; Certified Vericept Solutions Architect “CVSA” Sales Certification Training
Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out
Your Federal Quarterly Tax Payments are due April 15th Get Help Now >>

Certified Vericept Solutions Architect “CVSA” Sales Certification Training

VIEWS: 43 PAGES: 113

Medical Sales Training Denver document sample

More Info
  • pg 1
									                   Certified Vericept Solutions Architect

                                 “CVSA” Sales
                        Certification Training



                                                     Ken Totura
                                           Vericept Corporation


www.vericept.com                                       4Q 2004
Why We Are Here Today


   Incredibly Unique Product Means You -
    •   Differentiate Yourself From Your Competitors
    •   Build Trusted Relationships at the CxO Level
    •   Earn Huge Margins
    •   Solve Real Business Problems
What Keeps a CxO Up At Night?

 •   Board of Directors
 •   Chief Executive Officer
 •   President – Chief Operating Officer
 •   Chief Financial Officer
 •   Chief Information Security Officer
     (Compliance Officer)
 •   Chief Information Officer
 •   VP of Sales
 •   VP of Marketing
 •   VP of Legal
 •   VP of Human Resources
Agenda
• The “Problem” and “Solution”

• Business Risk Drivers

• Introducing Vericept Corporation

• Vericept Products are Called Solutions

• The Science of Selling Vericept

• Action Plan for Mutual Success

 Certified Vericept Solution Architect – Congratulations!
Section I: THE PROBLEM and
now there is a SOLUTION



                    Vericept
  Protecting your Information and Reputation
Would You Immediately Know If…
  • A trusted employee pasted confidential acquisition
    information into a webmail message and sent it to your
    competitor?

  • An employee downloaded hacker tools to their work
    computer with the intention of stealing your customer’s
    private data?

  • An employee posted your confidential executive
    communications or financial data on
    www.internalmemos.com or some other internet posting site
    like Yahoo Finance?

  • An employee is using a P2P client and is inadvertently
    exposing your proprietary information to millions of other P2P
    users?
The Problem
Lack of EFFECTIVE VISIBILITY to confidential and inappropriate content
flowing across the network. The risk and results can be significant:
  1. Information Loss
      • Company: Intellectual Property, R&D, Customer Lists, source code…Corp. Espionage
      • Customer Information: SSN, credit card number, mother’s maiden name…ID Theft

  2. Non-Compliance
      • GLBA, HIPAA, CA 1386: protecting customer privacy
      • Sarbanes-Oxley: protecting investors, corporate ethical responsibility

  3. Abuse of Internet Usage
      • Productivity: employees and contractors surfing the web for hours and hours
      • Legal Liability: sexual harassment, workplace violence, wrongful termination

  4. Insider IT System Mischief/Hacking
      • Sabotage and Hacking: viruses, worms, exploits
      • (leading to) Theft: keyloggers, unauthorized access
      • System Downtime: troubleshooting and fixing problems
Where is the Exposure and Risk?
 Email and Web-based mail

 Instant Messaging

 Internet Postings
                                            hacking tools
                                                            SOURCE CODE
 •FTP

 •Peer-to-Peer ( i.e. KaZaA and Limewire)

 •Chat rooms

 •Attachments

 •Web
                   Vericept’s Intelligence Platform


Information                                          Regulation
                   Acceptable      Preventive        Compliance       Custom
Privacy and                                           Manager
                      Use           Security                          Search
Compliance                                               HIPAA
                                                                    Parameters
                    Manager         Manager
  Manager                                                GLBA
                                                        CA 1386




        Filter
                                Intelligent Content Analysis
     Intelligent
       Traffic                    Data-in-Motion | Data-at-Rest
     Controller
       prototype
                                                Monitoring Engine
    Blocking Solutions
Vericept Solutions – Composition by Category
     Information                     Acceptable                    Preventive
      Privacy and                       Use                         Security
      Compliance                      Manager                       Manager
    Manager (IPCM)                     (AUM)                         (PSM)

         Structured Data             Unstructured Data               Structured and
CA Driver’s License            Adult                               Unstructured Data
Credit Card Number             Conflict                     Hacker Research
Protected Health Information   Gambling                     Impending Threats
Personal Information           Games                        Preparation for Attack
Social Security Number         Racism                       Suspicious Activity
                               Shopping                     Unauthorized Access Attempts
       Unstructured Data       Sports
Confidential                   Substance Abuse
Disgruntled                    Trading
Information Hiding Research    Violent Acts
Mergers & Acquisitions         Weapons
Resignation                    Peer-to-Peer File Research


      Capture All Instances         Capture All Instances
IM & Chat                      IM & Chat
Mailing Lists                  Mailing Lists
Peer-to-peer File Share        Peer-to-peer File Share
Postings                       Postings
Webmail                        Webmail
Vericept Solutions – Composition by Category
         Regulation                      Acceptable
         Compliance                    Use Manager -                         Custom
          Manager*                       Education                           Solution
           (RCM)                          (AUMe)                         (this is available though
                                                                         not a standard offering)

                                            Unstructured Data
        1. RCM CA 1386              Adult
         Structured Data                                                 8 Categories Total:
                                    Conflict
 CA Driver’s License                Gambling
 Credit Card Number                                               7 Vericept Categories
                                    Games
 Personal Information                                             1 Premium Vericept Category
                                    Gangs
 Social Security Number             Plagiarism
                                    Racism
        2. RCM HIPAA                Shopping
        Structured Data             Sports
Protected Health Information        Substance Abuse
Social Security Number              Trading
                                    Violent Acts
                                    Weapons
        3. RCM GLBA                 Peer-to-Peer File Research
        Structured Data             Hacker Research
Credit Card Number
Personal Information                      Capture All Instances
Social Security Number              IM & Chat
                                    Mailing Lists
  *These contain only the minimum   Peer-to-peer File Share
  categories necessary to comply
                                    Postings
                                    Webmail
Enterprise Risk Management
     Through Intelligent Content Monitoring
The Advantage: Contextual Linguistics Analysis
•   Goes far beyond keyword searches by “reading” content and understanding the
    context of the communication
     – Can catch the more “subtle” risky communication that other technologies miss
•   Almost 60 predefined categories leverage the intelligence platform, flag and
    classify various types of content traveling into, out of and across a network
     – Works immediately out of the box, requiring no lengthy data definition exercises or
       expensive development efforts
•   How it works:
     – Content – looks at the text of the communication, effectively “reading it”
     – Context – looks at the communication format to “understand” the meaning of the text
     – Structure – looks at the communication type, whether it’s email, a web page, chat, etc.

