Most cybersecurity practitioners guide their clients/organizations toward the right tools, but when it’s time to buy, they get handed off to a reseller or vendor sales team. A lot of us THINK we understand sales, but if there is one thing I have learned in cybersecurity it’s that it is much easier to hack something when you know how it works.

This guide is meant to provide the background all of us technical people never really got: the basics of how sales processes for cyber and IT tools are structured. Then we can cover the best ways to leverage that into better outcomes: less expensive tools, better service from vendors, and less time spent on “Just one more quick 30-minute call.”

My goal here is to educate, but I’ll throw in a quick pitch: Charting Cyber is a cyber-focused reseller that navigates all these processes for you. We partner with consultants, agencies, MSPs, and others through revenue share partnerships, allowing you to provide more value to your clients, remaining vendor neutral, but also unlock potential revenue streams helping your clients buy tools they were going to buy anyway. You know how to best secure their organization, and we partner with the vendors you already recommend (plus all their competitors) and handle all the billing. Then you can focus on the outcome, and we take care of the rest.

What if you could:

• Stay vendor-neutral
• Let a practitioner-led partner handle sourcing and procurement
• Share in the margin — only if you want to
• Keep visibility into the deal all the way through
• Stay focused on what you actually do best: guiding the strategy

That’s what we do at Charting Cyber.

We're a cybersecurity-focused reseller built by a practitioner (not a sales org). You advise, we run procurement, and we both get the win.

Table of Contents:

The Practitioner's Dilemma

You’re the one your clients trust.

You did the hard work — identifying the risks, vetting the vendors, narrowing the shortlist, sitting through the demo while pretending to care about the “customer obsession” slide. And when your client asks, “Should we go with this one?” you give them a clear, informed recommendation.

Then... radio silence.

The sales team disappears into a vortex of discount approvals and procurement weirdness, and somehow, your client ends up working with a reseller you’ve never heard of. That’s if the deal even closes at all. And you? You’re watching from the sidelines like an unpaid intern who accidentally became their most valuable asset.

Here’s the uncomfortable truth:

The cybersecurity sales process was never built for you.

It wasn’t built for advisors. Or practitioners. Or the person doing the actual technical due diligence. It was built to do one thing: close the deal. Preferably at full price, with as little friction as possible. Ideally without your critical questions slowing things down.

Let’s break down the real reasons it’s a mess:

‍

"This doesn’t make sense! It’s so hard for us to buy smartly!” - It’s not supposed to make sense or be easy.

Vendor sales processes aren’t optimized for transparency, ethics, or even clarity. They’re optimized for quarterly quota attainment. Your satisfaction matters just enough to not block the sale. I don’t mean this to disparage sales teams because they are doing their best at what they are paid to do. But large companies have spent millions, maybe billions in revenue to increase the chance of closure. The VP of Sales is getting a late-night phone call because they missed quarterly sales quota, not because the sales process didn’t make sense to a customer.

Once you’ve helped guide the client to the tool, your value (in the eyes of the vendor) is spent.

Vendors hate competition

The dream for every sales rep? A single decision-maker, no comparison shopping, and a full-price quote.

What you see as your job: bringing thoughtful comparisons and advocating for a better fit, is friction.

Staying neutral is hard when the system doesn’t support it

Want to stay vendor-agnostic? Good luck. Most vendor partner programs expect exclusivity, tiered commitments, or quarterly performance. Which, for you, means sacrificing neutrality or margin — pick one.

One-time referrals are a joke

Yes, some vendors offer “referral bonuses.” But they’re usually capped, buried in fine print, or require you to do the dance of “please don’t forget to put me on the lead form.”

And when renewal time comes around? That deal is long gone. So is your cut.

It becomes easier to just... step back

At a certain point, many consultants shrug and say, “Let the sales process do its thing.”

Which often means:

• The client gets slower service
• You get zero visibility
• A reseller or account manager you've never met gets the commission

Cool.

You're missing revenue on deals you already influenced

Let’s be honest: you're already doing 70% of the sales work.

You're qualifying the client. You're managing vendor fit. You're creating urgency.

The only thing you’re not doing is getting paid.

And the kicker: you’re more replaceable than you think

Clients change. Stakeholders shift. Procurement decisions get pushed to “strategic sourcing” or finance.

And now, the vendor you introduced is upselling directly while you’re locked out of the conversation and the revenue.

‍

Behind the Curtain: Direct vs Indirect

Most consultants don’t wake up thinking about channel strategy. Many cybersecurity practitioners have no idea what the difference even is. But it has a big impact on how a client buys, what kinds of discounts are possible, where support can come from, or who can assist when things go awry.

