The way security companies and channel partners sell to enterprise customers needs to change, according to a senior executive with security vendor McAfee Inc.
Martin Carmichael, chief security officer of the Santa Clara, Calif.-based vendor, was in Toronto recently and met with members of the technology press. He made the case for a paradigm shift in the way security is marketed, and reaffirmed McAfee’s commitment to its channel partners.
“McAfee is strongly supportive of our channel partner program and in fact, we live through our channel partner program,” said Carmichael. “It’s part of our core.”
Currently, he said McAfee is working to develop new programs to change the way McAfee partners discuss security issues with their customers. For too long, said Carmichael, all the security vendors have been playing the fear card.
Rather that discussing the worst case scenario with clients, Carmichael said the McAfee wants to give its partners the tools to have a discussion around the value proposition the vendor’s offerings can deliver to the business, and how they can improve productivity and competitiveness.
“We want them to be able to say this is how McAfee can enable your business,” he said. “That’s the message we want to deliver to our channel partners, and we want to live that.”
McAfee is currently hard at work developing risk management models that partners will be able to use, and Carmichael said it sees risk management, rather than fear, as the future model for security marketing.
“Could you imagine if channel partners could truly make quantitative analyses, or business cases, ROIs, TCOs, whatever you want to call it?” said Carmichael. “We want to enable channel partners to do those kinds of actions so they can offer their customers clear, decisive benefits as to why McAfee is a better choice.”
Security partners need new tools to sell to CSOs, says Carmichael, because the challenges faced by CSOs are unique. They’re one of the only departments, he noted, where success is punished and failure is rewarded.
Every time a CSO is effective, takes security up the chain, makes sure nobody knows about it, ensures security is in the background, Carmichael says they don’t get more budget. Instead, they’re likely to have their budget cut. When do they get more funding? When a security event occurs.
“As a CSO, the failure of security offers me success financially, and the success of security offers me financial concern,” said Carmichael. “Think about that paradigm. It needs to change.”
Security vendors and partners, said Carmichael, need to have a new value proposition for CSOs, and for businesses. They need to understand the whole architecture of security and its relationship to business processes and, instead of talking about fear, talk about delivering business value. That’s at the crux of the shift McAfee is undertaking.
“Security has a unique paradigm we really need to think about,” says Carmichael. “We’re at a crux in time here that is defining where we’re going to be in the next 20 years.”
For more on Carmichael’s visit, please see our sister publication, ComputerWorld Canada
Comment: cdnedit@itbusiness.ca