The Advantage: Custom Search Parameters
•   Leverages Vericept’s Extended Regular Expressions which have been
    optimized by Vericept Labs
•   Combines power of intelligence with keyword driven matches to enable more
    effective identification of risks to an enterprise
Full Content Capture with Identity Match
    Delivering unparalleled visibility, “proof positive evidence”
                                                         Real customer examples,
                                                          sensitive data has been
                                                               “anonymized”




Email attachment with
list of names, SSNs & DOBs                      Employee web searching for
                                                “cloaking” / log wiping program
Vericept’s Unique Approach is the Solution
Intelligent Content Monitoring, Analysis and Reporting

• Passively monitors the content of ALL internet traffic
    - Includes web, web-mail, email, chat, instant messaging, peer-to-peer file
      sharing, telnet, ftp, postings and more...
• Intelligently analyzes and identifies ONLY the pertinent content at risk
• Provides detailed content capture, “proof-positive evidence”
• Identity Match: ties inappropriate activity and content to the user
• Provides detailed information delivery and reporting
• Ability to perform same intelligent analysis on stored data
Vericept Value and Benefits

   Prevents Information Loss, Identity Theft and Corporate Espionage
   Enables regulatory compliance
         - Sarbanes Oxley              - CA SB 1386
         - GLBA                        - HIPAA
   Reduces liability associated with inappropriate use
   Identifies rogue protocol usage
   Stops unproductive and unethical internet use
   Provides never before seen visibility to enterprise risk
   Compelling ROI and low TCO
   Protects Brand, Reputation and Information
Section II: BUSINESS RISK DRIVERS



                    Vericept
  Protecting Your Information and Reputation
                            Externally
Enterprise Risk          Driven Policies:
                         Compliance &
 Management               Regulation

                     M   A          C       R
                     o   n          a       e
                     n   a          p       p
                     i   l          t       o
                         y          u       r
                     t
                         z          r       t
                     o
                         e          e
                     r
     Internally                                   Internally
  Driven Policies:       Manage                 Driven Policies:
  Acceptable Use                                 Information
                                                   Controls
Vericept Drivers
Internally Driven Policies: Information Controls

•   Executive communications
•   Marketing plans
•   Merger and Acquisition activity
•   Research and development
•   Patents and trade secrets
•   Customer lists
•   Employee information (SSN,
    compensation…)
•   …and the list goes on…
Vericept Drivers
Internally Driven Policies: Acceptable Use
•   Internet use
•   Corporate email use
•   Instant Messaging use
•   Peer-to-Peer use
•   Appropriate content (or inappropriate)
•   Safe work or school environments (free
    from violence, hostility and
    harassment)
Vericept Drivers
Externally Driven Policies: Compliance

• Healthcare Security – HIPAA Security
  Rule
• Gramm-Leach-Bliley
• Sarbanes-Oxley
• California Senate Bill 1386
• USA Patriot Act
• Children’s Internet Protection Act
 Over 300 pieces of pending Privacy
  legislation
   Health Insurance Portability &
          Accountability Act
               HIPAA

                  Vericept
Protecting Your Information and Reputation
Health Insurance Portability & Accountability Act of 1996

   • SEC. 261. PURPOSE.
     It is the purpose of this subtitle to improve the Medicare
     program under title XVIII of the Social Security Act, the
     medicaid program under title XIX of such Act, and the
     efficiency and effectiveness of the health care system,
     by encouraging the development of a health
     information system through the establishment of
     standards and requirements for the electronic
     transmission of certain health information.
    HIPAA – The Five Basic Principles
•   Consumer Control: The regulation provides consumers with critical new
    rights to control the release of their medical information.

•   Boundaries: With few exceptions, an individual's health care information
    should be used for health purposes only, including treatment and payment.

•   Accountability: Under HIPAA, for the first time, there will be specific federal
    penalties if a patient's right to privacy is violated.

•   Public Responsibility: The new standards reflect the need to balance
    privacy protections with the public responsibility to support such national
    priorities as protecting public health, conducting medical research, improving
    the quality of care, and fighting health care fraud and abuse.

•   Security: It is the responsibility of organizations that are entrusted with
    health information to protect it against deliberate or inadvertent misuse or
    disclosure.
Customer Feedback
   “Vericept’s Health Information Protection behaves much like a
   linguistic firewall, identifying unauthorized communication of
   PHI. It is helpful to be able to alert our staff to actions that could be
   deemed in violation of the new privacy rules and our Appropriate Use
   Policy. Our patients deserve the best care we can provide, including
   respect for their privacy.”
                                                              - Dave McClain
                                        Information Systems Security Manager
                                                   Community Health Network

   “Vericept has consistently met my expectations and in many
   cases exceeded them. The install was effortless and generally just
   sits there and does its job. I would highly recommend it to
   anyone who has a need for protecting both network assets
   and confidential information.”
                                                               -Jason Herren
                                               Network Security Administrator
                                                              Source Medical
Leadership Validation

    “Vericept's Information Protection Solution focuses on
    inappropriate content and prevents it from being
    communicated through the vast array of Internet
    communication vehicles available to most employees.

    The significant risks associated with webmail, IM and P2P
    applications, combined with the mounting pressure to
    secure the privacy of patient information, can make
    Vericept’s solution a robust fit for Healthcare organizations.”

                                                   - Brian Burke
            Sarbanes Oxley


                  Vericept
Protecting Your Information and Reputation
Sarbanes-Oxley Requirements

Antifraud programs and controls
  • Fraud risk assessment (Section 103)
      – Actions to identify, prevent and mitigate fraudulent financial reporting or misuse of
        company assets
      – Revenue recognition, pricing discussions


CEO and CFO certification
  • Disclosure of controls and procedures (Section 302)
      – Ensure material information is made known to them
      – Evaluated effectiveness of disclosure controls and procedures
      – Disclosed to audit committee and independent auditors any significant control
        deficiencies, material weaknesses and actos of fraud involving management or
        other employees
Sarbanes-Oxley Requirements

Management’s Annual Assessment Report
  • Assessment of Internal Controls over Financial Reporting (Section 404)
      – Statement Management is responsible for establishing and maintaining controls
      – Disclosure of any material weakness in system of internal controls
      – Independent Auditor’s attestation report on management’s assessment of internal
        controls

Code of Conduct and Ethics
  • Ensuring adherence to Code (Section 406)
      – Existence does not address effectiveness
      – Should address: conflicts of interest, confidentiality of information, proper use of
        assets, RPT, illegal acts and compliance with laws and regulations
      – E-mail is a common communication method
Vericept Enabling Sarbanes-Oxley Compliance

 Managing and Strengthening Internal Controls
 •   Provides a continuous monitoring mechanism to satisfy and enforce
     Internal Control requirements
        Information – financial and proprietary
        Ethical and Conduct Codes
        Communication paths
        Data-in-Motion and Data-at-Rest


 •   Specifically addresses 103, 302, 404 and 406
Actual Examples
  Case No. 1. Potential Insider Tipping
  Just prior to a Company’s earnings announcement (but luckily after the close of trading), a Sales
  Employee contacts a third party by email and indicates that the Company will have a great quarter
  and that the third party should buy stock. The Company’s policy as well as federal law prohibits
  such activity. The email is retrieved using Vericept along with other emails and the employee is
  dismissed. Employee does not bring a wrongful termination lawsuit.


