Sales pitch force us to worry about things that are not so important; Change your mindset to win the battle!
“Battle” would not be the right term if we didn’t have a market full of competition to sell cybersecurity products rather than focusing on the right and real way of defense. In other words, focusing of what really cyber criminals are up to, rather than pretending that we are securing our networks!
So let’s admit it is actually like a battle ground when sales guys reach out to you and want to convince you to accept a risk they are anticipating with your business and you have this relation with a dozen of firms out there and literally everyone says: all other products are crap, ours is so and so! And in the meantime, you are in a real unfair battle with cybercriminals where you’ve never been able to catch up.
We do not need to be part of this battle, but it is only possible by changing mindset and direction! I know it is so hard and even scary to go a different direction when all the market trends are pushing you to believe something else. I know it sounds insane to forget about EDR when all pros say it’s a panacea, it scary to uninstall Application control or whitelisting solution from your server. Should you avoid and ignore critical patches? Would it be madness to forget about dual-factor authentication and not having a PAM solution, especially when you have money and human resources to spend on these?
Any solution may or may not fit to your business but cybersecurity is not all about implementing new solutions, what if I tell you that you could still be incredibly secure with the same sort of security products in 90’s?!
The first step to win the battle with both sides of adversaries and sales is just to change the focus from being tools-oriented to rely on techniques, from implementation of new solutions to find the solution natively in your systems. I am not talking about native security tools of any OS necessarily; I am diverting your mind to a totally different world where understanding and picturing your cyber security posture automatically brings the solution with itself!