April 30, 2020
This post is the first in a five-part series where we’ll be digging into why SecDevOps enables every department in an enterprise – not just Security and Development – to do their job better. The favorite phrase of security teams today is that “Security is everybody’s responsibility” – which it is – but often fail to link back why it’s also makes everybody’s job easier. Implementing good SecDevOps isn’t just about reducing cyber threats, it’s about being productive and finding new opportunities to gain a competitive advantage. This post will focus on why Sales Teams want a good SecDecOps program.
First, why don’t some Sales Teams care about SecDevOps?
- “Not my job!”
- “Isn’t that why we have an engineering team?”
- “What the hell is it?”
Often they think SecDevOps is just a specialized job function not tied to their goals or strategy. It’s just a compliance item to check-off. Security is traditionally viewed as prevention and compliance and not a growth driver. But they don’t know good SecDevOps builds the backbone of the one thing they really care about : Revenue!
In contrast, successful Sales Teams understand that SecDevOps is just as important to their goals as it is to that of security and development.
What are the Sales Team’s goals?
- Convert Leads
- Communicate Value
- Grow Existing Accounts
- Customer Retention
- Speed & Optimize Sales Process
Why these goals?
Revenue! Achieving these goals translate into more revenue.
How does SecDevOps help?
- Improves Product Confidence
- Increases Sales Velocity
- Creates Products Customers Love
If potential customers don’t have confidence in your product, they’re simply not going to buy it. And current customers won’t expand their usage of it – in fact they might actually stop using it. A well implemented SecDevOps process reduces risk to the business by increasing consumer confidence in the product. SecDevOps doesn’t just result in better application security, it actually makes sure the application is doing what it is supposed to do.
Poor security can cause server or application misconfigurations, or even downtime. This means the software application isn’t doing what it’s supposed to do. Even just seconds of downtime could mean millions in missed revenue and loss of consumer confidence. When there are security issues, it also means there are product quality issues. Great security needs to be part of the definition of a high-quality software application.
Salespeople are on the frontline and are typically the first person in a company to gain a customer’s trust. Salespeople get confidence in the product they’re selling by knowing engineering is using a reliable SecDevOps process. More confidence means more, and happier, customers.
Customers have become much more savvy about security. It’s top of mind in every sales process because every product they buy is a potential security risk point. This can really slow down sales, and even bring it to a halt!
Sales Teams need to be prepared for the onslaught of security questions like:
- How do you secure emails and passwords?
- What kind of encryption do you use?
- What kind of security policies do you have in place when integrating with third party vendors?
- How often do you perform backups?
- How do you manage incidents?
RFPs, which are common in many sales processes, are bound to ask many of these questions. Poorly prepared Sales Teams are bogged down by these questions as they try to find the right person to answer them. They ask the developers for help, and the developers tell them to ask the security team, and then the security team tells them to go back to the developers. This happens ad nauseam because of lack of continuity between security and development resulting in a longer than necessary sales cycle, and as the old saying goes, time kills all deals.
Sales Teams that are able to answer these promptly are supported by an efficient SecDevOps process. With a good SecDevOps program, there’s not just alignment between security and development, but also continuity of information. The process becomes easy to articulate so answers to security questions are effortlessly found. RFPs get out the door faster with a higher chance of winning a customer’s business.
Products Customers Love
Sales Teams simply desire to sell products customers want. This means continuously delivering new features that meet and anticipate market needs (and it’s even better when it’s ahead of your competition). However, legacy application security processes become bottlenecks in deploying new features, as they either become a drag on velocity or a team’s budget to innovate.
SecDevOps gives visibility in knowing that application security is being constantly deployed each release. It can predict, detect, and prioritize project delivery risks so that speed and security are no longer mutually exclusive. This effective process also allows for timely product releases, ensuring customer promises are not delayed by security issues. By proactively managing security as part of SLDC, the engineering and product teams can spend less time dealing with mundane non-functional requirements, and instead have the freedom to create a more innovative product that customers love.
Want to better understand how SecDevOps can be a strategic asset to your Sales Team? Let’s have a chat.