I read an interesting article on how as an IT professional, you can sell security and compliance of your internal and external network infrastructure to stakeholders and management. It is all about how you sell it; Sales.
Not everyone wants to hear that they need to spend more on security in their IT infrastructure, however, often it is a topic put down the priority list until there is a security breach at which time it is too late.
One approach to getting buy-in from stakeholders is to say that you have a great idea on how you can increase sales by providing sales or marketing with a tool that will open up the sales process and cause less sales friction.
This tool would simply be a compliance overview that they can bundle up and send off with any sales collateral used to secure a customer. As it is part of the sale process there may not be a need to have a fleshy document scruitinising all aspects of the company’s approach to IT security, but it does create the initial interest and stepping stone into growing focus in the area.
Showing that security is the focus of the company will give that extra edge over any competitors who do not take the same stance or have put their security compliance on the backburner.
It really is a win win.