The CISO Stories PodcastSubscribe

Why vendors should stop cold calling CISOs

Returning to the office after taking a few days off, Kevin Morrison said he probably had about 50 voicemails from vendors.

“It was like a cookie-cutter script for these cold calls,” said the managing director and chief information security officer for Alaska Air Group during an episode of the CISO Stories podcast from the Cybersecurity Collaborative and Security Weekly.

Those calls prompted Morrison to post a two-sentence update on LinkedIn: “Guys, there’s a better way to do this,” it said.

The post must’ve struck a chord, Morrison said, because it had about 450,000 views and drew thousands of comments. He said he ended up deleting the post because of some comments that got out of hand. But to be more constructive and try to reduce the friction between sales teams and security teams, he wrote an article about a CISO’s advice on selling. He said it was well received and that sales teams have told him they appreciated the advice. 

“If the sales profession continues to just cold call people, they’re not going to have the results they’re looking for,” he said. “And the CISO who needs various solutions to add value … we’re looking for a strategic partnership, and that’s built by trust. It’s not built by cold calling or the emails now that come through.”

Listen to episode 27 of CISO Stories: "10 Min for a Call? Managing the Security Product Salesperson"

Morrison has spent over 23 years in IT, with over 18 of them in information and cybersecurity, responsible for building and leading teams focused on incident management, operations, DLP, mobility, forensics, compliance, policy, privacy, and business continuity across public and private industries and in highly regulated environments.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.