Let’s keep selling through this.  Our commitment to you in these uncertain times →
The ultimate cybersecurity sales guide: 7 methods to sell cybersecurity

The ultimate cybersecurity sales guide: 7 methods to sell cybersecurity

Security is a constantly evolving business. Whether you offer cybersecurity services or products, the methods you use to reach prospects need to be as adaptable as the security measures you use to protect them.

In Verizon’s 2020 Data Breach Investigations Report, it was found that 72% of breaches happened at large businesses, while 28% happened to small businesses. That said, the breaches at small businesses were discovered within days on average, while most big business breaches took months to discover and resolve. That’s a dangerous time gap your prospects need to shorten.

The type of attacks have also evolved, with 43% on web applications (a 50% increase from the previous year).

As hackers become more adept and the attacks become more common for large and small businesses alike, how can you convince prospects to trust your services or product?

Cybersecurity sales involves a great deal of trust. If you want to build trust in your prospects and grow your cybersecurity business, keep reading. We’re going to discuss:

  • The 3 biggest mistakes you can make in cybersecurity sales
  • 7 steps to develop a sales process that wins more deals
  • Our top SaaS sales tips for cybersecurity software companies

The 3 biggest mistakes you can make in cybersecurity sales

If you want to sell cybersecurity or infosec to your prospects successfully, make sure you avoid these 3 mistakes:

1. Assuming your prospect has a working knowledge of your product

According to a study by Cyber Streetwise and KPMG, 51% of small businesses think it’s unlikely or very unlikely that they’d be targeted for a cyber attack, and 71% of those who have never experienced a breach thought that the potential damage to their reputation wasn’t an important consideration.

Obviously, many businesses are unprepared for potential security breaches. And many are unaware of the potential dangers.

That means you need to adjust your pitch.

If you assume your prospects place the same importance on cybersecurity as you do, you could make the mistake of passing over the real benefits of your product.

After all, you can’t sell the solution to a problem your prospect doesn’t believe they have.

So, before you start explaining your solution, make sure you understand how informed your prospect is about cybersecurity, and whether or not they really understand the dangers. How do you assess the level of understanding your prospect brings to the table? By asking the right questions during the sales qualifying process.

2. Leading with the fear factor

It’s important for your prospects to understand the danger of cyberattacks. So, does that mean you should lead your sales pitch with horror stories of companies who have suffered attacks?

Not necessarily.

There are lots of reasons why companies should purchase cybersecurity software or services, including making sure they’re compliant with government regulations on security, being prepared for potential threats, and inspiring confidence in their customers by having the right security measures in place.

When you try to lead your pitch with fear and doubt, it can easily backfire: In the end, you yourself start to sound untrustworthy. Earning and maintaining trust in sales is crucial.

So, how can you form a pitch that doesn’t revolve around fear? (Keep reading, we’ll talk more about that below.)

3. Offering more than you can really give

How complete is the security you offer to your prospects?

If you answered 100% complete, you’re already making this big mistake.

In fact, we asked some cybersecurity experts what they thought the biggest mistake would be for a cybersecurity company, and they both gave similar answers.

Here’s how Magda Chelly, CEO and Founder of Responsible Cyber, explains it:

Once, I received a call from a company mentioning that their solution offered 100% security. That sale never happened because I know 100% security does not exist. So, making this claim is one of the biggest mistakes that companies can make.

The CEO of Apozy, Rick Deacon, shared a similar thought: “Cybersecurity is full of ‘snake oil’ and products that claim to solve everything like a silver bullet. That is never true and rarely possible. When people go too far or lie about what they do or how they do it, they seem outlandish and don't resonate with ‘in the trenches’ cybersecurity folks.”

So, what can you do to sell cybersecurity effectively, according to the experts?

How to sell cybersecurity: 7 methods you should include in your sales process

We talked with the experts found out how the pros are currently selling cybersecurity and infosec products and services to their customers.

Let’s see 7 of these proven methods that you can start using today:

1. Understand the requirements of different industries

Different industries have different requirements and compliance regulations that they need to deal with. For example, the security measures that a healthcare business needs to comply with are very different from what a law firm or accountant should be thinking about.

Depending on who you’re selling your cybersecurity services to, your offer will probably change.

That’s why it’s essential for cybersecurity businesses to understand the verticals they sell to.

You know security better than they do: So, dive into the laws and regulations yourself. Find out what’s required of certain businesses, or whether their location plays a part in what’s required.

Then, you’ll be better able to segment your prospects into different lists.

In Close, for example, you can create Smart Views that automatically group certain leads together based on your chosen criteria. So, you can create segments based on industry, location, or any other factor you feel is important. And you can easily modify and adjust those criteria and automatically update your dynamic lead lists in real-time.

2. Build and maintain a wide network online and offline

Your prospects are constantly bombarded with messages on all mediums, some genuine and some spam.

