Partnering with Tech Data – Building or Accelerating Your Security Practice Tracy Holtz Director, Security SBU
techdata.com
The Tech Data Security Opportunity
Tech Data helps partners and customers take a proactive approach to tighten data center security through a combination of technology, services and education to reduce threat risk, speed detection and remediation response time as well as prove compliance.
• • • • •
Verticals Healthcare Retail Entergy Finance Public Sector
• • • •
Services Consultant Managed Assessments Presales
• • • •
Solutions Integrations SOC Cyber Protect Education
• • • • •
Focus Areas Identity & Access Mgmt Security Intelligence EndPoint Security Perimeter Security Data Security
Security Practice Builder Roadmap Kick-off “Partner Engagement for Security Practice Builder” process
1
Based on partner analysis select security area focus and appropriate security suppliers
2
Identify, review and satisfy supplier certification requirements
3
Comptia Security+ (ISC2), CISSP training and certification exam equivalent recommended
4
Sales CyberSecurity Fundamentals training 101,102 ,103 and 200 series
5
Navigate the security market and begin building pipeline with security assessment tools and Recon
6
Account Profiling & customer qualification
7
Partner business review, customers, suppliers, services, vertical and technical competency analysis, roles & responsibilities, goals, expectations and executive sponsor Security Areas: IAM / Perimeter / Endpoint / Web / Data / Application / Advanced Fraud / Security Intelligence / Select “best fit” security suppliers from Tech Data portfolio
Certification: IBM / HPE / Cisco / Check Point / RSA / F5 / Aruba / Vmware / SentinelOne / Fortinet / Symantec / McAfee / Kaspersky / Webroot / … Recommended requirements for expertise and security credibility ExitCertify or Supplier equivalent Tech Data eLearning modules via Knowledge Network or classroom training curriculum Low risk and investment into market with Recon MSSP or leverage Tech Data 5 complimentary and/or 3 paid assessments Each partner sales executive identifies 3-5 customers for detailed security account profiling session with Tech Data security specialist
Security Assessment Offerings - Complimentary
Security Posture • Industry agnostic, ranks security maturity, identify gaps in security capabilities, and positions high value solutions
External Pen Testing • Mimics the action of an actual hacker exploiting weakness of the corporate perimeter
Health & Life Sciences • Benchmark assessment that delivers gap analysis of security capabilities, compliance, and ranks maturity of a healthcare customer
Retail
Public Sector/Education
• Benchmark assessment that delivers gap analysis of security capabilities and compliance, and ranks maturity of a retail customer
• Benchmark assessment that delivers gap analysis of security capabilities and compliance, and ranks maturity of a public sector or education customer
Services, Appl, Data, UTM, SIEM, Fraud
Services, Appl, Data, UTM, SIEM, Fraud
Sell Perimeter (firewall/UTM)
Services, Perimeter, UTM, End Point
Firewall/UTM, End Point
Security Insights Offerings - Paid Web Application Vulnerability Insights • Harden your distributed perimeter by assessing the vulnerabilities and security of your Mobile and Web layers
Vulnerability Insights • Leverage best-in-class scanning toolsets and techniques to identify detailed vulnerability findings, with manual process, verification and contextualization.
Penetration Insights • Find internal weakness. and gaps in your customer’s multi-layered (defense in depth) security. • Identifying exploitable vulnerabilities, and penetrating as far into a customer’s infrastructure as possible, with manual process, verification and contextualization
Sell Services, Perimeter, UTM, End Point
Firewall/UTM, End Point
Services, Appl, Data, UTM, SIEM, Fraud
Managed Security Services to Support SMB to Enterprise
SMB – 250 and Below CyberShark – A robust security and compliance platform, delivered as a service in the cloud. Monitoring performed by security experts at Blackstratus SOC Guided remediation via trouble tickets – no in house security experience needed. Cloud-based monitoring and remediation assistance to protect against advanced cyber threats.
™
Mid-Market to Enterprise Recon – Tech Data’s Managed Security Service, including an on premise collection, correlation and analysis solution with 24x7 cloudbased monitoring and remediation assistance to protect against ✓ Cross-sell with Security advanced cyber threats.
products from Tech Data ✓ Supports hundreds of new and existing security technologies
™
The Tech Data Solution to Cyber Crime is Recon
Managed Security Service, including an on premise collection, correlation and analysis solution with 24x7 cloud-based monitoring and remediation assistance to protect against advanced cyber threats. Benefits to the Partner ✓ Higher margins ✓ Packaged to resell ✓ Tech Data Branded or White Label ✓ Portfolio expansion ✓ Monthly Reoccurring Revenue
✓ Cross-sell with Security products from Tech Data ✓ Supports hundreds of new and existing security technologies
ReconTM Capabilities SECURITY INFO & EVENT MGMT (SIEM) • Log Management • OTX threat data • SIEM Event Correlation • Incident Response
BEHAVIORAL MONITORING • Netflow Analysis • Service Availability Monitoring
ASSET DISCOVERY • Active & Passive Network Scanning • Asset Inventory • Software Inventory
ReconTM Threat Intelligence
INTRUSION DETECTION • Network IDS • Host IDS • File Integrity Monitoring
VULNERABILITY ASSESSMENT • Continuous Vulnerability Monitoring • Authenticated / Unauthenticated Active Scanning • Remediation Verification
TM
How does Recon Work?
