Uncomfortable Observations About Platforms

So What’s Wrong With Platforms Today?

The Requirements for a Platform

  • Focus on outcomes — define what you’re going to deliver to the customer, and be explicit and precise with metrics and KPIs; less focus on selling tasks and hours and more on the outcome of the arrangement (yes, this will take some serious re-structuring because pricing isn’t done this way today at the vendor)
  • Sell capabilities, not tools — this means that you should stop talking about the TOOLS that you’re going to be using to deliver the CAPABILITIES; does the CISO really care if you’re using Carbon Black or SentinelOne or whatever else? No, they don’t. The CISO cares that they’re getting anti-malware, vulnerability scanning, host-based intrusion detection, log storage and analytics… that way you can interchange the tools when the technology needs it, rather than being ‘stuck’
  • Define measurements — your customers wants KPIs, measurements of quality and effectiveness. Carefully define leading and trailing indicators, and provide measurements that will suit the customers desired outcomes. How many tickets you generate is meaningless, but the average time to round-trip a response is critical. Define measurements with your customers, agree to them, and hold yourselves accountable (and hold the customer accountable too!)
  • Smash the P&L barrier — when different groups inside your company have different goals, roadmaps, and leadership needs you will fail. Develop a singular vision of the platform, and make it so that the platform succeeds as a unit, or fails as a unit. Incentivize your leadership to work together, not against each other and structure your sales, marketing, and engineering to accommodate this vision
  • Common data formats — there’s no good reason that we should be exporting data to import it into another system, but to make things easier a common format needs to be developed, or at least pick one of the existing ones and agree upon it. Set aside the ego of who developed it, who maintains it, and whose logo is on it — and do what’s right for the customer
  • Recognize the octopus — in order for security to be successful you have to have access to network, endpoint, identity, data, and context. This means you’ll probably have to make some acquisitions that the “analysts” will question. For example, a data management company buying a forensics company … weird right? Nope, makes total sense.

All That Said…



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rafal Los

Rafal Los

I’m Rafal, and I’m a 20+ year veteran of the Cyber Security and technology space. I tend to think with a wide-angle lens, and am unapologetically no-bullsh*t.