Tuesday, July 09, 2024

Why InfoSec Vendors Force Customers to Work with Sales

If you visit practically any enterprise InfoSec vendor’s website and are interested in trying out their products or services without speaking to a sales rep first, good luck — this is rarely allowed. Even just getting pricing info from a vendor without engaging in a sales process is next to impossible. The vast majority require customers to email or fill out an online form, schedule a meeting with a sales rep, sit through a PowerPoint presentation, and THEN they’ll let customers try the product. And all of this happens in a carefully scripted and supervised manner. For many customers, this experience is often frustrating and avoided whenever possible.


I’ve long asked why sales leaders and reps insist on connecting in person with customers before even considering allowing demos or providing pricing. One explanation they give is if trials are allowed without an initial sales meeting, customers will struggle with installation, configuration, or usage and fail to comprehend ‘full’ value. Sales leaders are concerned about potentially losing deals to competitors who require a more hands-on white-glove process. 


As for pricing, sales reps will say if the website reveals pricing upfront and competitor’s websites don’t, customers might get sticker shock and avoid contacting them. This prevents sales reps from having an opportunity to demonstrate the product and justify the value while the customer looks into another solution. For these reasons and others, is supposedly why customers must endure a people-intensive, painstaking, pressured, slow, and frustrating sales process.


While these enterprise sales philosophies may have once made sense in a previous decade, today, they feel antiquated and inferior. For example, we see the sales models of big cloud service providers such as Amazon, Google, and Microsoft. They’re capable of collectively selling hundreds of billions of dollars a year in IT services to the smallest of the small and largest of the large organizations in the world, basically friction-free. At any time, an interested customer can spin up thousands, hundreds of thousands, and even millions of dollars worth of services without ever having to speak to a sales rep or anyone in minutes. Why can’t or why isn’t every InfoSec vendor following their example?


Is the value of today's InfoSec products really too complicated for customers to understand on their own? Are customers really incapable of figuring out how to deploy products without assistance from sales? Does making pricing info readily available actually drive customers away toward competitors? If so, then my contention is we have a serious and industry-wide product deficiency problem on our hands. And every problem is an opportunity to improve.


For the average start-up I’ve worked with, the sales department generally represents 12-18% of the overall company budget. And the marketing department budgets are roughly the same. Marketing spending is an important consideration here because they have to find and push hard to convince customers to engage in a sales-led process rather than just clicking a link. Then, often because a vendor’s sales reps don’t have an existing relationship with a customer needed to get their attention, they’ll rely on the channels (i.e., VARs). For this very reason, many customers prefer to evaluate and buy through one of their ‘trusted partners.’ Tack on another 3-30% of the cost of sales in channel commissions.


All of these sales and marketing costs add up and partially explain why enterprise security products are so expensive. And contribute to why they’re out of the price range of many small and medium businesses (SMBs). In the current model, it’s just not worth a vendor’s time to sell to SMBs unless they engage on their own. Personally, I see a huge opportunity for existing vendors and start-ups alike who successfully solve this problem. 


Imagine for a moment if an InfoSec vendor found a way to cut down this sales and marketing overhead by enabling a self-provisioned sales process, and invested those dollars directly into their product that can [gasp] sell itself! The overall cost of sales goes down, customer satisfaction goes up, deals are done quicker, the vendors become more competitive, and opens up new market opportunities (eg, SMBs). The sales apparatus of the big incumbent security vendors will have a difficult time making such a shift because the entire sales department will resist. Therefore, the advantage goes to the start-ups. And we’re recently just starting to see trends of InfoSec vendors selling through Amazon’s marketplace, for example. I’m hoping this is a trend.


No comments: