Selling Security

Adequate security is a necessary commodity for any company that relies on technology, creating a massive sales opportunity for the channel. But with a wealth of vendors all keen to declare that their offering is the most robust, selling security can be a confusing business for resellers.

  • E-Mail
By  Administrator Published  October 31, 2006

Channel Middle East surveyed the major vendors in the security sector to find out where the Middle East market is heading and how they are equipping their local channel for growth.

They are: Jan Lawford, VP UK, DACH, Eastern Europe, MEA & Spain at RSA; Justin Doo, managing director MEA at Trend Micro; Samer Malak, channel manager Middle East at McAfee; Maxim Shirokov, business development manager at Kaspersky; Katie Spurgeon, channel and alliances manager at Symantec MENA; and Nick Banks, sales director EMEA at Watchguard.

Channel: What skills do resellers need to sell security solutions and how easy is it for you to find resellers with these skills?

Maxim Shirokov: They need to have strong skills in business development, a good customer base, techniques and processes that ensure that they have good exposure to customers, and ambition to really develop their business.

We’re also keen for resellers to have support and advisory skills.
They should be able to exhibit some knowledge and experience in order to come across professionally.

We would like to have more resellers in the Middle East who are able to demonstrate these skills, but sometimes it’s not as easy as we’d like.

Nick Banks: Resellers need to have knowledge of system integration and a strong routing and networking background.

With these skills they can be easily trained to provide a complete pre-sales and post-sales service for end users.

This is difficult to find in the Middle East as most resellers do not have a strong enough routing and networking knowledge, and every security vendor in the market courts the resellers that do possess this knowledge.

Quite often they sell the household names such as Cisco and Juniper rather than expanding their portfolios to include the more cutting edge security vendors.

Samer Malak: The Middle East is a growing region and there are a lot of qualified professionals with strong skills.

It’s due to the quality of personnel in the Middle East that the region is not quite as difficult to deal with as one might imagine.

Channel: How educated must a reseller be to sell security?

Justin Doo: Ultimately, they need to know our products inside-out.

They need to know how they interact and inter-operate with other solutions in the market.

An integrator needs to understand how all these applications work, what needs to go where, and how it needs to be seamless to the users on the network.

MS: When we pick up a reseller, we see what kind of certification they have.

We appreciate some sort of certification from security firms or security-related organisations such as Cisco or Juniper.

Then we introduce three levels of our own certification from Kaspersky Labs.

The first level is ‘data security specialist’, where a reseller is able to provide qualified support to the customer as well as pre-sales support and to be able to answer basic technical questions.

The next level is ‘data security professional’ and then it’s ‘trainers level’ — when a reseller is able to train somebody else.

Channel: How can resellers maximise their earning potential from selling security solutions?

Jan Lawford: They must do more than just provide products.

It’s about selling services and building relationships with customers.

They can really add value by helping them to navigate their way around what can be a complex minefield from a security perspective.

Security for some customers can be a real headache — it’s something that they know they have to invest in to protect their businesses, customers and partners, but it can be quite challenging for them to assess what level of security they need and how to implement that security in an effective way.

There is a real opportunity for partners to maximise their valueadd to the customer.

SM: McAfee offers its partners the potential of earning more money at a higher margin than other vendors in the industry.

We also offer management consultancy services, operations and risk management services to our partners.

Our product portfolio and what we offer to our resellers is designed to make them more money.

We also have another strategy to make life easier for our partners in that we don’t have a lot of partners concentrated in any one area of the market.

MS: I think it’s crucial to have in-house security expertise and the more IT security savvy a reseller is, the more the chance that this will be a better revenue stream for them.

JD: If they demonstrate a technical and commercial ability to create a difference in the marketplace for the customers that they service, then we will partner with them in terms of lead generation, customer development, marketing funds and representation in the local market.

Channel: What is encouraging customers to invest in security?

JD: I think the key factor at the moment is awareness.

If you talk to any company, they’ve all deployed anti-virus solutions, firewalls and ITP or IBS, but they still have outbreaks and threats, and they still believe that they’re exposed.

The message needs to get out to the broader market about what the physical threats are.

If there was no fear factor and everybody thought that we were living in a rosy garden then people would not invest in protecting themselves.

NB: Security is something we all need it but it is amazing how many people try to ignore the need until after they have first been affected by a security breach.

If you connect to the internet then you are guaranteed to be vulnerable to some kind of security breach unless you are properly protected.

This should be a major driving force for all computer users who use the internet, to insist that their companies or homes adopt a security policy.

JL: Compliance is a big driver.

In the last couple of years there’s been a flood of regulations in various markets and in business as a whole.

Organisations need to comply with regulation and implement stronger security to be able to comply.

Another driver is ‘password management’.

Research shows that the average user has about 20 passwords that they need to remember in order to access their IT infrastructure.

There’s a need there for users to have a secure and easy way to address the complexity of their infrastructure.

Channel: How knowledgeable are customers when it comes to assessing their security needs?

JD: Typically, the bigger the organisation, the more aware they are of the value of their data.

If you push it downstream to a small business with maybe five or 10 employees, IT is almost like a necessary evil.