So, how can you capture people’s attention? How can you stand out as a true solution in a world of ‘spammy’ security messaging?

Says Magda Chelly of Responsible Cyber:

Making connections and maintaining relationships with your customers can be the key to success for most businesses. By continuously building a network of colleagues, business partners, and more, you are ensuring that whenever you need a strong pipeline and a definite lead, you can call upon your network to help you. One of my colleagues mentioned, you build relationships when you are interested in people, not when you make people interested in you.

Whether you build that network online or offline, it’s essential to be authentic. If you're in sales, and you're not . By selling nothing, you sell your prospect on you.

“Genuine, useful content and good conversation can lead to a new client,” adds Rick Deacon of Apozy. “The problem is people tend to be fake and ‘market-y’ and it doesn't work for them. Being someone that someone else wants to talk to is key.”

For example, you could:

  • Publish useful content on LinkedIn
  • Attend a virtual event in your niche (or host one!)
  • Get interviewed on podcasts and shows run by influential people in your niche

Draw your audience to you by providing content that sparks new conversations and helps expand your network. Be the person they want to talk to.

3. Become an educator and security consultant

Once you know the specific security regulations that different industries must comply with, you’ll be in a better position to educate your prospects.

Many businesses are a bit blasé when it comes to protecting against cyberattacks, but they do understand the importance of complying with government regulations. And they probably recognize that they aren’t well-informed.

That’s where you come in as the hero: You can help them cut through the legislative jargon and understand what’s actually required of them.

By being an advisor and educator, you position yourself as an infosec expert. This method helps you build trust in your prospects, and they’ll probably realize on their own that they need your help.

4. Ask questions that reveal needs they didn’t know they had

People generally hate being told what to do or what they need.

So, instead of trying to pressure or convince your prospects that they need better security solutions, ask questions to help them come to the realization on their own. For example, you could try asking questions like:

  • Are you compliant with regulations in your industry?
  • Are you protected against internal threats and accidental leaks?
  • How secure is your document sharing and internal communication?
  • How do you manage security risks for remote employees?
  • Do you have an incident response plan?

When discussing these and other questions, you can help your prospects realize they’re not fully prepared for the risks.

Then, they’ll be more open to hearing about your solutions.

5. Focus on how your product enables their business

Remember, scare tactics won’t work in the real world. Instead of using fear, use value to sell your product or services.

That means you can focus less on what you do, and more on what that does for them.

Here’s what Magda Chelly of Responsible Cyber does:

I summarize the benefits and value of the product that I am offering using regulatory requirements and use cases. This usually works in our industry, as depending on where the customers are, the awareness might be very different.

Use cases and case studies can be a powerful tool in cybersecurity. Since your prospects may not fully understand their needs and what they can accomplish with your product or services, it’s your job to show them real-world examples of the results they could see. This is a powerful form of storytelling that can help you close more deals.

Guide them towards that ‘aha’ moment with use cases that apply to their business.

6. Keep their priorities in mind

Each business has its own priorities and goals when it comes to security. Maybe they want to instill more confidence in their customers by using infosec products or services to better protect their data. Maybe they want to avoid fines for not complying with regulations. Or maybe they’re trying to find solutions to keep a newly remote team secure.

Before you dive into your pitch, you need to know what this prospect’s priorities are.

For example, imagine you start your pitch talking about how important printer security is. Then, a few minutes into the conversation, you realize this prospect recently moved the majority of their teams remote and have gotten rid of most of their printers. What they actually needed was security solutions for their remote employees.

Don’t be that guy.

Instead, focus first on their priorities, then form your pitch around their business. Not only will this save you time and energy, but you’ll also be more likely to pique their interest.

7. Don’t be afraid to be vulnerable

Can you really offer 100% security?

Come on, now, be honest.

If your prospects know anything about cybersecurity, they’ll know that 100% security isn’t possible. So if that’s what you offer, you’ll immediately lose any trust they may have had in you.

Instead, try being vulnerable.

Here’s what Rick Deacon of Apozy has done:

We close deals by being vulnerable and upfront with our product's efficacy and execution. To prove you can do what you say, you need to show a technical person what it does, how it does it, and what the real outcome is while not pretending you fix every problem they face.

Don’t pretend to be a silver bullet that solves every security problem that may come up. Even a prospect who isn’t cybersecurity-savvy still knows that what sounds too good to be true probably is.

So, be honest and keep it real. Help your prospects understand that complete security isn’t a realistic goal. Show how you can help them prepare for the risks and be in the best position to fight or respond to cyberattacks. Practice radical candor in sales.

While many of the tips we’ve discussed above apply to both service and product-based businesses, there are some specific methods that SaaS companies can use to level-up their sales process. Also check out our complete SaaS sales guide.