  Case No. 2. Posting of Confidential Company Information on the Internet
  Highly confidential Product roadmap information is posted on a message board on the internet.
  Given the information, the Company believes that someone in an Engineering lab may be posting
  the information or providing a third party with the information. The Company conducts an
  investigation and immediately communicates to all employees a new email policy noting that any
  email communications are not subject to privacy. Management describes to the employees Vericept
  as a tool being utilized. No similar internet postings have occurred since the communication of the
  policy and the use of Vericept.


   Case No. 3. Revenue Recognition Reviews
  A non-material software sales transaction is identified early in the quarter close procedures as
  potentially not meeting the revenue recognition rules. Vericept is utilized to find the email trail that
  cleared the transaction.
How a prominent customer is using Vericept for SOX…
      Guide to Ethical Conduct                           Vericept Category
Equal Employment                              Racism

Harassment – Free Workplace                   Adult, Conflict, Violent Acts, Racism

Substance – Free Workplace                    Substance Abuse                                       “I am complying
Health, Safety and the Environment            Weapons, Conflict                                     with 50% of my
Political Activities                          Custom Search Parameters
                                                                                                    Ethical Code of
Conflicts of Interest                         Custom Search Parameters
                                                                                                    Conduct by using
Fraud                                         Custom Search Parameters

Antitrust                                     Custom Search Parameters
                                                                                                    Vericept as an
Proprietary and Confidential Information      Confidential, Mailing Lists, Disgruntled Employees,
                                                                                                    internal
                                              M&A, Personal Information, Social Security
                                              Numbers, Extended Regular Expressions, Non-
                                                                                                    monitoring
                                              public Personal Information, Personal Health
                                              Information, Custom Search Parameters
                                                                                                    control”
                                                                                                            -Sr. Corporate
Inside Information and Trading Company        Confidential, M&A, Custom Search Parameters
Securities
                                                                                                      Governance Officer,
                                                                                                     Global Conglomerate
The Media and Financial Community             M&A, Postings, IM & Chat, Web-mail, Custom
                                              Search Parameters

E-mail, the Internet and the Use of Company   IM & Chat, Sports, Shopping, Trading, Games,
Property                                      Confidential, Extended Regular Expressions,
                                              Racism, Web-mail, Postings, P2P Research, P2P
                                              File Sharing, Adult
       Gramm-Leach-Bliley Act
             (GLBA)


                  Vericept
Protecting Your Information and Reputation
Gramm-Leach-Bliley: 3 Primary Objectives

  1. Ensure the security and confidentiality of customer
     records and information

  2. Protect against any anticipated threats or hazards to
     the security or integrity of such records

  3. Protect against unauthorized access to or use of such
     records or information which could result in
     substantial harm or inconvenience to any customer
New Guidance Issued January, 2003

  •   New guidance expanded GLBA
  •   Federal Financial Institutions Examination Council (i.e. the Bank
      Examiners)
  •   Requires banks to take specific action to:
      -   Identify and manage risks
      -   Test risk management practices
      -   Monitor environment to control risk continuously
  •   Five part framework to Information Security Management
Five Part Framework Includes:


  1.   Information Security Risk Assessment

  2.   Information Security Strategy

  3.   Security Controls Implemented

  4.   Security Tested

  5.   Continuous Monitoring and Updating
GLBA Examination and Enforcement
  Examinations
     •   Tier I
         -   Assess process for identifying and monitoring Eight Objectives
     •   Tier II
         -   Only when warranted after Tier I exam
         -   Generally take much longer


  Enforcement
     •   Corrective action to enforcement action with penalty fines
How Vericept Enables GLBA Compliance
FFIEC Handbook Safeguards
Risk Assessment:
 Continuous, formal process


Security Controls Implementation:
 Controls to protect against malicious code
 Personnel security / authorized use
 Logging and data collection


Monitoring and Updating:
 Continuously analyze threats
 Monitor for technical vulnerabilities

*Note: Vericept developed the GLBA solution with co-author
 Paul Reymann to specifically enable compliance
GLBA Co-Author Validation
    "Vericept's Information Privacy and Compliance Manager
    solution identifies and manages risks, tests risk management
    practices and monitors to control risks. Vericept's
    comprehensive monitoring approach enables financial
    institutions to comply with regulations and to protect against
    internal information leakage.“

                                                              Paul Reymann
                                                   CEO, ReymannGroup Inc.
                     Co-author of Section 501 of the Gramm-Leach-Bliley Act
                                                  Data Protection Regulation
               California
            Senate Bill 1386


                  Vericept
Protecting Your Information and Reputation
CA SB 1386 Requirements
 What it is
 •   As of July 1, 2003, state mandate requiring public disclosure of
     computer-security breaches in which confidential information of ANY
     California resident MAY have been compromised

 Who is affected
 •   The law covers every enterprise, public or private, doing business with
     California residents.

 •   "Personal Information" means an individual's first name or first
     initial and last name in combination with any one or more of the
     following non-encrypted data elements
      - Social Security Number
      - California Driver's License Number or California Identification Card Number
      - Account number, credit or debit card number, in combo with security code,
        access code, or password that would permit access to an individual's
        financial account
CA SB 1386 Requirements

 Mandated Action
  Companies must warn California customers of security holes in their
   corporate computer networks
  When a business discovers that confidentiality has or may have been
   breached it must notify the customers
  If the business is unsure which customers have been affected, it must
   notify ALL customers of the breach. Obviously this is both an expensive
   and embarrassing event.

