can.
And, eventually, you’re you’re sprinting, and and you’re caught up and you’re at pace. Right? But that initial jump is it can still be rough. What we’ve tried to design and what we’ve built out at Telarus is that we try to make that as easy as possible so that you can bring in somebody to have that conversation with you as part of your team.
We default as just part of your team. We don’t, you know, mention necessarily Telarus. We don’t have to talk about, you know, the intricacies of the channel. We can come in and then side by side with a customer talk about these these topics and help walk through and be a member of your team as as an adviser to the customer.
I don’t if you have something different, Samara.
No. That’s perfect. Yep.
No. That’s fantastic. And there were a lot of questions that I’m gonna try and summarize up together because it all kind of touched on the exact same thing. And it was all coming back to, like, what about our our clients who already have, like, a I already have someone that handles an MSP, that handles my security. You know, what’s one misconception that clients still have about cybersecurity that advisers can kind of help correct quickly? Even if they have those outside sources, what what can they do to say, like, have you also thought about blank? Are they helping you with this to also get this rectified?
Yeah. Great point, Cassandra.
What I do when I when I when a client says that is, when was the last time you evaluated the the the what your the services from your MSSP? Are they hitting the the six minute, you know, ident attack to identification, milestone that’s out there, the the meantime to respond? Are they so I’ll take some stats that are industry known stats that I know kind of the MSSPs aren’t hitting it today, but I’ll ask those questions to the clients saying, are they actually hitting these for you? Are you do you have visibility?
Visibility is a big thing for clients. And with most MSSPs out there, you don’t have great visibility. That’s just a you know, that’s just how it is. And most of the time, the clients are like, no. We don’t have visibility.
So or if even if they say, hey. We have somebody in place. What I like to say is, when was the last time you evaluated them? You know?
We have great resources that can actually come in and ask some questions and see, are you getting the biggest bang for your buck? I know you’re paying so much every year for your MSSP services. Wanna make sure that you are investing in, something that is actually tangible for your company. So if you ask those questions, especially relative budget, you’ll open up those conversations.
And and last but not least, I know we had so many other questions.
But one thing since you have the experience as a previous CISO, like, can you speak how best to approach them? I know that but, typically, they a lot of our advisers will engage with traditional IT. And, you know, to that point, typically, it’s hard to get to those type of people. So in your respect, what do you think will be the best way to approach so that you can build that relationship and trust?
Sure. I mean, one one is just, know, the cold calling way. Right? But the other is when you already have relationships in the company with the CTO or the CRO or, you know, any anybody outside of security, if you have that relationship, you ask for that.
Ask them to meet with the CISO. Ask them to have that open up that conversation for you because at this point, you have earned the right to ask for that business because you have done the hard work for your clients to get them the right solutions, to save them money. You have earned the right. You belong in that conversation.
So don’t be shy for saying, hey, John. I know we did just did a we’re doing a network transformation for you. I’d love to meet the CISO because I wanna show them the security solutions we have. You have every right to ask for that.
So because you’ve done the work. So I would ask for that intro. And when it’s a warm intro from within the company, I would always listen to a CTO or my, you know, my counterparts to say, hey. I’ve been using this guy to help me with the refresh.
I want you to talk to them too. And I’d be open to that conversation. But if it was just coming to me from a third party outside, I’m probably not gonna I’m probably gonna ignore it.
So ask for those connections from within your within your network today.
Wonderful.
Yeah. And and I I’d add to that, you know, especially on the AI side, right, when we’re, you know, AI agents, AI, you know, doing this, doing that, and obviously, we wanna push those opportunities out of those sales. Sometimes maybe we we don’t wanna bring up a security conversation because we think that’s gonna be a roadblock. I can say if they do have a CSO or they do have a security arm of that organization, if you don’t inject your con yourself into that conversation, it’s gonna be had behind your closed doors, and you won’t be a part of it.
And they’re gonna have that those, security evaluations of is, hey. The CX AI tool looks great. Is it gonna be something that we’re gonna willing to take on the risk, or can we even mitigate the risks? The answer is yes.
We can help there too. But if we’re not in those conversations, we may get cut off by the CISO on other things we’re trying to sell. So pushing yourself into that conversation, don’t think of it as a roadblock. It’s cybersecurity is a growth enabler.
The whole point of security in an organization is to enable the business to do it, complete its objectives in a secure way. So we can certainly help in that regard.
Yep.
Well, Samira, Trevor, thank you again for such a clear and practical view of cybersecurity.
I know it can be scary, and I know that that can always be very strange to jump into something new. But, hey, I feel like the advisers are walking away with new ways to kinda position it and also some new opportunities to lead stronger client conversations.