Surviving the lions den - how to sell SaaS services to security oriented customers
- 2. About
Information security professional for over 20 years
Working on cloud strategy with the world largest software vendors
Founded Cloud7, Managed Security Services provider (currently
2bsecure cloud services)
Partner at Clarisite – Your customer’s eye view
Partner at FortyCloud – Make your public cloud private
Member of the board at Macshava Tova – Narrowing societal gaps
Certified CCSK instructor for the Cloud Security Alliance.
Co-Chairman of the Board, Cloud Security Alliance, Israeli Chapter
- 18. So, how do we create trust?
1.
Transparency
2.
Competency
- 21. Transparency #2 Security Policy
Security Policy is mandatory, it should contain all
aspects of how you protect your customers data.
- 24. Skill
• Make sure your sales / pre-sales
understand cloud security.
• Understand the standards and
regulation relevant to your sector.
- 25. Skill #2
• Make your security building block
tangible to the customers.
Monitoring and
Incident management
Application Security
Data Security
Infrastructure Security
Data Center Security
- 29. Design
Threat Security Service
Spoofing Authentication
Tampering Digital Signature, Hash
Repudiation Audit Logging
Information
Disclosure
Encryption
Denial of Service Availability
Elevation of
privilege
Authorization
• Integrate security to your
software lifecycle.
• Account for cloud specific
threats.
• Think about separation of
tenants.
• Explore encryption at all layers.
• Think about 3rd party access.
- 30. Governance
• Most security companies simply
don’t know how to do ongoing
operational security.
• If you are guarding banks data,
you need Banks operational
capabilities.
- 32. To wrap things up
Speak your customers lingo
Use good building blocks
Don’t hesitate to be
transparent on your security
controls.
Cloud Security is very much about your
customers market sector.
Be proactive in your security, think
ahead of your customers.
Editor's Notes
- Thank you for inviting me, I am very happy to be here in Athens.
- My name is Moshe Ferber, and I am working with some of the world largest software vendors in order to help them define and achieve their go-to-cloud strategy. I am also very kin on educating about the cloud, so I am helping in creating some of the world cloud security certification.