Customer Success Can Be The Face of Security Operations

In a recent article from Inc magazine; Delta Airlines CEO Ed Bastian lamented about what he spent his days worrying about:

These days, cybersecurity. And it doesn’t keep me awake, but I’d say this would be one of the things that I spend my time more focused on than I care to be.

It’s this very real and present danger that many a C-level executive is faced with, but ultimately CSO and CISOs are responsible for managing.

Service Providers are tasked with managing this balancing act of building trust among leaders that those digital assets (and that of their customers) are well protected. The best staffed Security Operations Team and elite Compliance/Data Protection gurus are still caught off-guard by an ever-evolving gallery of threat actors globally.

Security and Network Events Happen

Too often we keep our SOC and NOC engineers holed up into dimly lit rooms with twenty or so 70" screens, weather channels, 24x7 news briefs and dashboards blaring brightly colored graphs to a sea of glassed over but intently focused eyes.

Inevitably an issue or security event occurs. No matter how major, you’ve planned for this and your team is ready to investigate. They just need time to concentrate and focus on the issue at hand.

All the Customer Knows is That They Don’t Know.

As any Customer Success Manager will tell you, their phone rings first. As a security and network event occurs this does not change. But what of it? Does the CSM head to the SOC and start asking questions? Or is there another way?

Support often receives the brunt of angry, confused, worried, and concerned customers. All the customer knows is that they don’t know. They want, no; they demand answers. We hire CSMs who are capable of effective emotional communication. We love our process documents. Where the rubber meets the road is when the Customer Success Manager is able to carefully navigate critical incident response with the latest information information from SOC while providing information from a place of understanding. I am not advocating for every CSM to be a CISSP; but knowing your layer 3 and 4 issues from your layer 7 issues are quickly becoming quite relevant skills.

How Do We Improve the Customer Experience in the Midst of a Security Event?

Taking time to build trust, rapport, and a sense of cohesive operating function among Security, Network, and Customer Success teams ultimately drive better customer relationships.

Customer Success Managers have to take time to understand how Security and Network technologies work at a high level. As a leader you should foster an environment that helps CSMs understand the tools, tactics, and procedures that SOC and NOC engineers undergo to address threats and events. This enables your entire company to be better prepared to meet the threat at the front door while CSMs usher the end customer through the event with less stress and frustration.

SOC and NOC engineers should take advantage of the way in which Customer Success Managers manage day to day customer demands and become the voice of the customer internally within the business. There should be an environment where Security and Network Operations can speak freely in open dialog around the best way to frame events, plan next steps to investigate while finally finding a resolution.

Should these two teams find common ground, the customer experience benefits tremendously.

Plan learning and development time with Customer Success Managers to tailor their critical incident response process around the internal processes that the SOC & NOC undergo during those critical events.

CSMs can manage executive escalation, conference bridge requests, incident analysis and RCA requests in a methodical manner once they understand the underpinnings of SOC & NOC incident response. Knowing who they can talk to and when for the right information will relieve stress from the Director of Security Operations and reduce the liklihood that executives have to escalate.

Ideas for Building The Bridge

Ensure that every SOC and NOC engineer has time built into their onboarding plan to sit with the Customer Success Manager teams. Give the team dialog and key points to cover as part of their training plan. This can include an overview of:

• Strategic customers
• Day to day customer management
• Critical Incident Response protocols and management
• Communication methods, customer overview, and Net Promoter Score programs

Identify monthly training topics that CSMs can be a part of in the areas of incident response, remediation, and threat detection. This will bring them into the fold of the nitty gritty that SOC & NOC engineers manage day to day. Build a sense of understanding that each engineer cares about their role and the health of the customer experience.

Ensure that your Voice of the Customer program leaves room to acknowledge security in their feedback loop practice. Your customer may have thoughts they care to share that will either recognize key SOC & NOC talent or they will utilize the time to express critical feedback that may go a long way in improving the way in which SOC, NOC, and CSM teams can address the needs of the customer.