Cybersecurity: How to Make Money Doing What Is Right

Alvaka’s Kevin B. McDonald

Cybersecurity and compliance are fertile ground for partner opportunity. But do you understand the difference between these two critical concepts? Partners interested building a cybersecurity and/or compliance practice need to understand the risks/rewards and what they need to do to help clients, and themselves, as they navigate this area.

In his keynote presentation Let’s Talk Cybersecurity – Obligation to Opportunity at the upcoming Channel Evolution Europe, Kevin B. McDonald, HCISPP,  COO and CISO at Alvaka Networks and a cybersecurity analyst, will spotlight some requirements to build today’s cybersecurity defenses. In an interview with Channel Futures, McDonald shed some light on what to expect at his upcoming presentation.

Channel Partners: You say that a client’s cybersecurity and compliance needs are two different things. Please explain.

Kevin McDonald: Compliance is a process of following a generally accepted “list” of minimum actions that are designed to help guide an organization to security. These rules only prescribe classes of policies, procedures and technology required to comply and are generic. Security on the other hand is a changing and customized set of policies, procedures, systems and tools that people implement and maintain to protect and defend information, technology and human assets.

CP: Talk a bit about the opportunity for partners in the world of cybersecurity and compliance.

KM: I have watched as the cybersecurity market exploded. My first work in cyber was offering PC malware scanning software in the 1990’s. I believe there is no category of technology or technology services that can compete with the opportunity in cybersecurity. Compliance is a forced exercise mandating controls that always require some professional effort, technology to implement, and ongoing maintenance and management. There is a massive shortage in capability and an ever-growing threat. As we see more devastating attacks, we will continue to see more dictates requiring even more human and technological solutions … all of which mean potential profit for those who have capability to provide services.

CP: Name a few things that partners must have in place to be successful in cybersecurity and compliance.

KM: You cannot pretend to do security. You need talent, technology and commitment to do the right things and not just what makes you money. Get your own house in order before trying to help others. No one is perfect, but you must get the basics right. Also, tell the truth and don’t exaggerate the benefits of what you propose to do. Provide high-impact solutions first, even if they are not the most profitable.

CP: Name a few areas where partners fall short today when touting cybersecurity and compliance practices — compared to those partners who have successful practices.

KM: Many who are venturing into security are confusing technology sales with security consulting and management. They are more focused on making the technology sale [that they’re authorized to earn a margin on] than truly working to secure a…