Security Experts:

Better Customer Experience is More Than a "Nice to Have" for Security

Customer Experience (CX) has gone from a buzzword to an imperative in just a few short years. A reported 80 percent of companies responding to Gartner’s marketing leaders survey now say they expect to compete mainly based on CX. Forrester has created a Customer Experience Index by which they measure and rank CX leaders. And there are hundreds of customer experience conferences to choose from every year. 

Typically, when we hear the term “customer experience” we think about our experiences with online and in-store shopping, travel and lodging, Wi-Fi and Internet service, banking, dining, or a new technology gadget or application. But what about IT security solutions? Gartner defines customer experience as the customer’s perceptions and related feelings caused by the one-off and cumulative effect of interactions with a supplier’s employees, systems, channels or products. That certainly sounds pertinent to security – and it is! 

Most security professionals don’t talk much about CX, but it is taking hold in the security industry and it isn’t just a “nice to have.” There is a symbiosis between them. Improved security leads to improved customer experience – and improved customer experience leads to improved security. Here are four key ways. 

1. Simplicity of the solution - Security teams are grappling with anywhere from five to 50+ different security vendors and solutions. These disparate solutions don’t work together and have to be deployed and managed independently – the “single pane of glass” has been elusive. To be effective, solutions need to simple. Most security teams can’t wait months to deploy a solution when attacks are happening now. With a Software-as-a-Service (SaaS) solution you can typically activate a software license and deploy in hours or days versus weeks or months. A single access control screen that includes visualization allows you to monitor, optimize and configure policies across your entire network and dozens of locations, simplifying management while making security policy stronger. SaaS solutions are also easy to scale; you can activate a license to extend security where and when you need it. When solutions are simple to deploy, manage and scale, they’re not only more enjoyable for users to interact with, you can also realize value faster which is part of what defines a great customer experience.

2. Dedicated customer success teams - Customer success managers tasked with driving return on investment are becoming the norm. Advocating on behalf of the customer, they work in close alignment with the sales and service delivery teams to ensure a superior experience. Chartered with understanding customer needs, strategies, operational maturity and business goals, as well as the industry the customer operates in, customer success managers can ensure you maximize value from the solution and achieve your desired business outcomes. They facilitate solutions planning so that deployment happens based on mutual operational readiness. This helps to ensure solutions are adopted and perform as expected – laying the foundation for long-term, mutually beneficial relationships and better security.

3. Integration - In the highly-fragmented security market a best of breed approach has ruled the day. Most organizations now have a patchwork of product platforms from various security companies. These disparate solutions can’t work cohesively and keep pace as business models shift, the attack surface expands, and threats evolve. As I’ve written about before, enterprises are now rethinking how they purchase and deploy security technologies and are actively consolidating their cybersecurity vendors. But to get the operational efficiencies and better protection they seek, they need to do it the right way. An approach that focuses on one-off technical considerations places a heavy development burden on the buyer and often doesn’t align with business initiatives. Security providers that combine knowledge of your business strategy with an architecture that streamlines integration, can do the integration of the acquired technologies on your behalf. They can also bring in custom automation capabilities, so that your multiple best-in-class offerings work in concert to deliver security that is less complex and more effective. For example, something as simple as applying automation to pull data from these different security products and aggregating them into a single, easy to read pane can save a tremendous amount of time and frustration while delivering greater visibility and control.

4. A “solutions” focus - The lines between products and services are blurring. The emphasis is now on solutions that provide customers the capabilities they need in a way that best matches their operational readiness and resource requirements. There are many examples of monitoring and response services combined with tools and technologies to deliver comprehensive solutions: Incident Readiness and Response (IRR), Endpoint Detection and Response (EDR), and Managed Detection and Response (MDR) to name a few. Taking a closer look at IRR, service providers are using technologies like infrastructure analytics platforms, application performance management, and security instrumentation platforms to gain the visibility and automation necessary to lead effective Purple Teaming exercises designed to strengthen defenses and response. In the area of MDR, threat hunting – which requires a wide range of tools and skills – is another great example. Big data platforms, real-time global threat intelligence, and a complement of rules-based, statistical, and machine-learning analytics all help reduce the burden on internal analysts and outsourced experts.

CX is becoming a key driver of success in the security industry, not just for companies that deliver superior customer experiences but – more importantly – for the organizations and security professionals they serve. The nuance and interplay between the two is a powerful proposition.

view counter
Ashley Arbuckle, Cisco’s VP of Security Services, is responsible for the oversight and global delivery of the Cisco portfolio of Advisory, Implementation, and Managed Services, bringing a pragmatic approach to helping Cisco’s clients solve their most complex security challenges. Arbuckle started his career in security consulting at PwC working with Fortune 500 customers. After PwC he joined PepsiCo where he led enterprise security and the strategic planning process for PepsiCo’s IT budget of over $2 billion. He has a BBA in MIS and Accounting from the Rawls College of Business at Texas Tech University, is a CPA, and holds a CISSP and CISM.