Subscribe to the Next Level BizTech podcast, so you don’t miss an episode!
Amazon Music | Apple Podcasts | Listen on Spotify | Watch on YouTube
Transcript is auto-generated.
Welcome to Inside the Win. We’ll break down real world wins showing you exactly how strategic partnership with our experts empowers you to tackle your most ambitious opportunities with confidence. Let’s jump in.
Hey, everybody. This is the cybersecurity edition. With me is Trevor Burnside. Hey, Trevor. How are you?
Hey, Jason. How’s it going?
What we thought we’d do is give you we’re gonna dissect a deal, one of the deals that came in that Trevor had the opportunity to work on, tell you a little bit about how the deal came in, what were some of their pain points, what was the customer and company size, and then how did Trevor navigate the conversation, and then what do we do to win? And then what were the repercussions after we ended up winning the deal and and how the customer may have grown. So, Trevor, with that being said, let’s talk about this first deal.
So what industry was this deal in? How big was their organization?
How big was their IT staff? And then how many were dedicated to cybersecurity?
Yeah. So this opportunity, the client is a software company and technology that are really in the end of, like, entertainment industry, but really software technology based, from their offering set. Really only a couple hundred users, but because they are a software company, they had lots and lots of servers. Their cloud footprint was was, substantial.
So at FirstPass, you might think a small company, only a hundred or so, you know, two hundred users, but really actually a large, footprint.
And then, you know, with actually being a technology company, the IT staff was only two people, and they didn’t have anyone dedicated on that staff for security specifically.
That’s, crazy. And that’s like most of our customers. They have small IT staffs, and they’re trying to figure out how to navigate this while they’re running around with their hair on fire. So let’s talk about the the issue that the customer came to you with. So what were the circumstances that the customer got introduced to the TA, the TA got introduced to you, and how did you end up starting that conversation?
Yeah. So, this customer, unfortunately, had been hit by ransomware and pretty significantly to the point that their their whole environment was locked up.
And they ended up going and finding a third party to help broker, the the payment for the ransomware. So they actually get some of their files back or as much as they could. And then their cyber insurance also were kicked in, and they brought in a digital forensics firm firm to go through, help set up some of that initial hardening of the the environment, but then also go through the forensics and figure out, you know, attack vector and all that kind of stuff. So at that point, the digital forensics organization, which is common, put in a bunch of tools to help, you know, collect all the data that they needed to run their analysis. But then at a certain point, they leave the customer high and dry, and the customer’s back to managing the environment the way they were post breach and but this time, you know, afraid to death.
But So how do you navigate this conversation? Customer says I’ve been breached. I’ve lost a bunch of money stuff. I’ve paid the ransom. You get introduced to a cyber insurance provider. And then do you immediately start to say, hey. I think you this point solution would be good, or did you start to navigate a lot of different conversations?
So it started out as, hey. Our digital forensics company, they put in Carbon Black, which is an endpoint tool, on all the endpoints to collect data and do the forensics, things like that. So we still have Carbon Black today.
We don’t know how to manage it. We don’t we’ve never used it before. We don’t we’re not really certified in it, and we don’t have anyone on staff dedicated to security anyway, right, to to what we do with the alerts. We don’t have anyone that have a process to to respond to alerts.
So at first, it was, hey. Who can manage Carbon Black and then, you know, slot with essentially doing MDR with Carbon Black as as that tool? And then expand it into, okay, you where are you from a security posture perspective? Where are you at in your security journey?
And it turns out they really were, not very, advanced as far as, they didn’t have a framework chosen. We were going through, the questions as far as, hey. Are you using NIST? Are you using CIS benchmarks?
Are you, you know, what is your posture built on? And they hadn’t actually built a security posture on any proven framework, which is part of the reason why they had the issues that they did with the ransomware. They didn’t have good patching, policies. They didn’t have really good security policies in general.
And so we were able to come in and expand that from what would have been managed detection response all the way to compliance services, to VCISO, to really helping them, improve their security posture from where they were, previous to the breach.
That’s fascinating. That’s why Trevor is one of our incredible security experts, got his master’s degree in cyber. So let’s let’s say so this deal had to have been super easy to close. Once they start talking to you, you expand the conversation, you make some recommendations on some suppliers. Done deal.