  Impact
  • Burden is on to notify any, and all possible, effected consumers. If
    you can’t identify which ones, you must go public
  • Significant CMP’s (civil money penalties) are at risk
Applicable CA SB 1386 Categories – across all protocols
  • Personal Information
    Detects communications of unencrypted personal information such as
    home addresses, mother’s maiden name, date of birth, account numbers,
    phone numbers, wiring information, security codes, access code or
    password that would allow access to an individual's financial account, etc

  • Social Security Number
    Detects communications containing social security numbers

  • Credit Card Number
    This category will capture transmission of credit or debit card numbers, in
    combination with any required expiry date, security code, access code, or
    password that would permit access to an individual's financial account.

  • CA Driver’s Licenses
    This category will capture transmission of California driver's license
    number or California Identification Card.
       Fraud and Identity Theft



                  Vericept
Protecting Your Information and Reputation
Fraud and Identity Theft: Real, Growing Problems
Identity theft is one of the most damaging and fastest growing crimes in the
country. Almost 10 million Americans were victims of some form of ID Theft
within the last year

     4.6% of Americans – 9.91 million people – experienced some form of identity
      theft
     3.23 million people whose personal information was used without their knowledge
      had new accounts opened (new credit card or loans)
     6.68 million people whose personal information was used without their knowledge
      had their existing accounts misused (siphon off money, buy stuff on eBay...

     Average loss from misuse: $4,800 per victim



     Source: 2003 FTC Identity Theft Study
Resulting Business Damage…
•   Businesses, including but not limited to financial institutions, lost $47.6 billion
    due to identity theft in the year ending Sept 2003!

      $32.9 billion attributable to information security breaches leading to new account
       opened by unauthorized users
      $14 billion attributable to information security breaches leading to existing account
       misuse by unauthorized users
•   Example loss: the cost to a credit card company of canceling and issuing a
    new card is estimated at $25 per card
      In February 2003, one hacker breached the security system of Data Processors
       International and got access to as many as 8 million card accounts
•   When victims lost $5,000 or more, 81% told someone else – this behavior
    places the company’s reputation at risk!!

      Source: 2003 FTC Identity Theft Study
The Insider Risk
Now, we have concrete data that employees are stealing data…

       “Some 60% of companies reported being victimized by employee
       fraud”
                                              - KPMG Forensics Practice
       Survey 2003

       “The top cause of identity fraud is now the theft of records from
       employers or other business that have records on many individuals"

                                                     -Trans Union Report


       “More than one-third of the targeted financial or data loss incidents
       involve insiders”
                                                  - IDC Security Survey, 2003
FTC Statistics Indicting the Insider…

 In a substantial portion of the identity theft cases, the victims knew the
 perpetrators. They were able to positively identify the thief as working at a
 bank or company where they are a patron i.e. the teller at bank, a cashier at
 the point of purchase, etc.
      Of all victims who knew the identity of the thief, in 23% of the cases, the victim was able
       to identify the person responsible was someone who worked at a company or financial
       institution that had access to the victim's personal information

      34% of victims that experienced perpetration of personal information leading to misuse of
       existing accounts identified an employee of a company or financial institution with whom
       they did business

      13% of those who experienced perpetration of personal information leading to the
       opening of new accounts identified an employee of a company of financial institution with
       whom they did business

    Source: 2003 FTC Identity Theft Study
Attacking Fraud and Identity Theft…
• Intelligent Content Monitoring enables you to:


• Understand the areas of electronic exposure – pinpoint the areas
  most vulnerable to identity theft, electronic fraud, and system attacks
• Identify and assess new risks and take action: which areas
  demonstrate a high risk for leaks of private information – what is the
  cost associated with a potential leak?
• Measure the effectiveness of current measures: are they strong
  enough to stop leaks both from external and internal attacks
• Enforce your policies – give the policies some teeth!
Industry Analyst Validation

“Increasingly, Fraud and Identity Theft are becoming
significant problems for business. IDC estimates that over
one third of the financial or data loss incidents involve
insiders. Vericept's innovative approach ties the insider
problem with the leaking of sensitive information.
IDC believes organizations that are trying to combat
fraud and identity theft should consider integrating
Vericept’s solution into their overall exposure
management and security infrastructure.”
                                                Brian Burke
                                          Research Manager
                            IDC’s Security Products Program
     Security Market Landscape



                  Vericept
Protecting Your Information and Reputation
Key Deloitte Findings
•   “Perception of security and its importance to the business was consistent
    across organizations of all sizes – most saw it as a risk management
    exercise that is key to the business.”
•   “…most financial institutions are attempting to demonstrate how the controls
    they have implemented to achieve security align with relevant regulations and
    the demands of their customers. Respondents’ answers reflected the
    importance to their of company brand, data protection and customer
    loyalty.”
•   “…a well-devised privacy strategy can be a major asset in attempts to
    stay ahead”
•   “An effective process requires the ability to generate reports that detail
    vulnerability for compliance and auditing activities.”


              Global Security Survey 2004
Key Deloitte Findings

•   “Executives rank security as a high priority and security initiatives
    are seen as a good investment”
•   “Security is a business issue driven by shareholder value, customers’
    perception, brand and reputation protection, legal and regulatory
    compliance, vulnerability sustainability”
•   Value: more money is being spent to win back customer trust.
•   83% of respondents acknowledged that their systems had been
    compromised in some way in the last year
•   Top 3 areas of concern for privacy compliance: unauthorized access to
    personal information, managing 3rd party info sharing, managing
    customer privacy preferences


              Global Security Survey 2004
CSOs Top Concerns: IP Loss and Compliance

• “The theft of intellectual property or other proprietary information is also a
  top concern of CSOs, with 91% saying that managing access to
  critical information and documents is either "extremely important"
  or "very important.“

• 15% of the respondents said their employer has lost or had critical
  documents or corporate information copied without authorization in the past
  year. Almost 25% said they could not be sure whether such losses
  had occurred at their company.

• 49% cited "issues related to regulatory compliance" as the prime
  reason behind their security purchases.