It’s not part of their corporate strategy.

Their budgeting is about whether or not they can afford to put two more vans on the road, not about measuring the fuel efficiency of those vans.

If they lost half of their IT resources for a day it probably wouldn’t impact them that heavily.

But if a government department, airline or educational establishment lost half of their IT capability for a day, it would cause considerable damage to their business operations.

So it’s a direct proportion between how much the data is worth and how much the physical investment has been to what their awareness is.

JL: Most of the enterprises are pretty knowledgeable, but the whole issue of compliance is complex and the situation is constantly changing.

Enterprises have to ensure that their security policies and environment can keep up with this situation so there’s an opportunity there for channel partners to add value.

Channel: What is your strategy for growth in the Middle East region?

MS: In terms of our priorities for a particular segment, we are now looking to the enterprise government segments.

In the Middle East, piracy rate on consumer goods is quite high, which is why we are more inclined to go into such markets.

This doesn’t mean that we rule out the consumer market entirely; we just put it as a second priority.

We are focusing on a relationship with key countries such as Saudi Arabia and Egypt, and want direct partnerships in these key countries.

JD: We are strategically investing in the region, and will open offices in Saudi Arabia over the next few months to allow us to drive greater SMB revenues in the Kingdom over the next two or three years.

We want to have a direct presence and direct focus.

SM: We are primarily trying to conquer the midmarket because we believe that this part of the market is the fastest growing sector.

We are trying to create a channel portfolio to cover the midmarket well.

Katie Spurgeon: Our strategy is partner development.

We hope to help build up our partners’ skill sets and their knowledge of security as we’ve had a huge investment from our partner community this year in Symantec education services.

Channel: Which areas of the end-user markets are showing the most demand for security solutions?

JD: Demand, in its purest term, is coming from the people who know what the threat is. Therefore, it’s coming from the mid-segment, upwards into the enterprise.

Opportunity is certainly coming from mid-segment and down.

The need to create demand in that area is something that most security vendors are focusing on.

MS: I think it’s the enterprise.

Large businesses and government institutions are really driving the market forward in the Middle East.

Kaspersky also has antivirus for mobile devices and I would say that this is the second driver in the Middle East market particularly as smart phones are becoming common today.

It’s really just a matter of time before they really become ubiquitous.

Channel: What trends and technologies do you expect to define the Middle East security market during the next 12 months?

JL: The industry needs to become more dynamic and needs to serve the business rather than restrict it.

Security can often be seen and implemented in a way that it really limits the user and that needs to change.

Businesses need to use security not just to protect themselves, but to actually increase their productivity and their profitability.

What I mean by that is that if you can enable users to to access more services and data online in a safe environment, you can increase productivity and therefore your company’s profitability.

That enablement area is where I’m seeing a trend start to develop.

SM: One major trend is that people would like to have the visibility to measure their own security, because at the moment people don't know exactly how secure they are.

Although nobody can be 100 % secure from viruses, people want to compare their level of security or risk compared to the budget that they have.

MS: The trend is towards more quality software, because in this industry it doesn’t matter how many viruses you picked up — what matters is how many you didn’t detect.

To this regard, the antivirus products that provide the highest quality will eventually supersede those who don’t.

Resellers need to have knowledge of system integration and a strong routing and networking background.

Typically, the bigger the organisation, the more aware they are of the value of their data.

If you push it downstream to a smaller business, IT is almost like a necessary evil.

A reseller needs to make money on the products that they sell.

If there isn’t any money, they are going to have a lot of problems staying loyal to the brand.


Channel: What are the biggest obstacles you face in growing your security business in the Middle East?

SM: In the Middle East, like any other region there are those who know the security market well and others who don't.

I think the biggest obstacle for McAfee is that many customers don't know that they need the security until they get hit by a security breach.

Only then do they realise that they should have taken precaution and they need security.

The level of education in the market is the big issue for us, but again, in the Middle East in particular, the level of knowledge is increasing.

People are becoming more educated and getting better accustomed with the IT security market.

KS: We want to give our channel partners more freedom.

We’re trying to get our partners to develop further on our products and hopefully they will grow our markets.

Channel: How do you build reseller loyalty when there are so many security brands all offering something different in the market?

JL: I think that when a reseller carries the RSA brand into their customer, it receives instant recognition.

We’re seen throughout the industry as having quality solutions; our products work, and they integrate very well into very complex heterogeneous environments.

From a reseller perspective, that’s a good proposition.

KS: Symantec is a great brand and we’re a market leader.

We offer something that no other security vendor can: an end-to-end solution.

We protect more people online than any other software security in the World.

MS: Over the past three years, we have achieved over 300 independent awards for our products.

And on websites regarded by the IT security market as the most independent, we have received a lot of praise and recognition.

This really makes us better than our competitors because a number of independent tests are saying the same thing.

JD: A reseller needs to make money on the products that they sell.

If there isn’t any money, they are going to have a lot of problems staying loyal to it.

Also, we must find ways of appealing to the individual — as well as the corporate — and making the individual feel successful when they are successful.

After all, we all thrive on recognition.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code