Hi. Welcome to Ingram Micro.

Please choose your role, so we can direct you to what you’re looking for.

If you’d like to learn more about Ingram Micro global initiatives and operations, visit ingrammicro.com.

How to Sell Threat Intelligence to SMBs

October 20, 2017

How to Sell Threat Intelligence to SMBs


As a technology reseller, one of the most consistent challenges you will face will be the challenge of selling advanced security technologies to smaller or more niche businesses. Your smaller customers may not consider themselves as much at risk as larger or better known organizations. Technologies such as threat intelligence can benefit even smaller businesses, however—and smaller businesses are often in just as much need of such technologies as their larger counterparts. Your job, as their trusted security advisor, is to communicate the importance of security technologies, in particular those that leverage threat intelligence.

This may seem like a lost cause at first. News headlines often make data breaches seem like the sole province of major corporations like Target, The Home Depot, and Sony. But you must make clear the fact that smaller businesses are at risk as well and often suffer proportionally greater consequences than the big multinationals.

Small and medium-sized businesses (SMBs) have smaller and often less globally distributed customer bases, after all, which means that any brand damage or perceived breach of trust can significantly reduce customer numbers—and sales. SMBs also tend to have fewer financial resources to fall back on in the event of a breach. Forensic investigation; possible legal fines, fees, and compensation to victims; increased insurance costs; and the other financial consequences of a data breach can make a security incident very costly. Can your SMB customers shoulder the true costs of a data breach? If not, it would be wise for them to invest in technologies such as threat intelligence.

Why threat intelligence?

Baseline security technologies for the vast majority of businesses, including many SMBs, typically incorporate such well-known solutions as endpoint security suites for antivirus and malware protection, as well as firewalls for infrastructure protection, access control, and Web and email content filtering. These technologies are a good start. But where many legacy endpoint security and firewall technologies fail is in their inability to stay ahead of the curve when it comes to security threats. Legacy security solutions typically rely on occasionally updated lists of known virus and malware signatures, which they match against suspicious files or applications in order to detect and quarantine matches. 

Unfortunately, it isn't the known that is the greatest threat to data and network security, but the unknown. New vulnerabilities are discovered every day in a staggering array of hardware and software, and cybercriminals pounce on those vulnerabilities, looking to develop exploits before the manufacturers can patch up the holes. These exploits—known as zero-day attacks—slip through legacy security solutions and compromise systems by virtue of being as yet unknown. Similarly, targeted attacks aimed at one victim or a small group of victims also tend to slide under the radar of older security technologies.

The newer endpoint security suites, firewall software and hardware, and other enterprise security solutions that make use of threat intelligence greatly reduce the risk of an unknown attack getting through in order to compromise your customers' systems. They do so by leveraging vast and constantly updated threat intelligence databases that provide much more up-to-the-minute data on current attacks and malicious code than legacy solutions could, as well as by using big data analytics and heuristic prediction in order to determine how much of a threat an unfamiliar piece of code poses.

What makes threat intelligence particularly suitable to SMBs is the fact that in most cases, leveraging it doesn't involve much (if any) additional infrastructure investment. Threat intelligence databases tend to live in and be accessed from the cloud, which means that the burden of maintenance is on the shoulders of the security service providing the database, rather than on the customer using it. It's likely that updates (sometimes even incremental ones) to your customers' existing endpoint and network security architecture will be all that's necessary for them in order to begin reaping the benefits of threat intelligence

Do you feel capable of selling threat intelligence to your SMB customers? If you need more information, speak to an Ingram Micro specialist today.