October 1, 2025 • 10 mins
We're introducing a new series we call: Inside the Win. In this episode, Jason Stein and Trevor Burnside of Telarus delve into the complexities of cybersecurity through a case study involving a software company in the entertainment industry. The client faced significant challenges after a ransomware attack, revealing a lack of dedicated cybersecurity personnel and a robust security framework. The discussion highlights the importance of building trust with clients and staying engaged throughout the deal process, even when initial responses are negative. Ultimately, the conversation emphasizes the need for strategic partnerships and proactive engagement in addressing cybersecurity issues.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Welcome to Inside the Win, We'llbreakdown real world wins,
showing you. Exactly how strategic
partnership with our experts empowers you to tackle your most
ambitious opportunities. With confidence, let's jump in.
Hey everybody, this is the Cybersecurity edition.
With me is Trevor Burnside. Hey, Trevor, how are you?
Hey, Jason, how's it going? What we thought we'd do is give
(00:22):
you, we're going to dissect a deal, one of the deals that came
in that Trevor had the opportunity to work on.
Tell you a little bit about how the deal came in, What were some
of their pain points? What was the customer and
company size and then how did Trevor navigate the
conversation? And then what did we do to win?
And then what were the repercussions after we ended up
winning the deal and, and how the customer may have grown?
(00:43):
So Trevor, with that being said,let's talk about this first
deal. So what industry was this deal
in? How big was their organization?
How big was their IT staff? And then how many were dedicated
to cybersecurity? Yeah.
So this opportunity to the client is a software company and
technology that it really in theend like entertainment industry,
(01:05):
but really software technology based from their offering set
really only a couple 100 users. But because they are a software
company, they had lots and lots of servers.
Their cloud footprint was was substantial.
So at first passing, I think a small company, only 100 or so,
you know, 200 users, but really actually a large footprint.
(01:28):
And then, you know, with actually being a technology
company, the IT staff was only two people and they didn't have
anyone dedicated on that staff for security specifically.
That's crazy. And that's like most of our
customers, they have small IT Staffs and they're trying to
figure out how to navigate this while they're running around
with their hair on fire. So let's talk about the the
(01:50):
issue that the customer came to you with.
So what were the circumstances that the customer got introduced
to the TA, the TA got introducedto you, and how did you end up
starting that conversation? Yeah.
So this customer unfortunately had been hit by ransomware and
pretty significantly to the point that their their whole
environment was locked up and they ended up going and finding
(02:13):
a third party to help broker thethe payment for the ransomware.
So they actually get some of their files back or as much as
they could. And then their cyber insurance
also were kicked in and they brought in a digital forensics
firm to go through help set up some of that initial hardening
of the the environment, but thenalso go through the forensics
(02:33):
and figure out, you know, TAC vector and all that kind of
stuff. So at that point, the digital
forensics organization, which iscommon, put in a bunch of tools
to help, you know, collect all the data that they needed to run
their analysis. But then at a certain point they
leave the customer high and dry and the customer's back to
managing the environment the waythey were post breach and but
(02:54):
this time, you know, afraid to death.
So how do you navigate this conversation?
Customer says I've been breached, I've lost a bunch of
my stuff, I've paid the ransom. You get introduced to a cyber
insurance provider and then do you immediately start to say,
hey, I think you this point solution would be good.
Or did you start to navigate a lot of different conversations?
(03:16):
So it started out as, hey, our digital forensics company, they
put in Carbon Black, which is anendpoint tool on all the
endpoints to collect data and dothe forensics, things like that.
So we still have Carbon Black today.
We don't know how to manage it. We don't, we've never used it
before. We don't, we're not really
certified in it and we don't have anyone on staff dedicated
security anyway, right, to, to what we do with the alerts.
(03:38):
We don't have anyone that our process to, to respond to
alerts. So at first it was, hey, who can
manage Carbon Black and then, you know, slept with essentially
doing MDR with E carbon black asas that tool and then expanded
into OK, you where are you from a security posture perspective,
where you are in your security journey?
And it turns out they really were not very advanced as far as
(04:04):
they didn't have a framework chosen.
And we were going through the questions as far as, hey, are
you using NIST? Are you using CIS benchmarks?
Are you, you know, what is your posture built on?
And they hadn't actually built asecurity posture on any proven
framework, which is part of the reason why they had the issues
that they did with the ransomware.
(04:24):
They didn't have good patching policies.
They didn't have really good security policies in general.
And so we were able to come in and expand that from what would
have been managed detection response all the way to
compliance services to VC, so toreally helping them improve
their security posture from where they were previous to the
(04:46):
breach. That's fascinating.
That's why Trevor's, one of our incredible security experts, got
his master's degree in cyber. So let's let's say.