               CSO Magazine Survey of 476 CSOs – May, 2004
Gartner’s
Hype
Cycle



Vericept
Gartner’s Hype Cycle
Industry Trends
  ―Corporate spending on security and business continuity has been held back
  by two factors—uncertainty about the severity of risk posed by security threats
  and ongoing budget austerity. However, any skepticism about the potential
  consequences of a security breach is fading fast as enterprises seek to
  improve their ability to manage organizational risk.‖
                                                                         -John F. Gantz
                     Chief Research Officer & SVP – International Data Corporation (IDC)
                                                                    September 29, 2003

  IDC Predicts:
  ―Worldwide spending on security & business continuity will grow twice as fast
  as overall IT spending.
  ―40% of 1,000 IT managers surveyed saw security as their top IT budget
  priority.‖
  ―Spending will be driven both by immediate security needs but also by the
  need to comply with recent regulations that impact information security such
  as; HIPAA, Gramm-Leach-Bliley, California’s Security Breach Notice Law, and
  Sarbanes-Oxley Act.‖
                                                                September, 2003
Industry Trends
  ―Based on the results of the survey, we predict 2004 to be the year companies
  begin to look at security as a strategic enabler.‖ Survey results show 42% of
  companies surveyed will be looking at security from a more strategic
  perspective…
                                                                              -Joe Duffy
                                   Partner & Global Leader – Security & Privacy Practice
                                                              PricewaterhouseCooper’s
                                                                       September, 2003

  ―Organizations around the globe are concerned with Information Security…
  Not surprisingly, Europeans are more focused on ensuring customer privacy
  while in North America, we are fixated on potential liability issues.‖

  ―Cyber-terrorism is a theoretical threat, but cyber-crime is a reality happening
  everyday.‖
                                                                      Scott Berinato
                                            Senior Editor of CIO & CSO Magazines
                                                                  September, 2003
Industry Trends
  ―By 2005, the market for security and business continuity products should hit a
  15% growth rate which should translate into more than $118 billion being spent
  on the technologies by 2007. IDC sees content filtering as a potential growth
  area as companies face legal risks posed by their employees downloads.‖

                                                   International Data Corporation (IDC)
                                                                   September 29, 2003


  “I would argue good security is good business.”

                                                                             -Joe Duffy
                                  Partner & Global Leader – Security & Privacy Practice
                                                             PricewaterhouseCooper’s
                                                                      September, 2003
Security Market Landscape – Our Piece of the Pie




                                    $1.973 Billion (2007)
                                 Secure Messaging - $1.08M / EIM - $893M

           Messaging Security/
            Employee Internet
           Management Market

           Secure Content                 $6.38 Billion (2007)
            Management
               Market


    Internet Security/Privacy                      $118 Billion (2007)
             Market
                                                       IDC Estimates (October, 2003)
               Market Landscape

TIER 1                                • Direct
                                        competitors
Content
Monitoring                            • Trying to “eat
                                        our lunch”


TIER 2
                                      • Not directly
Employee                                competitive
Internet                 Compliance
                                      • Potential
Management /
                                        partners
Messaging


TIER 3                                • Not
Network                                 competitive
Security /                            • Sometimes
Forensics                               asked about
Structured vs. Unstructured Data

       “More than 75 percent of enterprise data is
       unstructured and document-related, rather
       than being neatly sorted numbers in a
       database”




   • More assets and intellectual capital are captured in
     unstructured formats and documents
   • These mechanisms are more conducive for sharing

    Unstructured data poses more risk
Financial Damages from Information Leakage

   “When a breach leaks confidential private information (such as
   credit-card and bank-account numbers or sensitive medical
   information)…the breach has a marked negative impact on the
   market value of the company.

   Cybercrimes where confidentiality is violated are crimes that cause
   measurable negative impact in the stock-market value of
   companies. In our study, we found that companies lost an
   average of slightly more than 5% of their market
   valuation.”

                          - University of Maryland's Smith School of Business
            Impact of cybersecurity breaches on the stock-market value, 2004
Market Validation – Risk Management is a Driver


    “Intelligent Risk Management can enable organizations to
    face an uncertain future optimistically…Preparation requires
    a focus on risk management, intelligence-driven prevention
    and response.”

                                                     -David Bauer
              Vice President, Chief Information and Privacy Officer
Section III: VERICEPT CORPORATION



                    Vericept
  Protecting Your Information and Reputation
Vericept Background

• Founded in 1999 – Denver, Colorado
• Award-winning, patent-pending (5) technology
• Seasoned Management Team & Approximately 65
  Outstanding Personnel:
• Financial backers: Sigma Venture Partners, William Blair
  Venture Capital, Sequel Venture Partners, Visa International
• Industries: financial services, healthcare, retail,
  manufacturing, government, education, pharma,
  telecommunications, energy…
• Approximately 600 customers trust Vericept – over 1.5M
  workstations being monitored
Vericept Mission Statement


      To Be The Leading Global

 Provider of Information Protection

  and Misuse Prevention Solutions
Elevator Pitch (79 words)

  Vericept Corporation is the leading provider of enterprise risk
   management solutions enabling corporations, government agencies and
   education institutions to manage and dramatically reduce insider risk.
   Vericept provides immediate visibility to multiple forms of business
   risk including regulation compliance violations, corporate governance
   concerns, internal policy infractions, information leaks, and unacceptable
   internet use. Based on the patented advanced linguistics engine, the
   Vericept Solutions analyze all content of inbound and outbound internet
   traffic using pre-defined categories, enabling companies to instantly identify
   and terminate any activity falling outside of an organizations predefined
   acceptable use policy. Vericept’s innovative solutions prevent losses to
   valuable information assets and protect the organization Brand and
   reputation.
              Vericept Sales Strategy



                        Direct
                        Sales
        OEM
                       Solutions
                       Partners
Int’l


                      Distributors
Vericept Solutions Partner Program – VSP’s

 VISION
  To be the standard in which our partners measure their other
  vendors.

 MISSION
  Create a global ecosystem of solution partners who leverage the
  unique capabilities of Vericept solutions to create new customers and
  organically grow existing customers in a profitable and mutually
  beneficial manner.

 VERICEPT CHANNEL SALES MANAGER OBJECTIVE
  Maximize revenue in each region.
Vericept Solution Partner Program – VSP’s

  Certified Vericept Solution Partner Requirements
    •   Certified Vericept Solutions Architect
    •   Certified Vericept Sales Engineer
    •   Self-Sufficient Through Entire Sales Process (conduct EA’s)
    •   Relentlessly pursue customers defined in the VSP Accessible Markets
    •   Generate at Least $500k in Vericept revenue to CVSP
    •   VSP Accessible Market (as defined by Hoovers Online)
         -   SME’s: annual revenue < $501m
         -   Education (K-12 and higher-ed)
         -   State & Local Government
         -   Standalone Hospitals & Hospital Groups < $4.01b in annual revenue
               - CSMs have the named account list
Lead Referral Program
 For Customers Outside of the Scope of the VSP Accessible Markets

