Selling threat intelligence is the latest trend in security solution sales, and there’s a good reason for it. With the media announcing new hacks of seemingly impenetrable enterprises almost daily, and the proliferation of new and craftier malware, things have changed in the world of data security. The paradigm of one-stop technological solutions, of installing a virus scanner and having that be enough, is becoming a thing of the past. In fact, in this day and age, providing only those services might not be selling clients what they need.
Taking the right approach to security is becoming more important than installing any one piece of software. Using the potential of big data in order to analyze and identify susceptibility to threats, using well-informed security consulting to stay on top of the trends in the security landscape, and training client staff on things to be aware of and best practices for managing security are all types of important threat intelligence that resellers can offer clients. But when it comes to selling threat intelligence, there are important concerns that might not always appear at the forefront of a seller’s mind. Whether you’re an old pro or new to the space, here are some features of the threat intelligence market that are often overlooked, but that can be vital to a profitable partnership.
Crunch the Numbers—Don’t Just Hand Them Over
The difference between uninterpreted industry news and actionable security intelligence is a big one—and an important one. Clients aren’t just looking for a data dump on the general security needs of their industry. Everyone has seen those types of reports—printed out, sitting on filing cabinets, and collecting dust. Clients want—and need—their threat intelligence to get granular on the specifics of what’s developing, its proximity to their business in particular, and the ways they can go about responding.
Threat Intelligence Should Inform a Plan of Action For an Entire Enterprise
Sure, staying ahead of patches and updates is a big part of how IT departments secure enterprises. But one of the important aspects of threat intelligence is that it can help extend security preparation beyond just security professionals. How closely is the email administrator watching the news for new phishing schemes? How aware are C-suites of the role that online behavior throughout an entire enterprise—not just a few select IT people—plays in keeping malware off of business-related machines and networks? Part and parcel with threat intelligence is having a consulting relationship that can show enterprises how the security data affect everyone in a company and how that data can guide policies, behaviors, and action.
Think Outside the Traditional Ways Hackers Access Systems
The classic mode of hackers making their way into networks through holes in an enterprise’s firewall, through unpatched backdoors, or through cracked passwords isn’t necessarily the way they do things in 2015. With people bringing devices in and out of enterprises, connecting to business networks, and installing all types of unvetted apps every day, devices can pose big threats to security. Services built around fastidious research on emerging threats in areas like mobile device malware are great ways to ensure that a client has all of its bases covered. Partnering with services that provide this kind of information can allow clients to constantly reassess the overall safety of such policies as BYOD (“bring your own device”), and can be a big value add for enterprises that aren’t aware of all the potential vulnerabilities such policies can create.
What trends have you seen developing in the world of selling threat intelligence?