BSidesSF preview: Selling security without selling your soul

Everybody loves to complain about security vendors, and I’m no exception.

I’m always getting carpet bombed with PR pitches about product releases that don’t really mean much in the grand scheme of things. It’s so bad in the two weeks before RSA that I stop picking up the phone. You could say my office phone becomes a flak hole. No offense, folks. There’s so much FUD and self-evident commentary that I have to filter the PR flow pretty heavily.

Aaron Cohen, managing partner at MAD Security, says the problem extends to the brand of salesmanship used today. He’ll be giving a talk at BSidesSF next week outlining what has gone wrong and what we might be able to do about it.

The talk, “Selling Security Without Selling Your Soul,” is scheduled for 11 a.m. Monday.

I got on the phone with Aaron yesterday for a little preview.

“We don’t need FUD in our industry,” he told me. “It’s the wrong approach. The right approach is to talk about fundamentals.”

He noted how he got an e-mail the other day from a company that boasted of facts, not FUD. The next line was about how tons of search results in 2010 led people to malicious sites.

“Why not sell us on value and return on investment? Don’t scare the crap out of people,” he said.

He’ll show examples of good sales pitches and bad sales pitches, and he’ll present lots of tips for doing it right.

–Bill Brenner