Use Case
Sumo allows you to get real-time visibility into assets across different ______ environments?
cloud
True or False.
Legacy security tools cannot handle the massive increases in information processed and analyzed in the cloud.
True!
Name 3 titles / personas that would fall under our "Target Audience" for Audit & Compliance (Hint: there are more than 5!)
Security Engineer, IT Engineer, Security Compliance Analyst / Manager, Information Security Compliance Analyst / Manager, Governance Risk & Compliance Analyst / Manager, Chief Compliance Officer, Security Analyst / Manager
Case Study:
Medidata is a great case study to reference when speaking to this type of regulatory compliance framework...
HIPPA
Differentiation:
The prospect says they already have some tools in place to manage their log data. What key advantage does Sumo offer that would entice the prospect into a conversation?
Ingesting log data once in a single cloud-native platform for both observability & security use cases.
Sumo can help you quickly identify and ________ sensitive information.
monitor
As organizations grow and mature, keeping _____ data available in an easily accessible centralized location is an absolute necessity.
log
This persona is often bogged down by these challenges:
- Worries about blind spots or gaps
- Sifting through massive amounts of data
- Alert fatigue
SOC / Security Analyst or Security Engineer
Objection:
The prospect replies "We're already using AWS, which is PCI-certified. I don't see the need for Sumo."
"This is a great validation on AWS security, but doesn’t necessarily mean your organization is meeting all of its PCI requirements. As AWS' 'partner of the year', we hear that a lot and would be happy to explain this further if you're interested in learning more."
"Sumo directly integrates with AWS to give you full visibility into your users’ behavior and data security."
Qualification:
As it relates to compliance, what question should you ask to identify who the DM is?
Who is responsible for governance, risk, and compliance in your organization?
______ is mandated by credit card companies to help ensure the security of credit card transactions in the payments industry.
PCI (Payment card industry)
There are two important categories of compliance. What are they?
'Regulatory compliance' and 'Internal security controls'
* "The biggest difference between regulatory compliance and security controls is that regulatory compliance mainly relates to standards set by third-party organizations and enforcement bodies. In contrast, security controls are developed, implemented and enforced internally."
True or False.
As it relates to regulatory compliance, a typical 'IT Ops' persona is responsible for:
1. Collecting & analyzing critical security logs to detect & prevent breaches
2. Managing security posture
3. Implementing compliance frameworks
False!
IT Ops typically is responsible for:
1. Supporting business infrastructure reliability
2. Optimizing performance & infrastructure costs
3. May be responsible for security & compliance
Case Study:
This DACH-based cybersecurity awareness company achieved GDPR compliance thanks to Sumo.
"A big differentiator was the platform’s extensive SIEM capabilities to support our security and GDPR compliance requirements" - SOC Lead at this company
SoSafe
Differentiation:
Our pricing model is a key differentiator of Sumo. Fill in the blank:
Flexible ______ _____ eliminates on-demand charges.
cloud economics
Pre-built searches and dashboards that demonstrate continuous PCI compliance ultimately help shorten _____ cycles.
* the average audit cycle is ~3mo in length; and can cost upwards of $10k
There are numerous types of 'audit activities' can be monitored with Sumo Logic such as...name 3 examples.(Hint: there are more than 15!)
- Account Password Changes
- Unauthorized Logins
- Login Failures
- New Login and Access Events
- Malware Detection
- Malware Attacks by IPS
- Network Port Scans
- Denial of Service Attacks
- Network Device Errors
- Critical System Errors
- File Name Changes
- File Integrity Changes
- Data Exfiltration
- New Process Started, Running, or Stopped
- Shared Access Events
- Disconnected Events
- New Service Installation
- File Auditing
- New User Account Creation
Explain the impact of the current 'cybersecurity skills shortage' for a CISO or SOC Manager. (Hint: Think about today's job market)
The technical aptitude required for a cybersecurity professional adds to the existing challenge of hiring in difficult talent landscape. This poses risks for the CISO or SOC Manager in a few ways:
- They can't hire their way out of a potential issue
- They need to ramp new employees as quickly as possible (think backfilling a position)
- Current SMEs become a liability for the org (imagine if someone leaves)
Objection:
The prospect declines your offer and says, "Splunk provides adequate data security and certifications."
How should you respond?
"Yes but, they charge extra for basic security features like encryption-at-rest. And all security attestations (including PCI and HIPAA) come at an additional charge too."
"Curious what your experience dealing with this has been like?"
"I know a lot of companies are pulling back on spending, so this feels like an easy opportunity to save."
Qualification:
You just asked the prospect, "How many audits do you conduct?". What is a possible follow up question you could ask related to audits?
- How much time is spent on audits?
- How many people are involved in your audit cycles?
Other than PCI, name 3 additional regulatory frameworks that Sumo helps customers stay compliant with
GDPR, CMMC, HIPAA, ISO 27001, NIST, FEDRAMP, AICPA SOC 2
* do you know what all of these stand for?
Fill in the blank.
Gartner predicts that by 2026, __% of organizations will adopt a digital transformation model predicated on cloud as the fundamental underlying platform.
Cloud computing is driving the next phase of digital business, as organizations pursue disruption through emerging technologies like generative artificial intelligence (AI), _____ and the metaverse.
75%
Web3
*Web3 definition: "Web 3.0, or Web3, is a set of values and technical applications that define a new era of the World Wide Web. Prime Web 3.0 examples include ubiquity, decentralization, artificial intelligence, blockchain, and connectivity."
"How much time is spent on audits?" is most appropriate for which of the following? Economic Buyer or Practitioner?
Trick question. This could be relevant to both an EB or Practitioner. The EB will likely care about time spent on audits, as this relates to cost optimization and strategic planning. The Practitioner would also care, since they are the ones who 'live & breathe' in the tools related to the audit.
Case Study:
Why Partner with Sumo?
What are 3 statistics you should leverage when speaking to this?
1. 404% ROI
2. 95% reduction in onboarding time (60 -> 3 days)
- Allows them to start billing customer sooner
- Reduces workload on SOC team
3. $2.5M software licensing savings from 'tool consolidation'
Qualification:
You just asked the prospect, "What tools and processes are you currently using to demonstrate regulatory compliance?". What are a few reasons this is an important question to ask?
- to understand if they are using a competitor
- to understand how many tools they are using (think tool consolidation play)
- getting a sense if they even have a process (think about their org maturity)
"Goal is to understand what regulations they’re beholder to (e.g., PCI, HIPAA, GDPR, etc.) and how they’re doing it today. Listen for the pain of complexity, takes too much time to prepare for audits, and thus their QSA audits are expensive. Also, discover their data retention/storage requirements (90 days? 365 days? 3 years?)"