Direct vs. Indirect Sales: Who’s Actually Selling This Thing?

Lets step back from the cybersecurity/IT tools discussion and go super simple. Let’s say you’d like to buy a new cell phone.

• If you go to a branded carrier store whose network you subscribe to and select a phone, they port the number to your new phone, and you walk out. That’s direct sales.
• If you go to the mall (I know, I know… I’m old!) and there is a stand selling cell phones for multiple carriers. That’s indirect sales.

There are lots of asterisks attached to this when you apply it to enterprise cyber tool sales.  Lets further define it now that we have a simple definition above:

• If you go to the website for “Company X” and click the “Schedule a Demo!” button, you are likely going to be directly to a direct sales team. This sales team will do everything, and no outside vendor will be directly involved unless the vendor is “partner first” (we will get to that later). The commission for that sale usually goes to the direct sales team only.
• If you go to a website for a reseller/agency/whoever as an authorized partner of “Company X” and ask them for help, THEY reach out to the vendor to setup conversations, that is likely going to an indirect channel sales team. The commission for this sale goes to the indirect sales team, and some portion of it will go to the authorized partner depending on the partner program they are in.

Deal Registration: The Hunger Games of Channel Sales

Although these are simple definitions, real life is much more complicated. There is a concept in the sales world called “Deal Registration”. In essence, it is who has brought the opportunity to the company. If you bring it first, you are “tagged” to the opportunity depending on the partner program, and that can come with benefits like preferred pricing, being compensated in some way through commission, or exclusivity to sell that vendor to your client.

Here’s how it goes ideally:

1. You partner with a vendor through their partner program.
2. You fill out a form and “register” the deal: ie provide the customer information and who you are working with.
3. The vendor “qualifies” the opportunity: usually does the client have budget, authority, need, and timing to purchase (BANT).
4. Sales approves the registration and you either sell directly to the client or an indirect channel team helps you make the sale.

The friction comes in when your client already went to the website and clicked “Schedule Demo”. Usually, the vendor sees that as a qualified opportunity to sell something directly: they don’t need a partner to bring that lead.  As a result, it’s very difficult to register a deal, and it can get messy depending on partner program, vendor policies, client purchasing desires, or just luck.

It’s like calling shotgun on a moving car with a chance the car doesn’t stop, picks someone else up, and runs you over.

Now, this is not a hard and fast rule.  Some vendors are “partner-first” which means they ONLY sell through an indirect partner.  If you click “Schedule Demo” and the sales team does all the demos/POCs, they will usually bring in a partner to sell that service through. But usually, this means the partner gets a considerably reduced margin on that sale. After all: the vendor marketing and presence drove you to investigate the offering, and the partner is not doing much other than processing a transaction.

‍

‍

The Indirect Channel: But why?

If this doesn’t make sense to you, it is likely because you are thinking about it from the customer side. But going back to the first section: the enterprise sales process was not built for you. Sure, there are conversations about “buyers journey”, but those revolve around converting you to a customer and not making an informed choice.

Still, the indirect channel model DOES offer a number of benefits to the end customer:

• One stop shopping: Procurement and vendor approvals at the enterprise level is surprisingly hard if you have only been in IT/security your whole life.  Cashflow, financing, tracking renewals, tracking/changing billing details, and trusted relationships are all reasons off the top of my head.

• Bundled or additional services: indirect channel sellers can offer bundles, configuration, management, bulk discounts, and other things that make it a smoother experience than a direct purchase.

• Negotiation leverage: an indirect partner likely transacts a number of vendors, but also a number of deals that give visibility into the best pricing strategies.  Something you absolutely won’t get from a direct team.

There are certainly down-sides, but this isn’t that article.

But far more importantly, the indirect channel is really prevalent because of the benefits it offers the vendor:

‍

So… how does this work?

The indirect channel of tech sales is broken down into a couple types of roles. Each of these tends to serve a specific type of partner and a specific revenue model.  Follow the money!

You can generally break down indirect programs into a couple different categories:

• Reseller: Exactly what it sounds like. They are usually partnering with distributors or directly with vendors, marking up the cost of a product, layering on some kind of additional value (hopefully), and consolidating billing for the end customer. Their revenue comes from the markup on the product, and they are usually responsible for collecting payment. This can be further broken down into System Integrators, MSPs, and other more unique cases.
• Referral Program: Generally, the referral partner finds a company interested in a product, links the customer up with the vendor, and gets paid a commission based on some amount.  Usually it’s a percentage of the first contract value without expansion or upsells from the vendor. Contracting is usually directly through the vendor’s contracting. Throw in affiliate into this category as well, but the two programs can be distinct based on the terms.
• Government: What it sounds like, special contracts and access for federal or state goverments. Shake up the two above and sprinkle in some other random bits, because this gets unique to the contracting mechanism of the government entity.

