CISOnation: What’s your USSP™?
At Ambassador Solutions we began developing the Unique Security Selling Proposition™ (USSP™) concept before the Equifax breach went public. Any doubts about its validity were erased once the Mother of All Breaches (“MOAB”) occurred. The USSP™ concept is built upon two fundamental beliefs:
- It will become increasingly difficult for businesses to sell their goods and services without first demonstrating that they’ve taken adequate measures to protect their customers’ information;
- Some of the biggest business winners in our hyper cybersecurity conscious world will be those who go on the offense by creating a Unique Security Selling Proposition™ to set themselves apart from their competition.
Creating a USSP™: Proposition and Benefit
So, how might a business go about creating a USSP™? Let’s start with a little historical perspective. USSP™ traces its roots back to the original USP (“Unique Selling Proposition”), developed by advertising genius Robert Reeves of Ted Bates & Company (circa 1940’s). Reeves observed that successful ads must make a proposition to the consumer by saying, “Buy this product, for this specific benefit.” Such a proposition (USP) should contain three elements:
- Specific…what’s in it for me?
- Unique…something that competitors either don’t have or aren’t claiming
- Compelling…strong enough to move prospects to action
Here are some great examples of specific, unique and compelling USPs that powered some of the most successful advertising campaigns in history:
- “When it absolutely, positively has to be there overnight” (FedX)
- “We’re number two. We try harder.” (Avis)
- “15 Minutes Could Save You 15 Percent or More on Car Insurance.” (Geico)
Consider what specific benefit is being sold in these ads:
- FedEx is selling peace of mind;
- Avis is selling better customer service plus the satisfaction of helping the underdog;
- Geico is selling both time and money savings.
What Would Give Customers Peace of Mind?
Peace of mind is likely high on the checklist of most prospects for your products and services, so let’s see if we can structure a USSP™ with that in mind. What could you offer your customers that would be unique and compelling, while giving them peace of mind regarding their cybersecurity concerns?
Asked another way, what are your competitors NOT offering their customers that could potentially give them peace of mind regarding their cybersecurity concerns?
Not easy questions, but the effort to answer them could greatly reward those who stick with it. No doubt, executives from Equifax, TransUnion and Experian have been answering similar questions from major financial institutions around the world. By utilizing the credit reporting services of the “Big 3,” those institutions put their customers’ most confidential information at risk. They must have the peace of mind of knowing that they’re doing everything possible to protect it. And then came the MOAB…
How could Equifax turn the worst crisis its 108-year history into their greatest strategic advantage going forward? By being very transparent about mistakes made and lessons learned, Equifax could actually gain market share in the coming years. They are uniquely positioned to create a USSP™ that no competitor can possibly match. After all, there’s only one MOAB at the moment and Equifax owns it. Also, note the current stock price (as of October 31, 2017) is still 75 percent of what it was the day before the MOAB was disclosed. So, the market seems to be saying the company is seriously wounded, but likely to survive.
With peace of mind being the specific targeted benefit, Equifax might want to consider these USSPs™:
- We’ve lost enough sleep for both of us.
- Once burned, once learned. Can we talk?
- Woulda, Shoulda, Coulda…DONE!
- The most secure place on planet earth
- We learned from our mistakes. Now it’s your turn.
- Free lessons learned…priceless
Set Yourself Apart from Your Competition
You get the idea. To help you begin to formulate your organization’s USSP™, here are some things you can do now to begin setting yourself apart from the competition:
- Put an outside InfoSec executive on your board of directors;
- Consider utilizing an independent cybersecurity awareness and compliance platform like DEFCON Cyber™ to constantly monitor your InfoSec environments so you can provide your customers with a current risk assessment at anytime;
- Eliminate the well-established conflict-of-interest by moving your CISO out from under the CIO organization;
- Make cybersecurity awareness training AND testing mandatory for all employees and contractors.
When it comes to cybersecurity, the best defense really can be a great offense. That’s why we encourage all organizations to go on the offense by creating a Unique Security Selling Proposition, then communicate and execute it flawlessly. Ready…Set…Omaha…Hut!
What do I do Now?
Struggling to come up with your own USSP™? Perhaps we can help. We offer courtesy USSP™ phone consultations to CISOnation members and InfoSec executive search clients.
Just click complete the form below and click “Get USSP™ Help” to get started.