Selling cybersecurity software: Our top SaaS sales tips for cybersecurity

If you’re a SaaS company selling a cybersecurity software, you’ll want to keep these specific SaaS sales tips in mind:

Build ideal customer profiles

An ideal customer profile is basically a description of a fictitious company that would be a perfect fit for your product. When you have an ideal customer profile, you can better focus your sales efforts on leads that are more likely to convert.

To build your ideal customer profile, start by analyzing your current top 10 customers. These should be customers that are seeing real success with your product and are aware of the ROI they’re getting from it.

When you have that list of your top 10 customers, look for common attributes that they share. For example:

  • Are they all similarly sized companies?
  • Have they all been in business around the same time?
  • Are they all in a specific industry?
  • What’s the number one reason they all decided to purchase your software?
  • Do they have a similar buying process?
  • What other tools or services are they using?

By asking these questions, you’ll be able to build customer profiles that dig deeper than just common pain points or goals. You’ll have a clearer understanding of what they like about your product, and how your product makes them more successful and safe.

When doing this research, you may start to see distinct profiles emerge. For example, maybe your top 10 customers are split into two specific industries. Or maybe the group is split by two separate goals or reasons for purchase.

If you see two different profiles that are each having equal success with your product, you could create multiple profiles and separate your sales pipelines based on your process for selling to each distinct profile.

Give product demos that sell the value of your product

When preparing for a product demo, remember this: product demos do not equal product training.

The goal is not to show your prospect everything they could possibly do with your product. The goal is to show them why they should care.

By the time you’re going in for a demo, you should already know something about the prospect and the issues they’re trying to solve. So, use the demo to show them how your product solves those problems and benefits their company.

By focusing on the real-world value of your product, you’ll make your product demos more engaging.

Want more tips on giving value-based demos? Download our free book, Product Demos that Sell:



Boost referral sales

Referred leads are almost always higher quality for two reasons:

  1. Since the customers who referred them know both the company and your product, they’re more likely to be a good fit.
  2. Referred leads will enter the sales process with a higher level of trust and a better understanding of what your product can do for them because they were referred by a friend.

That said, you need to work to get those referral leads.

The first step is to make referrals part of every deal you close. Once a customer decides to buy, they’re convinced enough to recommend a friend. So, go right for the ask.

Second, when you ask for the referral, make the process as painless as possible. For example, offer to send them an email template they can use to make the introduction.

Finally, make an extra push for a referral right from the get-go. If a happy new customer is open to giving you a referral but says they’ll think about it and get back to you, then respond with something like this:

Thanks, I appreciate that, and I’m sure down the road we’ll be getting lots of referrals from you. But right now, why don’t we just take a minute and think about one person you know who would really benefit from this.

Maybe they still won’t give you a name right away. But in our experience, 40% of people will give you a referral after the second ask.

Counter the price objection by focusing on benefits

You know the feeling: A prospect looks like they’re just about to say ‘yes’ when instead they say: “But the price is too high.”

When this happens, a prospect may be fishing (or directly asking) for a discount. Or, they may have another reason not to buy hidden inside their price objection.

Either way, you need to shift the focus of the conversation from the price of your product to the value of your product.

To do this, it’s important to ask the right questions. Get your prospects to think about questions such as:

  • What kind of value do you expect to get from this product?
  • How much would it cost you NOT to buy?

For example, let’s say your prospect is a company in the health sector. They need your software to securely store and share documents in a way that complies with government regulations. The cost of not purchasing your security software could include large fines for incompliance, loss of trust from their customers, or even leaked information that could ruin their reputation as a company.

While you don’t want to lead with the fear factor, it’s important at this stage for prospects to understand the possible costs of not purchasing.

On the flip side, the benefits are clear: When they use your security solution, they’ll be able to rest easy knowing that they’re complying with the necessary regulations. They’ll also be able to build trust in their customers by showing they have the right infosec solutions in place to protect their data.

Looking for more tips to sell SaaS like a pro? Download our free book, SaaS Sales for Startup Founders.

Use these cybersecurity sales methods to accelerate your process

Ready to get your cybersecurity sales process off the ground? Do you want to close deals faster and build a high-quality reputation for your brand?

Then, put the methods we’ve discussed into practice. Understand your prospects, their industries, and the different security requirements they have. Use that knowledge to be a security advisor, and show them by actions that they can’t live without your services or product.

Remember to keep their priorities in mind, and ask the right questions to reveal what they really need. Then, be vulnerable: Don’t promise a solution you can’t provide.

Finally, for your cybersecurity sales process to be fully prepared, it’s essential to build it in a place that’s easy to use and easy to scale. That’s why, to truly accelerate your cybersecurity sales process, you’ll need a CRM that fits your business and is ready to grow with you.

Want to start using a CRM that’s easy to learn and fast to get started? A free 14-day trial of Close CRM is waiting for you.

GET STARTED TODAY →