Distributors

Now lets start getting practical. Different distributors tend to serve different revenue models. You can partner with the ones that align with your individual go to market:

• Enterprise resale: Ingram Micro, TD Synnex, Arrow, D&H, Exclusive Networks, Climb, Liquid PC, AppDirect, the list goes on.  These distributors make distribution arrangements with vendors (duh!) but also usually offer specialty expertise in those products. You partner with them and after a credit check, they consolidate billing for vendors and slightly markup quotes that get sent to them, and process orders for you as a partner.  They usually have technical resources for the vendors they partner with, but that support has various levels of satisfaction as margins compress across the industry and PE tries to scale.
  
  • Watch out for:
    
    • Credit. Unless you are established, you will start with a $0 credit line and be required to pay for the full contract value up-front. There are financing programs to help both you and a client do this, but think about the applications just like applying for a loan from a bank.  Pretty detailed.
    • Collecting payments. If your client doesn’t pay you for the product, you generally still owe the distributor/vendor for the full term.  Same if the client goes bankrupt. You are placing yourself to assume risk in order to make money, so the vendor is basically using you to generate leads and collect payments while making their revenue safer.
    • Quoting turn around. Some distributors are so big you will wait days for the quote that comes from a vendor to be processed.  Not always, but it will usually happen right when you don’t want it to.
    • Vendor access.  Even if you are a partner with the distributor you still have to apply and be approved for individual partner programs for the vendor (most of the time). So there can be decent overhead managing the different training and quota requirements.
• Enterprise Referral: Avant, Telarus, Intelysis are examples.  Some of these are hybrid and offer hardware in the traditional reseller way. But these vendors USUALLY focus on services rather than products.  Think Telecom, Cloud, Data Center, MSPs, MSSPs, etc.  These contracts work different than resale because you register with the distributor, and you get paid a referral commission for the lifetime of the opportunity including upsell/cross sell of services by the vendor. That kind of commitment is ALSO why the availability of vendors can be limited to those whose businesses align with this model.
  
  • Watch out for:
    
    • Vendor selection. Since they focus on services, they are strong in some categories but weak in others.  If you want to sell EDR licensing a client wants to manage, you won’t be getting it through these vendors.
    • MSP: I’ll throw this in a separate category because even between distributors the TYPE of licenses you can buy through them may be different.  Pax8 and Sherweb (among others) are examples focus on MSPs, so the products you buy from them will usually only be available if you are managing a multi-tenant environment for your customers.
    • Direct: Not a distributor, but many vendors have direct programs. You just apply through their partner page and the types of partnerships can be leveraged depending on what they offer.

So what?

Yea, this is a lot of information so let’s tie it back to our goal: understanding the vendor space to navigate it better. If you are working with a vendor and trying to get a quote, there is a lot happening behind the scenes. That partner registered the opportunity for the company looking to buy with the vendor, working through a distributor or direct agreement, and trying to balance their requirements for the partner programs they have joined.

This is why you see some companies specialize in a specific vendor(s) in some categories. When you are working with a reseller/agency/MSP, you should consider what their compensation type is from the vendor as well as any distributors they are working through. If they are offering a really cheap quote for a product, expect their harder sell to be for services. If they are strictly a reseller, they may be more limited at in-house technical support if the end client doesn’t want to use the vendor’s support path.

• Resellers
  
  • What they do: buy products through distributors for discount pricing, add services (sometimes), and resell to the end user.
  • Revenue Model: Margin on resale
  • Typical Behavior: Own the transaction, handle procurement, often submit quote requests on behalf of clients.
  • Examples: CDW, SHI, Insight, smaller boutique VARs (Charting Cyber, anyone?)
• Referral Partners/Agencies
  
  • What They Do:
  • Revenue Model:
  • Typical Behavior: Stay hands-off after intro; value is in client trust and early-stage guidance, vendor strategy discussions
  • Examples: Companies partnered with Telarus, Avant, Intelisys which means generally independent consultants with affiliate/referral agreements
• Systems Integrators
  
