You’re “rebuying” technology services every year. Make them earn it.

Bridging Main Image.jpg

Welcome to the latest edition of Bridging the Cyber Divide, where we provide technical professionals in small-to-medium sized organizations the know-how to answer the tough questions they may get when attempting to introduce advanced security solutions.

Most SMBs, by their very nature, must keep budget in mind when evaluating these solutions. With the new year arriving, organizations should be prepared for unwelcome news: price increases from their technology vendors.

You should look at it like this: every year, these vendors are effectively asking you to “rebuy” their services and usually that doesn’t happen at a discount.

Get great posts like this delivered to your inbox weekly. Subscribe to Cyber Resilience Insights today.

It's important to ask questions about what you’re getting from your money. There are questions you should ask amongst both your technical teams and your financial team when you get that new bill from your security vendor.

Questioning Your Security Services

These are the types of things you want to ask when those price increases kick in:

  • How has the integrity of the service been?

This should be a typical question to ask when you might see a price increase: is the security solution providing the security we need? Does it stand up when we need it? Does it experience downtime and is it a pain to manage? Or does it just work?

  • What scale and efficacy does the service provide us?

Particularly with on-premises solutions, you may be paying a premium for services that don’t scale or provide the most efficacy for you. Be critical of those solutions and what they’re doing for you. As your business grows, are they prepared to grow with you?

  • How has our support been since the last price increase?

If you have questions, or if something goes wrong, how quickly can your day-to-day IT staff get the answers they need? Has the vendor added any kind of new services to improve their capabilities in this regard?

  • Are we getting new features?

What are we actually getting for the increased money we’re going to have to spend? Does the vendor provide us with cutting-edge, state-of-the-art features? Especially when it comes to security, you want the best you can get to keep attacks out. And given the changing nature of attacks in the cybersecurity world, you need all the help you can get to stay ahead.

  • Are our SLAs improving?

Similar to the other questions around support and service integrity, the SLAs you have with your vendor should be part of the evaluation once you see a price increase. If you haven’t seen them improve, or if there isn’t a new SLA from the vendor that improves on what you have, consider that a large red flag.

Make Your Security Vendors Earn It

So, after having these discussions internally, if it becomes clear that the price increases aren’t warranted due to some stagnation or even degradation of what you’ve been getting, you shouldn’t hesitate to bring these questions directly to the vendor.

Think back to the idea of “rebuying” services. If you sit back, renew and don’t make the vendor justify their business every year by advancing capabilities, not jacking up prices, keeping up with latest threats and providing great service, then find someone who will. 

Make your providers earn your money every year and demand higher and higher levels of capabilities, services and outcomes. If you aren’t getting that, don’t passively renew. You won’t be maximizing your precious budget to best leverage the money you do have. 

We understand that the vendor evaluation process can be long and difficult on top of everything else you must do every day. But these hikes in renewal prices are made with the assumption that you, the buyer, aren’t motivated enough to opt out and see what else is out there. Don’t fall into that trap.

The people you work for expect a lot from you and for you to earn it, every year. Make your vendors do the same.

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

How Do You Roll Out a Threat Intelligence Program?

You can do this. When you think of impl…

You can do this. When you think of implementing a cyber thr… Read More >

Malcolm Harkins

by Malcolm Harkins

Chief Security and Trust Officer, Cylance Inc

Posted Jan 18, 2019

Why Employees Habits are Cyber Risks

Why awareness training should be part of…

Why awareness training should be part of every cyber resilie… Read More >

Joshua Douglas

by Joshua Douglas

VP, Threat Intelligence

Posted Jan 01, 2019

‘Tis the Season for Hacking – Bridging the Cyber Divide

No user awareness training? Prepare for …

No user awareness training? Prepare for coal in your stockin… Read More >

Ed Jennings

by Ed Jennings

Chief Operating Officer

Posted Dec 17, 2018