The Old Cyber Sales Process is Dead…Long Live Cyber Security As A Protector of the Revenue.

The Old Cyber Sales Process is Dead...Long Live Cyber Security As A Protector of the Revenue.

This post was originally shared on LinkedIn here.  | 02/02/2021 | by: Eli Migdal

Cyber Security is not a moneymaker for most businesses, especially for SMEs.

So… let’s first figure out what you are actually trying to sell.

When you are approaching the sales process for a cyber product what are you actually selling?

Are you selling technology?

Well… MOST decision-makers don’t care which technology is being used, they don’t care!

So, if not technology, are you selling a security product?


Well, good luck explaining to the Decision-Maker that you need the security budget “on-top” / “as well as” the IT element of the investment. You will usually end up with the same question from the decision-maker – “isn’t Cyber Security an IT Thing “?


Cyber Security is a Risk Reduction “type of solution” and the instant follow-up question is: “Risk Reduction for what” …. and the definitive answer is REVENUE!

When you are selling a Cyber Security service or product you MUST link it with the revenue of the company, Cyber Security is there to enable / protect / enhance the MONEY MAKER


Cyber Security should be perceived by decision-makers as the protector of the revenue, but how do you achieve this?


You START your Cyber Sales process with Cyber Threat Quantification…. You quantify the value of a single day, this is your conversation starter.

But, how do you get this info in the initial Sales process?


My response is always: “How can you try to sell a Cyber Product” without knowing how the company makes its money?


If you don’t know their revenue or how many employees are reliant on technology, can you offer an informative quote or consultation? Are you really expected to “go in blind”?

And this is a contributing factor to why the old Cyber Sales process is failing so hard.


You are trying to sell a Risk Reduction product, a revenue protector product when you don’t know the revenue nor the basic risk information. So you’re going to fail, or find it incredibly difficult every time.


Cyber Risk Quantification is one of the BEST conversation starters, it will get you directly to a Decision-Maker, likely the CFO in cases of SMEs.

So, what are my pragmatic steps to putting this into action?


  1. Ask! – during your first contact, tell your lead that you want to do a Cyber Threat Quantification so you get a better approach to the sales process, you are already offering them a higher value proposition than elsewhere. As well as actual information that you can make a decision with.
  2. Don’t be afraid to Google it! – Not many people realize that a lot of companies’ financial info is publicly available online.

When you Quantify – you can put your solution together with the threat cost, one against the other – showing a CLEAR ROI.

Usually, the YEARLY COST of the Cyber Security solution is less than the Threat cost of a SINGLE DAY.


And then Usually…. its:

No excuses, use Cyber Risk Quantification in your sales process and you WILL sell Cyber Security services and products efficiently and effectively!


Boardish made IT & Cyber Quantification easier and more accessible by creating a sales quantification framework:


If you want to try Boardish for yourself or get a custom demo for your company – drop me a message!

Eli Migdal, the co-founder of Boardish (

Quicker IT & CYBER Budget Approvals

When technology meets 'bottom line'. There's Boardish.

Get the pragmatic guide to cyber risk quantification