ICPs
What is an ICP?
Ideal customer profile
What are our three brand pillars?
end to end protection, 24x7 managed and a ransomware warranty
What are the 4 authority roles we go after?
C-level, VP, Director and Manager
What are 3 industries we go after?
Manufacturing,
What are our business segments?
Strategic, enterprise, commercial and SLED
What is data exfiltration?
When data is threatened to be leaked onto the dark web.
What is a CISO and what might they be concerned about?
Chief information security officer. Business impacts of ransomware
What are 3 of the 6 components that drive our ICP?
Direct, channel & strategic, incident response, cyber insurance, customer expansion and services.
What is the ransomware gap?
Halcyon sits between your endpoint tools and your immutable backups as the added layer of resilience and recovery. Ransomware attackers are able to bypass endpoint tools and target backups for destruction.
What are some key characteristics of a Director of Cybersecurity?
Owns implementation and day-to-day management of cybersecuritystrategy.
Focused on threat prevention, riskassessment, and incidentresponse.
Bridges tactical security operationswith higher-level strategicinitiatives.
What types of finance companies do we go after?
Finance (mortgage lenders, mid-size banks, credit unions, credit card & trans processing
What makes a customer a good fit for Halcyon?
The company has more than 200 employees, is in finance/manufacturing, retail, healthcare, etc. and understands ransomware is a threat and/or has experienced ransomware.
What are the two problems we solve for and how does that work?
Ransomware is succeedingdespite current securitycontrols, sophisticatedbypasses of endpoint toolsand targeted data encryption+ destruction.
What are two questions you could ask a CISO?
Answers vary
What is a story you could share about the business impacts of ransomware?
- Rover and Land Rover being down for a month and a half halting operations.
- MGM story
What are a few tools that we are better together with and why?
MS Defender, E5, CRWD/S1/Palo Alto Cortex/Sophos (endpoints) we help with the ransomware gap and solve for our two core problems.
Why should a prospect need an added layer of resiliance and recovery even if they have an EDR?
Ransomware attackers are becoming more sophisticated, they are evading endpoint tools with a number of tactics including BYOVD, Living off the land, double extortion, log destruction, backup destruction, etc.
Where EDRs do detection & response, backups do restoration, we do recovery.
What core message would you pitch to a SOC manager and why?
Our ransomware gap and the two problems we solve because they get into the how which is what a SOC manager would care about, as well as 24x7 since they have alert fatigue.
What's an industry you personally might go after as a group and why do you all think there's good opportunity there?
answers vary :)