Managed service providers like BeckTek, of Riverview, New Brunswick, are starting to use dark web scans as a sales tool. ChannelPro’s Mark Smith recently sat down with BeckTek CEO Scott Beck to discuss the do’s and don’ts of the process. This is an edited excerpt of that interview.
ChannelPro: Tell me about how you’re using dark web scans for sales and marketing.
Scott Beck: I’ve started trying to do education. Part of that education is the dark web. We’ve been using the dark web scans as kind of an eye opener.
ChannelPro: Can you give me an example?
Beck: We were talking with [a company and showed them a scan]. They went, “Oh, that’s our [old] HR director.” Turns out she’d been using the same password across everything and, guess what? They hadn’t taken her out of the automated payroll system. They were lucky they didn’t get breached, but that opened up their eyes to the fact that they could have. They realized they needed to tighten some things down with some policies and they needed to do some training. Once your eyes [become] open to the need for security, now we can have a lot better discussions about what [you] need to put in place.
ChannelPro: Is a dark web scan always a slam dunk?
Beck: I’m going to tell you the mistake I made. People didn’t understand what they were looking at. Some of them thought, “How dare you run a scan? You’ve caused this.” I [knew we needed] a different approach.
Now we do use it as part of our sales process, but after we’ve had that meeting [with a prospect], or if we’ve done some marketing and we’ve got someone to raise their hand and come back to us, or if I’m doing a seminar I’ll offer a free dark web scan. Once someone has raised their hand and indicated that they’re interested, dark web has become a very useful tool in that education process. I’ll give an example. One of the largest private insurance firms in our region wanted me to come in and talk to their clients. We had a chat and they said, “Alright, let me think on that.” I said, “Well, listen, while we’re at it, why don’t we see how your company is on the dark web?” They [agreed]. So I ran a dark web scan, and as you can figure, there was a bunch of stuff. I sent that back over to them. Within half an hour he’s back on the phone going, “OK, you’ve got my attention.” They had their own IT department, but [asked], “Can you help us with that?” So we picked up a client directly off that dark web scan.
ChannelPro: Do you run scans ahead of a sales call, or wait until after you’ve met?
Beck: Here’s a little part of the secret sauce. We’ll run the scans in advance. Now, do I bring that report with me right off the bat? No, absolutely not, because it goes back to they haven’t been educated yet so they don’t understand. I mentioned [previously] when I just showed up with a report it became adversarial.
If I run the scan and I know there’s stuff there, obviously I’m going to drive at that during my meetings. I’ll get them to say, “Yeah, I need to know more about that,” and then we’ll provide them with the report. If I know they’re clean, I’m still going to help educate but I won’t drive necessarily as hard in the sales process to run a dark web scan. I may say, “Hey, let’s do a phishing test.” We’ve actually combined those two things, the dark web scan and the phishing test. If we get them on both, it’s always been a slam dunk.