 Principles of Engagement
   • Submit a completed VSP Lead Qualification Form
   • One VSP Lead Qualification Form per Customer transaction.
   • Vericept controls the sales process from the moment the VSP Lead
     Referral Qualification Form is approved in writing.
   • Vericept, as a best practice, will incorporate the CVSP’s service delivery
     team to the extent it has the certification, experience, and desire.
   • Referral fee is only applicable to the Vericept software portion of the
     transaction.
   • One referral payment per VSP Lead Qualification Form.
       Michael Reagan                                                            Headquarters
 VP Worldwide Channel Sales                                                  750 W. Hampden Ave.
     Office: 303.268.0512                                                          Suite 550
      Cell: 303.478.3706                Central                            Englewood, CO 80110-2163
  mike.reagan@vericept.com              Region                                  www.vericept.com
                                                              Northeast
                                                               Region
        Sara Avery
                                                                                Technical Support
  Channel Sales Manager
                                                                                800.262.0274 x7500
     Northeast Region
                                                                               support@vericept.com
   Office: 303.268.0532
    Cell: 303.898.2487
 sara.avery@vericept.com

        Kevin Homer
  Channel Sales Manager
      Southeast Region
   Office: 303.268.0533
     Cell: 303.570.6699
 kevin.homer@vericept.com
                              Western
                              Region                             i

     Damon Morriss
  Channel Sales Manager
                                                  Southeast                     Ken Totura
      Western Region
                                                   Region            Director of Partner Development
   Office: 310.545.7699
                                                                           Office: 303.268.0537
   Cell: 310.947.2594
                                                                            Cell: 303.506.1568
damon.morriss@vericept.com
                                                                         ken.totura@vericept.com



Updated 1/8/04
Section IV: VERICEPT’S PRODUCTS
            ARE CALLED SOLUTIONS



                   Vericept
 Protecting your Information and Reputation
                   Vericept’s Intelligence Platform


Information                                          Regulation
                   Acceptable      Preventive        Compliance       Custom
Privacy and                                           Manager
                      Use           Security                          Search
Compliance                                               HIPAA
                                                                    Parameters
                    Manager         Manager
  Manager                                                GLBA
                                                        CA 1386




        Filter
                                Intelligent Content Analysis
     Intelligent
       Traffic                    Data-in-Motion | Data-at-Rest
     Controller
       prototype
                                                Monitoring Engine
    Blocking Solutions
Vericept Solutions – Composition by Category
     Information                     Acceptable                    Preventive
      Privacy and                       Use                         Security
      Compliance                      Manager                       Manager
    Manager (IPCM)                     (AUM)                         (PSM)

         Structured Data             Unstructured Data               Structured and
CA Driver’s License            Adult                               Unstructured Data
Credit Card Number             Conflict                     Hacker Research
Protected Health Information   Gambling                     Impending Threats
Personal Information           Games                        Preparation for Attack
Social Security Number         Racism                       Suspicious Activity
                               Shopping                     Unauthorized Access Attempts
       Unstructured Data       Sports
Confidential                   Substance Abuse
Disgruntled                    Trading
Information Hiding Research    Violent Acts
Mergers & Acquisitions         Weapons
Resignation                    Peer-to-Peer File Research


      Capture All Instances         Capture All Instances
IM & Chat                      IM & Chat
Mailing Lists                  Mailing Lists
Peer-to-peer File Share        Peer-to-peer File Share
Postings                       Postings
Webmail                        Webmail
Vericept Solutions – Composition by Category
          Regulation                      Acceptable
          Compliance                    Use Manager -                         Custom
           Manager*                       Education                           Solution
            (RCM)                          (AUMe)                         (this is available though
                                                                          not a standard offering)

                                             Unstructured Data
         1. RCM CA 1386              Adult
          Structured Data                                                 8 Categories Total:
                                     Conflict
  CA Driver’s License                Gambling
  Credit Card Number                                               7 Vericept Categories
                                     Games
  Personal Information                                             1 Premium Vericept Category
                                     Gangs
  Social Security Number             Plagiarism
                                     Racism
        2.   RCM HIPAA               Shopping
   Protected Health Information      Sports
   Social Security Number            Substance Abuse
                                     Trading
                                     Violent Acts
                                     Weapons
         3. RCM GLBA                 Peer-to-Peer File Research
         Structured Data             Hacker Research
 Credit Card Number
 Personal Information                      Capture All Instances
 Social Security Number              IM & Chat
                                     Mailing Lists
   *These contain only the minimum   Peer-to-peer File Share
   categories necessary to comply
                                     Postings
                                     Webmail
Vericept Pricing Strategy
•   3 year term - paid up front (software maintenance included)
•   Perpetual License (software maintenance 20%)
•   Pricing & volume discount based on number of workstations
•   Minimum deal size of 250 workstations
•   VSP or Vericept can source hardware
•   Work passionately to maintain the List Price!

 Price List updated quarterly
Training Exercise

CASE STUDY:
   You have called on the Chief Information Security Officer of a major
   hospital group. You’ve learned that she is very concerned about protecting
   protected health information and HIPAA is a constant board-level topic. In
   addition, her VP of Human Resources asked her if she was aware of any
   technology to track employees who visit unauthorized websites. Their
   network is comprised of 1,100 workstations.

1.   What Vericept Solutions would you recommend? Which solutions would
     address which problems?
2.   What is the price of the proposed solutions?
3.   What else beside software should be factored into your proposal?
        Vericept Deployment


                  Vericept
Protecting your Information and Reputation
Vericept Solutions System Requirements

•   Dedicated Appliance
      - Intel-compatible processor
      - 3 GHz minimum processing speed
      - 2 GB RAM
      - 120 GB Hard drive or larger
      - 2 network interface cards (NICs)
      - CD-ROM drive
      - Floppy disk drive

•   Operating System
      − Red Hat Enterprise Linux (RHEL) version 3.0
        WS
                                 “Installing and configuring the
Vericept Standalone Deployment   Vericept solution was almost
                                 easier than taking it out of the
                                 box.”
                                                       - Sean Doherty
                                                     Technology Editor
                                           Network Computing Magazine
Vericept Distributed Deployment
Vericept Distributed Deployment cont.
Section V: SELLING VERICEPT



                    Vericept
  Protecting your Information and Reputation
Vericept Sales Cycle


VERICEPT
             Create
 SALES                     Qualification   Conviction     Close
            Interest
 CYCLE




                                           • Secondary
VERICEPT                   •Online Demo
                                            EA Present.
           •Call Scripts      •Initial                     •PO
 SALES                                     •SLA Review
            •Referrals       Exposure
                                             •Proposal    •SLA
 TOOLS                      Assessment
                                               •SOW
Vericept Sales Cycle
I. CREATE INTEREST
     •    Research your prospect
     •    Identify corporate mission, company positioning, key players,
          financials, recent news, Code of Conduct, etc.
     •    Contact Prospect at Business Decision-Maker Level - (e.g., CIO,
          Compliance, HR, Finance, Internal Audit, etc.)
     •    Understand what they are responsible for and then link Vericept benefit
          to them

