Selling Cyber 2026
This report is based on Insight Revenue’s extensive sales research and direct experience working with clients that sell cybersecurity. The author of the report, Timur Hicyilmaz, is recognized globally for decades of groundbreaking research on sales performance and customer loyalty. He was formerly the head of sales research for CEB now Gartner and Challenger and continues his innovative work as Co-Founder of Insight Revenue.
Cybersecurity is an unusually dynamic field. It also presents corporate buyers and the sellers of cybersecurity with some unique challenges:
- On one hand, cyber companies do not have to work hard to create a need. Every day the headlines remind us, the threats keep coming. Some of these damaging attacks, such as the ransomware attack on Change Healthcare that disrupted healthcare services across the US, turn out to have been organized by sophisticated groups. Others, such as an attack on Transport for London turns out to have been perpetrated by a lone teenager, just because.
- The exponential increase in threats, enhanced by AI and other technological advances, have meant an expansion in corporate budgets devoted to battling cyber attacks. However, even increased budgets are proving to be insufficient, with buyers increasingly trying to make the least bad purchasing decisions, working to identify the degree of risk they are happy to assume.
- These forces: the large number of threats and the availability of budget, has meant a large influx of suppliers into the market. By one count, there are over 6,000 cybersecurity companies, each proposing different methods: everything from adopting a zero trust model to taking an adversarial approach. Underpinning these methods is a bewildering variety of technologies with AI being used to perfect social engineering as well as finding previously unknown software vulnerabilities to expose.
All of this is overwhelming to buyers who remain as worried about overspending as they are worried about potential breaches. This makes it very hard to prove value when leaders can see the cost and complexity of the stack without fully appreciating the risks being mitigated. As one client put it “if we do well, clients ask if they’re spending too much and fire us if we miss anything”.
Download the full report below.
Download the free resource
Selling Cyber 2026
This report is based on Insight Revenue’s extensive sales research and direct experience working with clients that sell cybersecurity. The author of the report, Timur Hicyilmaz, is recognized globally for decades of groundbreaking research on sales performance and customer loyalty. He was formerly the head of sales research for CEB now Gartner and Challenger and continues his innovative work as Co-Founder of Insight Revenue.
Cybersecurity is an unusually dynamic field. It also presents corporate buyers and the sellers of cybersecurity with some unique challenges:
- On one hand, cyber companies do not have to work hard to create a need. Every day the headlines remind us, the threats keep coming. Some of these damaging attacks, such as the ransomware attack on Change Healthcare that disrupted healthcare services across the US, turn out to have been organized by sophisticated groups. Others, such as an attack on Transport for London turns out to have been perpetrated by a lone teenager, just because.
- The exponential increase in threats, enhanced by AI and other technological advances, have meant an expansion in corporate budgets devoted to battling cyber attacks. However, even increased budgets are proving to be insufficient, with buyers increasingly trying to make the least bad purchasing decisions, working to identify the degree of risk they are happy to assume.
- These forces: the large number of threats and the availability of budget, has meant a large influx of suppliers into the market. By one count, there are over 6,000 cybersecurity companies, each proposing different methods: everything from adopting a zero trust model to taking an adversarial approach. Underpinning these methods is a bewildering variety of technologies with AI being used to perfect social engineering as well as finding previously unknown software vulnerabilities to expose.
All of this is overwhelming to buyers who remain as worried about overspending as they are worried about potential breaches. This makes it very hard to prove value when leaders can see the cost and complexity of the stack without fully appreciating the risks being mitigated. As one client put it “if we do well, clients ask if they’re spending too much and fire us if we miss anything”.
Download the full report below.
