This is a sponsored post by Cyvatar, Gold Sponsors of FinovateFall 2021. Written by Craig Goodwin & Corey White.
In case you missed it, we’re losing the battle against hacks and breaches. Even though more and more security tools come online every year, personal information and other sensitive data doesn’t get better protected.
We buy more products. We get breached.
We adhere to compliance standards. We get breached.
Why can’t we do better?
Increasingly sophisticated and relentless attacks and high-profile breaches, like the one at Solarwinds, spur the purchase of more and more tools, but companies rarely (if ever) have the right people and processes in place to ensure the tools they purchase are installed–installed and configured correctly–to say nothing of the ongoing assessments, remediation, and maintenance needed to achieve a solid return on their cyber investments.
The industry’s response has long been to build newer, shinier products, knowing that buyers will come; when the technology fails to defend against a breach, managed services providers step in to remediate after the fact and “manage” the customer’s environment against future incursions.
Then a Solarwinds or an Equifax or a Marriott happens.
It’s a vicious cycle–a cycle companies can break by stepping away from traditional notions of ownership (i.e., buying or “owning” a security tool, platform, or solution) and embracing the Membership Economy.
What is the Membership Economy?
The Membership Economy, coined by Robbie Kellman Baxter in 2015, includes any organization whose members — what another company might call customers or clients — have an “ongoing and formal stake” in that organization. The human desire to belong, to be part of a community or affiliated with an exclusive organization, is fulfilled in the Membership Economy, and Netflix is one of its best-known acolytes.
Key components of the Membership Economy include:
- Continually focusing on the needs of members
- Understanding your members’ frustration as well as their satisfaction
- Embracing a willingness to forge new paths to meet member desires or address their concerns–flexibility, innovation, and evolution are all part of this process
- Communicating a strong, clear value proposition
- Investing in the membership experience
Cybersecurity companies, like many technology organizations, still focus on transactional sales. Customers buy a software or services package for a period of time–typically two to three years–and are largely left to fend for themselves until their contract comes up for renewal. Also like other technology deployments, security installations can be complex, costly, and time consuming, often making it difficult for customers to change or add products in their production environments. Even when a customer is unhappy with a product, swapping it out for something new may be more trouble than the customer thinks it’s worth, which leaves little incentive for transaction-driven security companies to foster meaningful innovation in their offerings.
In other words, ownership in cybersecurity is a liability. The thousands–even millions–of dollars organizations spend on tools and platforms tied to those multiyear licensing agreements effectively hold them hostage regardless of product efficacy. In the event of a breach, they’re still stuck in their contract and may even feel the need to buy more tools to bolster their security posture. Security product companies are hamstrung by the model too: Once they create products to deliver their solutions, they become limited by the scope of their own design, for good or ill, and innovation remains stalled.
Groundbreaking innovation through experimentation, development, and even dumb luck has enabled significant economic growth–and has toppled entire organizations that were upended by the thoughtful and rapid advancement of others, as Blockbuster was by Netflix. As the pace of technological change continues to accelerate with force, so too does the cyber attack surface.
Taking the next step
Membership–the Netflix model–is just such a foundational change. It can be every bit as disruptive and transformational to the cybersecurity industry as Netflix itself was to the movie rental and streaming industries. Here’s how.
Subscriptions alone do not a Membership Economy make.
Subscriptions are a good first step. Subscriptions make it easy for members to select the pricing and options that are best for them, and consistent and predictable revenue streams benefit shareholders and users alike. But subscriptions alone do not a Membership Economy make. It’s important that security companies understand the need behind each package they develop so they can grow members into new offerings and ensure value is continuously delivered.
Additionally, the Membership Economy can’t work without high levels of member engagement, which is why Baxter recommends that a good membership program be beneficial for members as well as the company that serves them. Benefits stemming from loyalty create bonds, even emotional connections, between members and the companies they associate with, which in turn create vibrant communities of influencers and evangelists that become a continual source of innovation for Membership Economy organizations. By staying close to your members and active in the communities you share with them, you’re always a part of the feedback loop, enabling you to continue to evolve your offerings to meet member needs.
Cybersecurity-as-a-service, or CSaaS, brings all of these concepts to life. CSaaS is inherently a member-driven model, allowing providers to focus on access rather than ownership. Instead of selling transactional point solutions or fee-for-services to create what we used to call customer “stickiness,” security companies can use the membership model to level the playing field and democratize cybersecurity, making the best protection accessible and affordable for every size organization, even those with no cybersecurity expertise in house.
The CSaaS membership model offers a new, innovative paradigm for successful protection from today’s advanced cyber-attacks by pairing skilled security advisors with proven processes and best-of-breed technologies to deliver guaranteed business outcomes. Importantly, CSaaS handles the heavy lifting associated with evaluating and recommending solutions from more than 4500 security vendors so that members can focus on scaling their businesses without worrying about securing the sensitive data and information that make those businesses successful.
CSaaS also ensures that recommended solutions are installed and configured completely–and correctly–in addition to providing ongoing remediation of cyber threats and vulnerabilities and regular maintenance of security tools. By selling membership rather than ownership in the CSaaS model, members can achieve faster compliance to standards like NIST CSF, SOC 2, PCI, and HIPAA.
The CSaaS membership model is Netflix for cybersecurity: inherent innovation and bespoke solutions at scale. Begin your free CSaaS membership and start your journey to cybersecurity confidence today.
 Baxter, Robbie Kellman. “The Membership Economy: Find Your Superusers, Master the Forever Transaction, and Build Recurring Revenue.” McGraw-Hill Education. 2015, p. 26.