•
•
•
•
•
Virtual appliance deployed onsite to monitor security posture Collect data from over 300 common firewalls, IPS, switches/routers, servers, etc. to detect threat Threat alerts forwarded over encrypted link to Tech Data virtual Security Operations Center (vSOC) for investigation SOC Analysts will provide remediation recommendation actions to the customer to resolve security issues. Available in the US
Unified Security Mgmt Appliance
Tech Data MSSP Federation Server
Security & Education SBU • Partners sell Training Credits to customers • Credits are flexible when redeemed… • Local classroom, live-online, self-paced, private course or onsite at customer facility. • Instructors with real-world experience. • Customize a training roadmap and cirriculum to fit your needs.
Security and Networking Curriculum • CompTIA® Security+® • Certified Information Systems Security Professional (CISSP®) • CyberSec First Responder: Threat Detection and Response • IBM Security QRadar SIEM Foundations
Security Practice Builder
What Is Security Practice Builder? •
A foundational way for partners to increase their knowledge and expertise around Data Center Security based on their security journey • Develop and enhance skillsets that enables our partners sales force to sell, deploy, deliver key security solutions and technologies in: • Identity & Access Management • Security Intelligence • End Point • Perimeter • Data & Applications • Help partners expand their capabilities by offering and delivering Services • Assist partners portfolio by partnering with Assessments & Insights to drive new revenue 14. August 2017
Avnet Confidential – Internal Only
Practice Builder Program
Strategy Development
Training & Enablement
• Security area of focus
• Vendor certification roadmap & support
• Business analysis • Vendor selection & solutions mapping • Go-to-market planning
14. August 2017
• Sales training • Technical training • Product & solution demos
Marketing
Services
Sales Execution
• Multi-touch market approach
• Tech Data & vendor services
• Demand creation services: web advertising, branded collateral, appointment setting, social media & events
• Presales delivery, consulting and managed services
• Sales content, battlecards and case studies
Avnet Confidential – Internal Only
• Assessment tools & reports
• Target account planning
• Industry expertise & SME support • Services & technical resource support
Strategy Development A foundational way for our partners to increase their knowledge around Data Center Security
•
Determine security area of focus • Identity & Access Management • Security Intelligence • End Point • Perimeter • Data & Applications • Vendor selection & solution mapping • Analysis
• Go-to-market planning
14. August 2017
Avnet Confidential – Internal Only
Training & Enablement Develop and enhance skillsets on key security areas and technologies
•
Access to KnowledgeNetwork, a collaborative training and enablement community designed exclusively for our partners to access • Self-paced trainings: • “Talk the Talk” Security training modules (101,102, etc.) • Security Awareness and Advanced trainings • Battle cards • Driving Solutions Webinars on various 3rd platform topics 14. August 2017
Avnet Confidential – Internal Only
• University (fee-based attendance) • Tech Data Education courses for internal vendor training or industry certifications • Tech Data Blogs • Attend Industry & Vendor events • Vendor specific technical training and certification • Security Assessments “How to deliver”
Marketing Partners must drive demand for their security services and product sales •
Events and Webinars - leverage Tech Data specialists as guest speakers Marketing Resources and Vendor Lead Generation Programs
• • • •
Appointment setting campaign Multi-touch campaigns Social media
•
Collateral
•
Assessments – used to identify need in a potential customer or as a low cost solution to sell into an account 14. August 2017
• Demos – leverage Tech Data engineers to deliver product demos with your team • Develop customized MOU investment program between Tech Data and the partner
Avnet Confidential – Internal Only
Services Leverage Tech Data Solutions and Services to deploy your Security practice •
• • •
Consulting Services – Tech Data can provide services for IBM, Cisco and other vendors Managed Services – White-label or resell Recon Security Managed Services Presales delivery and support Assessment tools and support
14. August 2017
• Education – resell Tech Data training credits for customers to use with any vendor training in our portfolio • Vendor Solutions • IBM QRadar integration with Sentinel One • IBM BigFix integration with Sentinel One • Cyber Protect – IBM Security products with monthly subscription for public sector
Avnet Confidential – Internal Only
Sales Execution Deliver practice builder plan • • • • • •
Partner certifications and training Targeted account planning (verticals) Solution and vendor portfolio action plan Marketing plan Sales training Agreement to tracking and cadence
14. August 2017
• Develop Cadence and Owners for Managing the Engagement • Services implementation and delivery • Revenue and product growth
Avnet Confidential – Internal Only
MOU for Security Practice Builder For partners investing in building a security practice with Tech Data, a Memorandum of Understanding (MOU) defines the following: Tech Data Investment to assist partner Partner Investment Performance requirements by both parties Service and Solution Discounts Terms of engagement Governance of the program –
Sponsors & Reviews
A sample MOU to be used as a starting point in partner negotiations is available upon request.
Questions?
Customer Success with Recon Summit Partners is a full service IT consulting firm dedicated to building long lasting relationships. You can rely on us as an extension of your IT organization. THE CHALLENGE Summit Partners was looking for a managed security offering to deliver to their customer, Cashman Equipment, to secure and monitor their network. Cashman is the Caterpillar equipment dealer for the state of Nevada.
“We had very cumbersome processes in place,” said Don Erlanger, IT Manager at Cashman Equipment. “Summit Partners consolidated and optimized all our manual processes related to security.”
THE SOLUTION Recon™ is a 24x7x365 unified threat monitoring service offered by Technology Solutions which collects, correlates and analyzes security threats; before they happen.
THE RESULTS Recon™ was able to detect suspicious network activity within an internal application password authentication system, remote access to SQL database, network traffic malware njRAT and an alert to a VPN Software install. Summit Partners worked with the Cashman IT team to determine threats to be false positives. Had Recon™ not been in place these threats may not have been found until it was too late, causing a breach in Cashman’s business.