    Business Decision Makers
    • Chief Risk Officer             • Chief Financial Officer        • Director of Security
    • VP of HR                       • CSO / CISO                     • Head of Marketing
    • Corporate Governance Officer   • Chief Information Officer      • CEO
    • Legal / Corporate Counsel      • Chief Ethics Officer           • Internal Audit
    • Chief Privacy Officer          • Corporate Compliance Officer
Vericept Sales Cycle
II. QUALIFICATION – The Initial Hook
    •   Flesh out their current security infrastructure
    •   Flesh out their acceptable use policies
    •   “Would You Know If” Questions
    •   Share customer anecdotes
    •   Present Vericept Corporate Overview and Online Demo
    •   Commit to next step (meet with other stakeholders, Exposure Assessment, etc)

   QUALIFICATION – Understand the Procurement Process
    •   Learn typical procurement process
    •   Determine availability of funds
    •   Determine appropriation of funds (especially for out-of-budget purchases)
    •   Identify the titles and names of those affecting the purchasing process
    •   If you’re pressured to deliver pricing prior to the EA or proposal – give them
        budget and planning numbers of $20 to $30 per workstation annually.
Vericept Sales Cycle
   QUALIFICATION – “Reference” Trial Close
    “The Demo you have just seen reflects the manner in which the
    solution would be used and the types of information that would
    be captured if the solution were installed on your network. Based
    upon your feedback, it sounds like this has a clear and valuable fit
    in your environment. We have the ability to deliver the solution
    in a manner that can be recognized either as an Operating
    Expense or Capital Expense. Which would better fit with your
    budget and financial structure?”
     Contact your Vericept Channel Sales Manager (CSM)
    •   Share Customer Anecdotes, Case Studies and Analyst Quotes
    •   References Online
    •   Broker a concall between the two parties
Vericept Sales Cycle
   QUALIFICATION – “Exposure Assessment” Trial Close
    “We have a program we refer to as the Exposure Assessment. This Program
    provides a 7 day snap shot of activity on your network and the various points of
    business risk tied to inappropriate network use and abuse. We install a Vericept
    device on your network, let it run for 7 days then present the results of our findings
    in the form of an Executive Presentation. Typically the Exposure Assessment is
    priced at $20,000. However, as the program has evolved, at times waive that
    fee provided your organization is committed to gaining the executive level buy-in on
    the program. This is done by confirming the key stake-holders attend the
    Executive Presentation. The reason for this request comes from our desire to
    ensure we’re not wasting your time or ours. Frankly, in the past we have had some
    organizations that have learned, only after performing an EA that they are not
    prepared to address the issues and risks that were discovered during the
    assessment. Usually, the “key stake holders” are the executives
    responsible for Compliance, HR, IT and Legal. Do you have separate
    individuals responsible for these functional areas? Would those individuals be of a
    mindset to address these issues?”

   If yes, send the EA Agreement and require them to get it signed by the
    individual that would ultimately have purchasing authority should they
    decide to purchase the Vericept solution.
Vericept Sales Cycle
   QUALIFICATION – “Exposure Assessment” Trial Close
    •   Pull Exposure Assessment Agreement from www.vericept.com and get it signed
        by customer (decision-maker)
    •   Set Exposure Assessment “best practices” expectations
    •   Provide Network Configuration Diagram Worksheet
    •   Proactively secure the EA installation & presentation dates & key contacts

       Present a quick, but compelling, EA presentation. Follow the proven
        Vericept format & discuss the deployment process (not as
        overwhelming as they assume).
Vericept Sales Cycle
III.       CONVICTION – Secondary EA Presentation
          If all stake holders are not present for the “Initial EA Presentation”,
           the customer usually conducts a secondary EA presentation to
           additional decision-makers, stakeholders and budget committees.
       •   Offer to present to the secondary decision-makers (not unusual to be declined because
           generally additional action items are discussed during those meetings that don’t involve
           Vericept).
       •   Do insist on helping the “champion” develop his/hers Vericept presentation
           •    Provide EA Presentation – or shorter version
           •    Provide role-play assistance
           •    Provide additional documents, white-papers, or references to solidify the decision and
                budget.
           •    Help them find the budget dollars to buy now.
           •    Express a willingness and capability to get creative with the financing of the solution if
                you think there may be budget issues.
       •   Secure a date and time you will follow up with the champion (typically the day after their
           internal meeting)
Vericept Sales Cycle
       CONVICTION – Deliver Proposal
       Deliver a Quote, Proposal or Statement of Work – put
        something in front of the customer for them to say “yes” to.
    •   Include the full complement of Vericept Solutions
        •    Info Privacy – protects your valuable information
        •    Acceptable Use – addresses employee productivity and reputation risk
             management
        •    Preventative Security – capture the internal hackers
        •    Stored Data – data at rest
        •    Custom Search Parameters – the tool to customize Vericept
    •   Never line item the pricing – include all modules with one aggregate investment
        price.
    •   Be sure to include the “points of pain” identified early on and the cost
        associated with them
    •   Follow up, follow up, follow up
Vericept Sales Cycle

       CONVICTION – Software License Agreement
       Deliver the SLA as early as possible for the Customer to
        expedite the legal review process
    •   Make the SLA review a non-event. It is just standard software licensing
        language
    •   Pull the latest version from www.vericept.com
    •   Engage your Channel Sales Manager to field 100% of the questions and
        proposed red-line. Under no circumstance should our CVSP negotiate verbiage
        changes to the SLA!
    •   Get signature on the SLA or online approval for the electronic version
Vericept Sales Cycle
IV. CLOSE – The Win
       The deal is booked when two things happen –
   1.   Vericept receives a valid Purchase Order from the CVSP or Distributor and
   2.   Vericept receives the signed Software License Agreement (either hardcopy or
        electronic)


   CONGRATULATIONS – you’ve now delivered a true solution that will
      positively impact the senior members of your Customer. You will now
      be elevated to a trusted advisor level in their eyes (if you weren’t there
      already).