  • What They Do: Design and implement complex solutions involving multiple vendors or tools
  • Revenue Model: Professional services and potential resale, but focused on implementation for resale opportunities
  • Typical Behavior: Deep technical capabilities, often project based. May not own licensing unless paired with a VAR or distributor.
  • Examples: Accenture, Deloitte, Booz Allen, smaller boutique SIs
• MSPs/MSSPs
  
  • What They Do: Provide ongoing operations/monitoring/support, may bundle third-party products
  • Revenue Model: Recurring managed service contracts and potential margin on tools
  • Typical Behavior: Clients don’t always know toolset up front, focused more on the outcome
  • Examples: Agile Blue, Arctic Wolf, Red Canary, eSentire, smaller MSPs/MSSPs

‍

These are not hard and fast rules as it’s far more common to find some kind of “hybrid” functionality. You don’t need to memorize every vendor’s revenue model or master every distributor’s portal. But you do need to understand where the money flows, where you bring value, and where you’re getting cut out of the deal.

‍

Navigating the sales process (without losing your soul or sanity)

Now to the nitty gritty: how to actually expedite demos and sales conversations. If you’ve read above, you should understand there are lots of conflicting priorities from the sales side. But most of them are all focused on revenue. So here is the super-secret strategy to expedite conversations for your clients:

Tell the vendor what they want to hear

I’m not kidding, but I also mean that in a different way than you think.

The sales funnel concept that most vendors follow starts with “target” companies they THINK will buy their solution. These potential sales fill the “top of funnel”. As the funnel goes down, there are different steps that indicate the likelihood of actually selling something. The further you get in the funnel, the more attention the potential sale garners in the vendor organization.  The more likely to close and the larger the sale, the more high-paid people get on calls. That means more people able to answer your questions.

But this comes at a cost: what if you just want to see if the vendor price is achievable at all? Pricing is usually one of the last steps because vendors want to make sure you can “see the value” of their product, and not focus only on price. If you click the “Schedule a Demo” button on a vendor site, there is high likelihood the person you are talking to (likely a Business Development Representative or BDR) can’t even make a quote or understand their pricing. Their only job is to find “qualified” opportunities.

A “qualified” opportunity USUALLY means that they meet some standard, and the most common I’ve seen is BANT:

• Budget: does the company size and potential budget allocation for this initiative meet the general target customer profile for the vendor?
• Authority: does the person inquiring have the authority to procure, or is it some random analyst who saw a presentation at a conference?
• Need: Does our product actually fit an active need, or is this a random Tuesday and the security team wants to see something cool?
• Timeline: When are they looking to make this decision? Is there some compelling event driving this, or is this just a conversation?

‍

If you noticed one of the items is budget but also realize you may not know how much the solution costs… ding ding! Catch-22s like that fill the sales process.

‍

So to tell the vendor what they want, assemble all that information yourself.  The BDR will always push for a 30 minute call. But getting an email or conversation like the following usually blows their mind:

Hi Vendor X,

My name is Adrian and I’m a fractional CISO working with Company XYZ (Partial authority). We are currently focusing on improving the cybersecurity maturity across the organization, and your product has come up as a potential fit for <something they do and you need> (Need). We don’t have a budget allocated currently, but there are a number of different initiatives we have put in place over the last year (partial budget, demonstrates you aren’t a tire kicker). We would like to validate your solution meets our needs as well as discuss ballpark pricing to ensure a fit. Cybersecurity is a current executive focus (more authority), and this is the next item on our roadmap (time). We’d like to save ourselves time and cut right to a conversation with someone who can help discuss the product and pricing, if possible.

Thanks,
Adrian Tilston
<My super sweet signature block>

‍

Four out of five times, this gets me past the BDR and passed to the person we want to talk to: the Account Engineer. That person is usually the customer-facing side that manages the client interaction. The more technical version of that role is the Solution Engineer, or some other similar term.  If you want to have a technical conversation as well, be sure to ask for that person on the call.

Why does this work? Because the initial steps of the sales process are designed to get the information I just told them. Most of the other steps of the sales process are built the same way:

Qualify -> Initial sales conversation -> Demo -> Proof of Value -> Contracting/Legal -> Close

I shouldn’t have to say it but I will: be honest. I didn’t say we had budgeted 1 Million dollars for this. I didn’t say we wanted to buy by the end of the week. I gave enough information that indicates we are serious buyers and check enough boxes to make it worth taking a call.

‍

Now just continue to be honest but firm:

“We aren’t likely to buy this quarter (or year), but would like to get budgetary pricing to request approval next year.” This helps them understand they don’t need to push you, but that they should follow up at the end of the year.