So this deal had to have been super easy to close.
Once they start talking to you, you expand the conversation.
You make some recommendations onsome suppliers done deal right?
So if if it were only that easy,this opportunity actually
(05:08):
started a long, long time ago and we had gotten involved and
we brought in great suppliers tothe table to answer this that
could do initially what the customer needed and then some.
The interesting thing as, as youknow, customers often do that
they did some window shopping and he actually had a vendor
that he brought to the table that he wanted to consider
Arctic Wolf as as an option to, for what they were looking for.
(05:32):
And in our analysis and gathering the requirements of
what he's asking for, his wish list, his his need to haves, his
want to haves, all those things from the client.
We were able to say from an agnostic perspective, based on
what you're telling us and what your requirements are, I can say
that the vendors that you're looking at are not going to be
able to accomplish what you're looking for.
They're not a good fit and they're not going to be able to
(05:54):
help with some of these other initiatives that you have coming
down in the future. After our engagement, the
customer actually did go with Arctic Wolf and and signed with
them. And so we kind of waited around
and then a couple months later acustomer came back to us after
the fact and signed with E Centire, one of the vendors we
brought to the portfolio becausethey could answer those
(06:14):
requirements like we had said and that we had advised the
customer. So that to me is very
interesting for all the TAS out there, don't take the first no
and stay engaged with the customer cause a lot of times
they make bad decisions. So you can always follow back up
and see how it's going. And they don't realize that
companies like Arctic Wolf are fantastic, but you need to have
(06:36):
a robust team. They're just going to give you
alerts and they're not always going to help and fulfill all
the things that you're looking for.
So let's talk about. So you end up bringing in a
provider, you get back in there and then did the conversation
pivot to other things? I think you mentioned a few of
those things. And then did it expand once we
ended up closing the deal with one of the providers in our
portfolio? Yeah, yeah, good question.
(06:58):
So I think it's a good example really of the sales acumen from
the supplier that we brought to the table as well as the partner
on staying engaged with the client.
You know, not taking, you know, when they had moved on is
staying engaged, be involved, making sure that things were
gone on track. And when they weren't, they were
able to jump in there and reallywin that opportunity back.
(07:22):
Because of that, this customer and the partner actually built a
lot of trust with each other that were the, the, the customer
had a lot of trust in our advisor because they knew that
we had their best interest in mind.
And since then, of course, we'veexpanded with Easton Tire to
selling additional things like pen testing like compliance,
like gap assessments to really help build up their their
(07:42):
posture. But also that customer has
expanded with that advisor to sell into cloud, into other
areas in their business that they could see that they could
help them just because of that trust that they'd built up in
the process. I love that.
So see, cybersecurity is the gift that keeps on giving.
First off, not only does it get you into your your customer, but
(08:03):
then you can land and expand, start talking about other
products that are in the portfolio, other advanced
solutions, but then it grows. It doesn't just have that
initial sale. They end up trusting that
supplier and they end up bringing more.
So Trevor and our engineering resources are so good at making
you look fantastic in front of clients.
So what are what's one thing that you could share with the TA
(08:25):
that you learned on this deal that they could take into their
daily conversations? I think one thing that I learned
from this one is staying. Obviously, like I mentioned,
staying involved when you feel like a door is getting shut or a
windows opportunity is getting shut, there's other windows to
explore, there's other doors to go after in an account.
(08:46):
And it it's still valuable to stay in touch with the customer
and make sure, even if they're working with a vendor that you
didn't bring to the table, understanding how that process
is going. Are they happy?
Are things, are they meeting theexpectations?
Because as soon as they're not, that's really the value of being
that advisor is you can help them guide them to to get the
(09:07):
most out of their investments that they're making and then
building that trust long term. I think cybersecurities
especially the those deals are one on trust and if you have
trust with a client, you're ableto sell cybersecurity, you're
able to expand and sell everything else that we can in
in the portfolio. And I think this is a good
example of that where it wasn't just cyber, it ended up being
(09:29):
cloud, it ended up being other things and the relationships
ongoing. Fantastic, Trevor.
Thank you so much, everybody. Thank you for listening to
Anatomy of a Deal Cybersecurity Edition.
We're excited to launch this series and continue to have more
opportunities that we've won that we can tell you about
that'll hopefully help you win and have other success in the
(09:52):
future as you're looking to talkto your clients about
cybersecurity. Thank you as always, Trevor.
Appreciate it. Yeah.
Appreciate it. Good to see you.
Welcome to Inside the Win, We'llbreakdown real world wins,
showing you. Exactly how strategic
partnership with our experts empowers you to tackle your most
ambitious opportunities. With confidence, let's jump in.
