Saryu Nayyar | Forbes.com »
According to leadership authority Stephen Covey, “Contrary to what most people believe, trust is not some soft, illusive quality that you either have or you don’t; rather, trust is a pragmatic, tangible, actionable asset that you can create.” In the business world, trust is indeed a critical asset that must exist between an organization and its suppliers.
Perhaps the ultimate trust, though, must exist between an organization and its providers of security solutions. Whether it’s physical security or cybersecurity, this type of provider has direct access to the most important assets a company has: people, equipment, intellectual property, employee and customer data, proprietary business applications and so on. Even a small compromise of any of those assets could be disastrous for an organization.
As the top executive of a cybersecurity software company, I never forget that customer trust is one of our top assets. If we were ever to lose the trust our customers place in us, it’s game over. We do our best to develop and maintain a trusting relationship with the companies that use our solutions. We live by the Napoleon Hill self-help mantra, “You can succeed best and quickest by helping others to succeed.”
But I’m not here to talk about my company. Let’s talk about yours and the factors that are important for having trust in your security providers.
How To Gain Trust In The Product
For most buyers of cybersecurity solutions, trust in the supplier develops and evolves over time, usually around the two focal points of the product/service and the company itself. Both are important. You can feel good about a product but have doubts about the company behind it and vice versa when you have a good company but an iffy product.
Trust in a security solution requires that it be a strong offering that does everything the vendor says it does. How would you know if it meets that criterion? Follow the principles of research, talk and try.
The vendor will no doubt have its own whitepapers, videos and webinars that describe the product’s features, capabilities and benefits. That’s all well and good for background information, but independent external technical reviews and customer referrals are where you’ll get the real scoop on the product. Ask the vendor for a list of customers that you can call to get the good, the bad and the ugly—especially the ugly—of their experiences using the product.
Look at the partner ecosystem around the vendor and its products. Both channel partners and technology partners can vouch for the reputation of the vendor and the viability of the product—but keep in mind they have a vested interest in the sale of the product.
This next recommendation is a crucial trust-building exercise. Have the vendor discuss the six- to 12-month roadmap of the product’s development plans with you. You need to know that the vendor takes your input and wants to address your use cases, now and in the future. If a vendor won’t discuss the roadmap with a prospective customer, it’s time to walk away because there’s no trust here.
If all looks and sounds good so far, it’s time to test the product for yourself through a proof of concept (POC) or proof of value (POV) project. An in-depth POC or POV should answer a lot of questions about how well a product can meet your needs and satisfy your use cases as well as how much value it can bring to your organization.
Gain Trust That The Vendor Is Truly Your Partner
Aside from having trust in the product, you need to develop trust in the vendor company itself. Most important is having open, honest communication (see roadmap discussion above).
People in the company should be available and responsive to you. This starts with a sales team that listens and is your advocate for what you need and want. It continues with a worldwide support organization that can help resolve issues 24/7. It includes company executives who can share strategic insights and a customer advisory board (CAB) that serves as the voice of the customer. Many vendors also have an executive advisory board that provides direct input to and from the company’s executives. All of this communication should inspire trust. If the communication is lacking, find another vendor.
Everyone wants to know they’re getting a fair deal. A trustworthy vendor has transparent and fixed pricing models with modular product packaging so you don’t have to overbuy and can expand later as needed. Beware security vendors that price their product by the amount of data ingested into the analytics engine. This encourages customers to limit the data they analyze, which in turn handicaps the ability to search for threats in the environment. The “pay for data” model is anathema to security best practices that dictate a holistic view of the environment using as much information as possible.
When you think of the security market, there are some big-name players that come to mind. Do consider them but also look beyond the large companies. Many small or startup companies are worth a look for their innovative technologies and unique approaches to threat detection and prevention. Small companies also tend to be very attentive to the customers they do have.
Trust Is As Important As Features, Functions And Capabilities
In the end, trust takes time to build but only a moment to destroy. Your security vendor(s) should be working every day to earn and build your level of trust in them. After all, you’re counting on them to protect your most important assets. No number of features and functions or bells and whistles can supplant the importance of knowing your vendor is as invested in your success as you are.
Build Trust With Your Security Vendor