Kroll says it will help partners upsell in latest partner programme change
The vendor says it will help land 'initial opportunities' with end users, then pass the account over to partners
The new Kroll cyber partner programme offers lifetime returns to partners on its suite of cybersecurity solutions, says the independent global risk and financial advisory solutions.
Kroll says the programme will deliver continual returns to partners by landing "an initial opportunity with their customer, and then continue to upsell and generate returns from other solutions. This is what we call a ‘lifetime value play'."
The company explained that based on experience, the dollar value growth coming from one initial deal with a customer compared to five years down the line, is often 10x.
Their Cyber Risk business provides over 40 solutions such as digital forensics and incident response, managed detection and response and penetration testing and application security.
It also offers a cyber risk retainer - this model means that partners also benefit from a mature direct sales team, rather than compete against it.
The new partner programme comes just as research by Gartner last week revealed that a quarter of cybersecurity leaders across the industry could be leaving the sector by 2025.
How do lifetime returns work?
Keith Carter, Kroll's global head of channel and alliances for the cyber risk business, described these lifetime returns as a series of "proactive services" that would work to deliver a secure and risk-free service, while also provide lifetime returns to partners.
"For example, you could have an incident response where a client has an attack," he explained.
"So, our digital forensics engineers will go in and obviously start to work with that client to ensure that the ransomware is stopped, and we do the remediation services, we then look at the breach notification services that we offer.
"In some countries, there is a demand for mandatory requirements, that if for example PCI data has been breached, then they have to set up call centres and notification advice for a period of time as governed by compliance. So that would be another offering that we would have."
On top of the initial incident response consultation project and the breach notification, which can go on for up to nine to 12 months in some cases, Carter says that that the next step is to provide a way for the client to be protected from recurrence of attacks.
"So…that's when you start to work with tabletop exercises, and your PEN testing. But really importantly, is that proactive managed detection and response of the endpoint.
"Because Kroll is vendor agnostic with its MDR offering, we can go right across multiple different vendor endpoints and still offer the same type of service.
"Just from the UI, initial IR, we can move to breach notification, we can move to proactive services such as pen testing, we can offer a virtual chief information security officer (CISO) if your client isn't there besides where they have those capabilities themselves, and then if the client needs security operation centre (SOC) or endpoint detection and response (EDR) services again, depending on the profile of the customer, we can sell that through the partners on a recurring revenue basis."
"There's just five services that can be added as a result of an initial breach…then that becomes obviously a lifetime value."
In terms of how partners will be paid, Carter explained that their partnership programme will be based on loyalty.
"This is about loyalty to our partners who bring us opportunities and accounts, where we differ from where we reward our partners is in in many ways, including providing our partners with the opportunity to continue to upsell within those accounts, as long as they remain loyal.
Carter added that Kroll has also got more "tricks up their sleeve" as to how they will be rewarding that loyalty, in the form of incentives and other additions to the programme that partners can sign up for.
A two-tier system
"We've had some partners in our portfolio, through the Redscan acquisition which was our MDR responder offering," continued Carter.
"And really what we found is partners, depending on the profile of the partner, depending on the client requirements, they can work with Kroll on a referral commission based model, which is where they will be an entry point partner into the programme.
"And they will really just work with us to help Kroll deliver those services and offerings into the clients.
And then the next tier level is our champion partners. These are who have taken more of a proactive approach in learning a little bit more about some of the services that firms offer."
He explained that over time, Champion-tier partners will take more of a proactive lead in pre-sales activities and some of the scoping and will move more to a resale model where they will repackage and resell the Kroll services into their own portfolio of offerings.
"And that's the one really that I think more and more of the VARs and MSSPs want. So they can see to be adding value to those clients leveraging the call services."
More about Kroll
Kroll is an independent provider of risk and financial advisory solutions, it uses insights, data and technology to help clients stay ahead of complex demands.
Kroll has been around for nearly 100 years and has a team that consists of over 6,500 professionals worldwide focusing on risk, governance, transactions and valuation.