Hey everybody, this is the Cybersecurity edition.
With me is Trevor Burnside. Hey, Trevor, how are you?
Hey, Jason, how's it going? What we thought we'd do is give
(00:22):
you, we're going to dissect a deal, one of the deals that came
in that Trevor had the opportunity to work on.
Tell you a little bit about how the deal came in, What were some
of their pain points? What was the customer and
company size and then how did Trevor navigate the
conversation? And then what did we do to win?
And then what were the repercussions after we ended up
winning the deal and, and how the customer may have grown?
(00:43):
So Trevor, with that being said,let's talk about this first
deal. So what industry was this deal
in? How big was their organization?
How big was their IT staff? And then how many were dedicated
to cybersecurity? Yeah.
So this opportunity to the client is a software company and
technology that it really in theend like entertainment industry,
(01:05):
but really software technology based from their offering set
really only a couple 100 users. But because they are a software
company, they had lots and lots of servers.
Their cloud footprint was was substantial.
So at first passing, I think a small company, only 100 or so,
you know, 200 users, but really actually a large footprint.
(01:28):
And then, you know, with actually being a technology
company, the IT staff was only two people and they didn't have
anyone dedicated on that staff for security specifically.
That's crazy. And that's like most of our
customers, they have small IT Staffs and they're trying to
figure out how to navigate this while they're running around
with their hair on fire. So let's talk about the the
(01:50):
issue that the customer came to you with.
So what were the circumstances that the customer got introduced
to the TA, the TA got introducedto you, and how did you end up
starting that conversation? Yeah.
So this customer unfortunately had been hit by ransomware and
pretty significantly to the point that their their whole
environment was locked up and they ended up going and finding
(02:13):
a third party to help broker thethe payment for the ransomware.
So they actually get some of their files back or as much as
they could. And then their cyber insurance
also were kicked in and they brought in a digital forensics
firm to go through help set up some of that initial hardening
of the the environment, but thenalso go through the forensics
(02:33):
and figure out, you know, TAC vector and all that kind of
stuff. So at that point, the digital
forensics organization, which iscommon, put in a bunch of tools
to help, you know, collect all the data that they needed to run
their analysis. But then at a certain point they
leave the customer high and dry and the customer's back to
managing the environment the waythey were post breach and but
(02:54):
this time, you know, afraid to death.
So how do you navigate this conversation?
Customer says I've been breached, I've lost a bunch of
my stuff, I've paid the ransom. You get introduced to a cyber
insurance provider and then do you immediately start to say,
hey, I think you this point solution would be good.
Or did you start to navigate a lot of different conversations?
(03:16):
So it started out as, hey, our digital forensics company, they
put in Carbon Black, which is anendpoint tool on all the
endpoints to collect data and dothe forensics, things like that.
So we still have Carbon Black today.
We don't know how to manage it. We don't, we've never used it
before. We don't, we're not really
certified in it and we don't have anyone on staff dedicated
security anyway, right, to, to what we do with the alerts.
(03:38):
We don't have anyone that our process to, to respond to
alerts. So at first it was, hey, who can
manage Carbon Black and then, you know, slept with essentially
doing MDR with E carbon black asas that tool and then expanded
into OK, you where are you from a security posture perspective,
where you are in your security journey?
And it turns out they really were not very advanced as far as
(04:04):
they didn't have a framework chosen.
And we were going through the questions as far as, hey, are
you using NIST? Are you using CIS benchmarks?
Are you, you know, what is your posture built on?
And they hadn't actually built asecurity posture on any proven
framework, which is part of the reason why they had the issues
that they did with the ransomware.
(04:24):
They didn't have good patching policies.
They didn't have really good security policies in general.
And so we were able to come in and expand that from what would
have been managed detection response all the way to
compliance services to VC, so toreally helping them improve
their security posture from where they were previous to the
(04:46):
breach. That's fascinating.
That's why Trevor's, one of our incredible security experts, got
his master's degree in cyber. So let's let's say.
So this deal had to have been super easy to close.
Once they start talking to you, you expand the conversation.
You make some recommendations onsome suppliers done deal right?
So if if it were only that easy,this opportunity actually
(05:08):
started a long, long time ago and we had gotten involved and
we brought in great suppliers tothe table to answer this that
could do initially what the customer needed and then some.
The interesting thing as, as youknow, customers often do that
they did some window shopping and he actually had a vendor
that he brought to the table that he wanted to consider
Arctic Wolf as as an option to, for what they were looking for.
(05:32):
And in our analysis and gathering the requirements of
what he's asking for, his wish list, his his need to haves, his
want to haves, all those things from the client.
We were able to say from an agnostic perspective, based on
what you're telling us and what your requirements are, I can say
that the vendors that you're looking at are not going to be
able to accomplish what you're looking for.
