Chapter 14: Handling Objections – Selling Information Security to the Board

CHAPTER 14: HANDLING OBJECTIONS

The questions and objections phase is a critical phase in any sales process. It’s a good phase. You only get objections if your audience has paid a bit of attention and thought a bit about the issues you’ve raised. So, you should like objections just as much as you like questions. Do not feel or display defensiveness at this point. Welcome questions and objections: they give you the opportunity to better explain areas that your audience may not have fully understood yet.

There is an important technique to handling questions effectively, and that is to ‘ask the question back’, just to make sure that you’ve understood it, to demonstrate that you’re paying attention and, sometimes, to either give yourself time to think or, more sophisticatedly, to set up a prepared answer.

A question might be: ‘What’s the likely cost of delaying action on this issue until the beginning of the next financial quarter?’ You could ask it back like this: ‘Let me be sure that I understand your question. If we delay the start of the compliance project for two months, what might the impact be on the organisation?’ If you get a ‘yes’ to this, your answer is likely to be: ‘There will be two impacts. It will extend by two months the time during which we risk a £500k fine and, secondly, it will increase the initiation costs of project X as we will have to retrain the consultants involved from the old process to the new, rather than getting it right at the outset.’

There may be questions to which you don’t know the answer. Acknowledge that these are good questions, and commit to coming back with the information (if possible) before the end of the day/week. Do not attempt an answer if you don’t know it; you are, after all, a trusted adviser, focused on helping the board make the right decision.

Do not get involved in an argument over aspects of your proposal. The very old adage, that those who win the argument often lose the sale, is as true of selling information security to the board, as it is in any other situation. You have to find ways of turning objections into questions, and into questions that you can usefully answer, rather than seeing them simply as personal attacks to which you have to respond.