Right? So if if it were only that easy, this opportunity actually started a long, long time ago, and we had gotten involved. And we brought in great suppliers to the table, to answer this that could do initially what the customer needed and then some.
The interesting thing as, you know, customers often do, they did some window shopping, and he actually had a vendor that he brought to the table that he wanted to consider Arctic Wolf as as an option, to for what they were looking for. And in our analysis and gathering the requirements of what he’s asking for, his wish list, his his need to haves, his want to haves, all those things from the client, we were able to say from an agnostic perspective, based on what you’re telling us and what your requirements are, I can say that the vendors that you’re looking at are not gonna be able to accomplish what you’re looking for. They’re not a good fit, and they’re not going to be able to help with some of these other initiatives that you have coming down in the future.
After our engagement, the customer actually did go with Arctic Wolf and and signed with them. And so we kinda waited around, and then couple months later, a customer came back to us after the fact and signed with eSentire, one of the vendors we brought to the portfolio, because they could answer those requirements like we had said and that we had advised the customer.
So that to me is very interesting for all the TAs out there. Don’t take the first no and stay engaged with the customer because a lot of times they make bad decisions so you can always follow back up and see how it’s going. And they don’t realize that companies like Arctic Wolf are fantastic, but you need to have a robust team. They’re just gonna give you alerts, and they’re not always gonna help and fulfill all the things that you’re looking for.
So let’s talk about so you end up bringing in a provider. You get back in there. And then did the conversation pivot to other things? I think you mentioned a few of those things.
And then did it expand once we ended up closing the deal with one of the providers in our portfolio?
Yeah. Yeah. Good question. So I think, it’s a good example, really, of the sales acumen from the supplier that we brought to the table as well as the partner on staying engaged with the client, you know, not taking you know, when they had moved on is staying engaged, be involved, making sure that things were going on track. And when they weren’t, they were able to jump in there and really, win that opportunity back.
Because of that, this customer and the partner actually built a lot of trust with each other. That or the the the customer had a lot of trust in our adviser because they knew that we had their best interest in mind. And since then, of course, we’ve expanded with eCentire to selling additional things like pen testing, like compliance, like gap assessments to really help build up their their posture. But, also, that customer has expanded with that adviser to sell into cloud and to other areas in their business that they could see that they could help them, just because of that trust that they had built up in the process.
I love that. So, see, cybersecurity is the gift that keeps on giving. First off, not only does it get you into your your customer, but then you can land and expand, start talking about other products that are in the portfolio, other advanced solutions, but then it grows. It doesn’t just have that initial sale. They end up trusting that supplier, and they end up bringing more. So Trevor and our engineering resources are so good at making you look fantastic in front of clients. So what are what what’s one thing that you could share with the TA that you learned on this deal that they could take into their daily conversations?
I think one thing I learned from this one is staying, obviously, like I mentioned, staying involved. When you feel like a door is getting shut or a window is getting an opportunity is getting shut, there’s other windows to explore. There’s other doors to go after in an account. And it it’s still valuable to stay in touch with the customer and make sure even if they’re working with a vendor that you didn’t bring to the table, understanding how that process is going.
Are they happy? Are things, are they meeting the expectations? Because as soon as they’re not, that’s really the value of being that adviser is you can help them, guide them, to to get the most out of their investments that they’re making. And then building that trust long term, I think cybersecurities especially, the those deals are one on trust.
And if you have trust with a client, you’re able to sell cybersecurity. You’re able to expand and sell everything else that we can in in the portfolio.
And I think this is a good example of that where it wasn’t just cyber. It ended up being cloud. It ended up being other things, and the relationship’s ongoing.
Fantastic. Trevor, thank you so much. Everybody, thank you for listening to anatomy of a deal cybersecurity edition. We’re excited to launch this series and continue to have more opportunities that we’ve won that we can tell you about that’ll hopefully help you win and have other success in the future as you’re looking to talk to your clients about cybersecurity.
Thank you as always, Trevor. Appreciate it.
Yeah. Appreciate it. Good to see you.