I was asked by a vendor that I’ve worked with to be on a panel at their annual sales meeting. The sales staff wanted to know how to best approach and eventually sell to people like me.
Currently, it seems that sales teams are doing an incredible job of annoying me and a very poor job of selling to me. I know that people in sales and marketing are just trying to do their jobs, but I’ve got a job to do too, and very low on my priority list is helping sales staff make their numbers. My team does buy a lot of stuff, so what is the right way to approach me and others in my role?
Don’t bother with e-mails. If it looks like a sales e-mail, I delete it without reading it. If what shows in the preview bar does catch my eye, it is for the wrong reason. Impassioned pleas for me not to miss this opportunity and increasing annoyance at my failure to reply really annoy me. The single sales approach that sends me over the edge is the suggestion that I’m a moron and have been ripping off my employer by taking my salary. It will say something like, “did you know ransomware is costing companies like yours thousands of dollars?” No kidding. I’ve also seen, “we found a vulnerability in your network, would you like to know what it is?” Only one? Give me a little credit for being competent.
If you send a customized email, at least try to make it accurate. For example, a company that wants me to use them for background checks sent me a customized email saying what a great job they can do for the University of Michigan… wait for it… which I left 2 years ago… wait for it… that was sent to my Penn State email. Yep, those are the people I want doing my background checks.
Don’t cold call. Most of my day is booked. If I do get some desk time, I’m not answering an external or unknown number. My voicemail says, don’t bother leaving a message if you’re not a vendor already work with. Don’t leave a voicemail explaining how you are different, I won’t get 10 seconds into it before I delete it and become annoyed at you for not following instructions.
Don’t send me junk through delivery services. I’ve received SWAG I don’t want and asked my admin to give away without caring who sent it. I once wasted an hour with Federal Express dealing with a package that turned out to be a box of air with a postcard in it. I didn’t think it would take that long, and I couldn’t confirm who it was from until the very end. At that point, I wanted it to be delivered so I knew who I was never going to consider buying from.
Okay, that is what not to do. So how do you introduce your product that is going to revolutionize security? I want to learn about it on my time.
Advertise in podcasts or security webinars. Publish white papers, and don’t require me to register just so that you can annoy me later. I listen and read when I get the chance. During times like those, I’m not reacting and I’m open to learning.
Have a booth or presentation at a conference. Once again, this is when I’m in learning mode. So when I come by your booth, I’m going to look at your signs and see what you do. Make them informative. If I want to learn about it, I’ll ask. Give me an elevator pitch that lets me categorize your product/service and provides a teaser about how you are better than the competition. Don’t tell me you have no competition, that your product revolutionizes security, or that it is magic. Let me come to that conclusion. If I do, there is a good chance we’ll buy it. Tell me it’s magic and I’ll tell you why I think you are a moron. I wouldn’t use this example if it wasn’t real – seriously. When you do have me interested, I’ll want to hear more. Make sure your booth staff know what they are talking about, or can bring me to someone who does. Attractive young people don’t impress me; people who can explain your technology do.
I know I’m difficult to deal with, but I could spend 1-2 hours a day reading/replying to vendor e-mails and listening/replying to vendor calls. That is not a good use of my time. When I’m ready, I’ll listen.
This piece was originally published on LinkedIn by Don Welch, CISO at Penn State University. His extensive IT and security experience includes leadership roles on both the vendor and provider side, as well as 25 years in the U.S. Army, where he attained the rank of Colonel.