They're not a good fit and they're not going to be able to
(05:54):
help with some of these other initiatives that you have coming
down in the future. After our engagement, the
customer actually did go with Arctic Wolf and and signed with
them. And so we kind of waited around
and then a couple months later acustomer came back to us after
the fact and signed with E Centire, one of the vendors we
brought to the portfolio becausethey could answer those
(06:14):
requirements like we had said and that we had advised the
customer. So that to me is very
interesting for all the TAS out there, don't take the first no
and stay engaged with the customer cause a lot of times
they make bad decisions. So you can always follow back up
and see how it's going. And they don't realize that
companies like Arctic Wolf are fantastic, but you need to have
(06:36):
a robust team. They're just going to give you
alerts and they're not always going to help and fulfill all
the things that you're looking for.
So let's talk about. So you end up bringing in a
provider, you get back in there and then did the conversation
pivot to other things? I think you mentioned a few of
those things. And then did it expand once we
ended up closing the deal with one of the providers in our
portfolio? Yeah, yeah, good question.
(06:58):
So I think it's a good example really of the sales acumen from
the supplier that we brought to the table as well as the partner
on staying engaged with the client.
You know, not taking, you know, when they had moved on is
staying engaged, be involved, making sure that things were
gone on track. And when they weren't, they were
able to jump in there and reallywin that opportunity back.
(07:22):
Because of that, this customer and the partner actually built a
lot of trust with each other that were the, the, the customer
had a lot of trust in our advisor because they knew that
we had their best interest in mind.
And since then, of course, we'veexpanded with Easton Tire to
selling additional things like pen testing like compliance,
like gap assessments to really help build up their their
(07:42):
posture. But also that customer has
expanded with that advisor to sell into cloud, into other
areas in their business that they could see that they could
help them just because of that trust that they'd built up in
the process. I love that.
So see, cybersecurity is the gift that keeps on giving.
First off, not only does it get you into your your customer, but
(08:03):
then you can land and expand, start talking about other
products that are in the portfolio, other advanced
solutions, but then it grows. It doesn't just have that
initial sale. They end up trusting that
supplier and they end up bringing more.
So Trevor and our engineering resources are so good at making
you look fantastic in front of clients.
So what are what's one thing that you could share with the TA
(08:25):
that you learned on this deal that they could take into their
daily conversations? I think one thing that I learned
from this one is staying. Obviously, like I mentioned,
staying involved when you feel like a door is getting shut or a
windows opportunity is getting shut, there's other windows to
explore, there's other doors to go after in an account.
(08:46):
And it it's still valuable to stay in touch with the customer
and make sure, even if they're working with a vendor that you
didn't bring to the table, understanding how that process
is going. Are they happy?
Are things, are they meeting theexpectations?
Because as soon as they're not, that's really the value of being
that advisor is you can help them guide them to to get the
(09:07):
most out of their investments that they're making and then
building that trust long term. I think cybersecurities
especially the those deals are one on trust and if you have
trust with a client, you're ableto sell cybersecurity, you're
able to expand and sell everything else that we can in
in the portfolio. And I think this is a good
example of that where it wasn't just cyber, it ended up being
(09:29):
cloud, it ended up being other things and the relationships
ongoing. Fantastic, Trevor.
Thank you so much, everybody. Thank you for listening to
Anatomy of a Deal Cybersecurity Edition.
We're excited to launch this series and continue to have more
opportunities that we've won that we can tell you about
that'll hopefully help you win and have other success in the
(09:52):
future as you're looking to talkto your clients about
cybersecurity. Thank you as always, Trevor.
Appreciate it. Yeah.
Appreciate it. Good to see you.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
My Favorite Murder with Karen Kilgariff and Georgia Hardstark
My Favorite Murder is a true crime comedy podcast hosted by Karen Kilgariff and Georgia Hardstark. Each week, Karen and Georgia share compelling true crimes and hometown stories from friends and listeners. Since MFM launched in January of 2016, Karen and Georgia have shared their lifelong interest in true crime and have covered stories of infamous serial killers like the Night Stalker, mysterious cold cases, captivating cults, incredible survivor stories and important events from history like the Tulsa race massacre of 1921. My Favorite Murder is part of the Exactly Right podcast network that provides a platform for bold, creative voices to bring to life provocative, entertaining and relatable stories for audiences everywhere. The Exactly Right roster of podcasts covers a variety of topics including historic true crime, comedic interviews and news, science, pop culture and more. Podcasts on the network include Buried Bones with Kate Winkler Dawson and Paul Holes, That's Messed Up: An SVU Podcast, This Podcast Will Kill You, Bananas and more.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com