       Implementation is just as critical as the sales process. Your
        Channel Sales Manager will deeply assist you with the best
        practices, tools and technical & project management needed
        for a positive customer experience.
         SELLING VERICEPT
           Tools, Deliverables and Support




                  Vericept
Protecting your Information and Reputation
Partner Resource Center – www.vericept.com
Vericept Solutions Online Demos

         Solution               Demo            Username      Password

Acceptable Use        demo1.vericept.com    Administrator   woulduknow
Manager               demo2.vericept.com


Information Privacy   demo3.vericept.com    Administrator   woulduknow
and Compliance        demo4.vericept.com
Manager
Preventive Security   demo5.vericept.com    Administrator   woulduknow
Manager               demo6.vericept.com


Acceptable Use        demo7.vericept.com    Administrator   woulduknow
Manager - Education

All Solutions         demo13.vericept.com   Administrator   woulduknow


Filter                demo14.vericept.com   Administrator   woulduknow
                      demo15.vericept.com
Vericept delivers: Summarized violations…




                                   This Vericept screen shows
                                   an organizational view of the
                                   inappropriate activity on the
                                   network, it is color-coded by
                                   category…
…Inappropriate use of the organization’s assets…




                                    This real example shows an event
                                    that was captured in the Adult
                                    category.

                                     In this case, an employee is
                                    looking for “free sex pics” on the
                                    internet…
…an employee conducting Hacker Research…




                                 Here Vericept captured a
                                 web-mail conversation in
                                 which an inside hacker is
                                 proclaiming victory…

                                 Note: the data has been
                                 “anonymized”
…and Confidential info being sent in an attachment via webmail



                                              This is an actual example of
                                              Vericept catching a Sales and
                                              Purchase Agreement in the form
                                              of an attachment…

                                              Note: the data has been
                                              “anonymized”
References Online
Sample Policy Concerns and Solution Mapping
             External or Internal          Vericept Monitoring Category
               Policy Concern
 Equal Employment                     Racism


 Harassment – Free Workplace          Adult, Conflict, Violent Acts, Racism


 Substance – Free Workplace           Substance Abuse


 Health, Safety and the Environment   Weapons, Conflict


 Political Activities                 Custom Search Parameters


 Conflicts of Interest                Custom Search Parameters


 Fraud                                Custom Search Parameters
Sample Policy Concerns and Solutions Mapping                                         (cont.)

              External or Internal                Vericept Monitoring Category
                Policy Concern
  Antitrust                                  Custom Search Parameters

  Proprietary and Confidential Information   Confidential, Mailing Lists, Disgruntled
                                             Employees, M&A, Personal File Information,
                                             Social Security Numbers, Custom Search
                                             Parameters, Non-public Personal Information,
                                             Personal Health Information



  Inside Information and Trading Company     Confidential, M&A, Custom Search Parameters
  Securities

  The Media and Financial Community          M&A, Postings, IM & Chat, Web-mail, Custom
                                             Search Parameters


  E-mail, the Internet and the Use of        IM & Chat, Sports, Shopping, Trading, Games,
  Company Property                           Confidential, Custom Search Parameters
                                             , Racism, Web-mail, Postings, P2P Research, P2P
                                             File Sharing, Adult
Some Helpful Resources
ENTITY                                                                URL
United States Department of Health and Human Services                 http://hipaa.wpc-edi.com/HIPAA_40.asp
Centers for Medicare and Medicaid Services                            http://www.hhs.gov/ocr/hipaa/
American Medical Association                                          http://www.cms.hhs.gov/hipaa/hipaa2/
Health Privacy Project                                                http://www.ama-assn.org/ama/pub/category/4234.html
Joint Healthcare Information Technology Alliance (JHITA)              http://www.healthprivacy.org/
The SANS Institute                                                    http://www.jhita.org/electric.htm
The Center for Internet Security                                      http://www.sans.org/index.php
Information Systems Security Assocation                               http://www.cisecurity.org/
Infragard                                                             http://www.issa.org/
US Department of Homeland Security                                    http://www.infragard.net/
Infragard                                                             http://www.nipc.gov/infragard/infragard.htm
CompTIA                                                               http://www.comptia.org/certification/security/default.aspx
Certified Information Systems Security Professional                   http://www.cissps.com/
International information Systems Security Certification Consortium   https://www.isc2.org/cgi-bin/index.cgi
Sarbanes Oxley                                                        http://www.sarbanes-oxley.com/
Gramm-Leach Bliley                                                    http://www.ftc.gov/privacy/glbact/
Children's Internet Protection Act                                    http://www.ala.org/ala/washoff/WOissues/civilliberties/cipaweb/cipa.htm
Family Educational Privacy Rights Act                                 http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html
     Action Plan for Mutual Success

            Critical Success Factors


                  Vericept
Protecting your Information and Reputation
Critical Success Factors
 Target the industry verticals
    •   Healthcare, Education, Finance
    •   Any one with information and a reputation to protect

 This is a strategic business decision; not an IT decision
    •   But remember IT is a critical stakeholder

 The economic decision-maker is usually a CIO, CFO, and or CEO
    •   Critical coaches include: Compliance Officer, Director of Security, VP of
        Human Resources, Internal Audit, etc.

 Sales Math (per month) – 12 leads (3/wk) = 3 EA’s = 1 Win
Critical Success Factors
 Selling with Vericept Requires:
    •   Focus, focus, focus – persistence, persistence, persistence
         • But know when to fish or cut bait
    •   Consultative Selling because this is a solution – not a product sale
    •   Leverage the proven “best practices”, resources, and your Channel Sales
        Manager

 Forecasting (yes – forecasting and here’s why)
    •   Helps Channel Sales Manager to proactively engage additional resources such as
        themselves, Vericept Executives, key Customer References, etc.
    •   Eliminates channel conflict because your Channel Sales Manager will only go on
        account calls with one CVSP. Race goes to the swiftist.
    •   Vericept leads get distributed to those who focus on Vericept the most and
        forecast diligently.
    •   Because your Channel Sales Manager has to forecast to Vericept each and every
        week!!
The Most Critical Success Factor
 STRIKE WHEN THE IRON IS HOT

  •   Especially after the initial Exposure Assessment presentation
  •   If the sales process is not moving forward – then it is moving
      backwards.
  •   Our most successful Partners have learned that lesson well


                                      “Every Day Matters”

                                                                      Jen Cantwell
                                                               Sr. Sales Executive
                                                             Vericept Corporation
                                       EMC, Tyco Intl, United Technologies Corp.,
                                                   Massachusetts Financial Svs.
You’re Not the Only One Who Believes in Vericept!




     Partnering to combat Fraud and Identity Theft
  •   Vericept is the only Content Monitoring Partner within Visa’s
      exclusive Strategic Alliances Program
  •   Strategic discussions and planning underway to develop
      initiatives for managing information risk

  •   www.visa.com/sai
       THANK YOU VERY MUCH

          Good Luck and Good Selling!


                  Vericept
Protecting your Information and Reputation

								
To top