As a Cyber Security Vendor, are you really selling cyber products?

selling cyber products

As a Cyber Security Vendor, are you really selling cyber products?

selling cyber products

I have a question for the cyber security vendors out there.

What are you selling? – are you selling technology?

In my opinion, the answer is no!

You are not selling technology, of course, the “Technological element” is important and will usually be discussed by the technological ranks but it’s the decision-makers that will be focused on something else.

They usually don’t really care which product it is and which technology it uses.

They are after another piece of the puzzle – how this ‘solution’ helps the company.

When you’re selling cyber solutions you’re actually selling the ‘mitigation of risk’ aka ‘this solution reduces the risk/damage of ‘something’ by X%’

But percentages are a hard sell and hard to justify when you’re trying to convince someone of the ‘likelihood’ or the ‘probability’ of something happening.

Instead of trying to sell fear (aka FUD) or the technology (“our solutions use AI, ML, blockchain, latest innovations” etc.), sell what they want to see.

Business impact.

It goes back to the same principles in marketing – know your audience, and cater to your audience’s needs.

Well decision-makers need to know exactly how your solution helps. And using financial figures (aka money) is the answer to this.


  1. What is the financial impact (cost risk) of the threat to the business e.g. what financial damage will Ransomware do?
  2. What the full solution cost is – including the time/cost element of various professionals in to implement it (which is often ignored in the calculation!)

Compare this to the turnover of the company and they’ll be able to see if it’s a viable option and whether the risk mitigation is truly worth it!

If you want a tool to do it easily – this is what you’d end up with in Boardish by running these sorts of simulations.

Now the decision-makers have a clear path:

How much is the Threat

How much is the Solution

How much exposure do I have left after the solution mitigation.

From my experience your Management or Board is not expecting you to show 100% mitigation, they are expecting you to reduce the Risk cost with a significant number, so the remaining exposed threat cost is acceptable by the business.

We have created a unique Methodology and Tool to show your Cyber ROI, Free Trial, Free training, no excuses just result.

You can see our sales approval methodology here:

Eli Migdal – Co-founder of Boardish 

Quicker IT & CYBER Budget Approvals

When technology meets 'bottom line'. There's Boardish.

Get the pragmatic guide to cyber risk quantification