“We are currently running a selection across a couple tools in this space, but don’t want to say which ones. But if you could highlight the differentiators unique to your product, that will help us a lot.” This helps them know they have competition and should be aggressive with pricing.

“We are cash strapped, and the only way I will get this approved is if it is 10% of the list price I see online.” This will help identify if both sides should stop wasting their time.

“This company is about to cancel my fractional CISO contract because they don’t care about security at all.” This will help the AE recommend a good therapist (if you don’t have one already).

‍

This works well for direct teams, but the alternative is having an indirect partnership with the vendor. Then you just go on and register the opportunity and tell the same thing to the AE that gets assigned. Easy peasy.

‍

Advising on Cyber Tools Without Becoming The Tool

I am going to approach this by offering perspectives I have either used as a consultant or seen used by peers in this space. My overall recommendation, whether you monetize the purchase or not, should be getting the best outcome for your clients. Companies remember recommendations they buy into that don’t work. The more you become the solution to their problems, the more likely it is you will stay when key leaders transition, your clients pivot in business model, or they grow over time.

There are three obvious ways to help advise on procurement they go through:

1. Advise: place yourself as an advisor and let the vendors run the sales process, varying your involvement based on your personal desire and knowledge. This usually breaks down into a couple sub-options:
   
   1. Do nothing: provide advice on the tools to purchase and let the client security/IT/procurement team take care of selection. This obviously has pros and cons, the most major being you don’t get bogged down into sales but you also lose opportunities to be involved and provide value.
   2. Run the procurement process: Either for an hourly fee or free depending on your generosity, you can leverage your experience to drive the sales process for your clients. A full selection process is actually not that hard to run, and frankly, most LLMs will spit out some good frameworks and scorecards. Where LLMs will fail, you would likely excel: real world experience and the nuanced interpretation of how different tools reduce risk. If you aren’t getting a commission by a vendor, it’s pretty hard to see how this is a conflict of interest.
2. Go all-in: select an indirect sourcing model above (reseller, referral, systems integrator, MSP) and start making agreements. If you already know the tools you recommend to solve cybersecurity problems, you can sign up for those vendor partner programs that align with your desired amount of overhead.
3. Find a partner: LOTS of the companies running the indirect sourcing models above ALSO have partner programs. If you find a vendor you really trust that has access to a large amount of capability, you can offload the administrative burden of the sourcing onto them while separating yourself from the decision. I’ve found some key factors in maintaining “neutrality”, while also focusing on the client outcome as the end goal are:
   
   1. Be really clear about what the requirements are. If you choose an MSP for what amounts to just buying licensing, you are basically trying to smash a square peg into a round hole. Determining the requirements becomes MUCH more important when you are trying to be neutral but also recommending providers who compensate you. A little work up front will hopefully eliminate the perception of “Oh this vendor was only recommended because of the commission”.
   2. Be up-front about your partnership and commission. I say (and mean) things like “I have worked with Provider A before and have had good success with them, which is why I partnered with them. They don’t do everything, but I think you should consider them because they don’t suck.”
   3. Don’t be afraid to say “No”. If a vendor you partner with isn’t a good fit, don’t force it. It’s okay to not monetize everything if your clients win in the end.

‍

The Charting Cyber Model (and my not-so-subtle pitch)

You already earned their trust, now help them actually buy the right tools. We handle the channel madness, vendor games, and quote drama. You stay focused on strategy. We split the margin. Or don’t. Your call.

Let’s be real: none of this was supposed to be your job.

You didn’t sign up to learn channel programs, manage quote drama, or call a distributor to figure out why a client’s invoice has three different currencies on it. You just wanted to help organizations fix real security problems.

So we built a model for people like us — practitioners who advise, guide, and build, not cold-call and close.

Here’s how it works:

• You stay in control. You bring the client. You set the direction. You own the relationship. We never compete. We’re just the behind-the-scenes sourcing team that helps your recommendation actually get purchased without weird detours or sourcing delays.

• We handle the procurement chaos. Need quotes from three vendors? Done. Want to register the deal to keep your influence intact? We’ll do it. Want to avoid the "three weeks and 18 emails to get a price" loop? That’s literally why we exist.

• You get paid (if you want to). If you’re monetizing your recommendations, we split our margin with you. If you’re not? No problem: you still get the benefit of a smoother, more strategic procurement process for your client.

• No pressure. No pitch. You don’t have to use us. But if you want to stay involved, avoid the reseller roulette, and help your clients buy the tools they actually need — we make it easier.

We’re not a marketplace.

We’re not a sales team.

We’re just a bunch of cyber folks who got tired of watching good consultants get cut out of their own deals.