Software supply chain security is one of the hottest topics on the agenda right now so, together with our partners, we took the issue on the road in a series of events that got everyone talking about how we can solve the SCS challenge.
Software supply chain security (SCS) has been hitting the headlines. High-profile breaches have caused enormous damage, ranging from disrupted services and loss of reputation to the huge financial impact of class action lawsuits. This has alerted executive leaders from the business right up to the board level about the need to address the real and growing risks.
As malicious actors continue targeting popular open-source packages that developers use every day, it has never been clearer that security is everyone’s responsibility and must be shared between developers, security, and IT teams. However, with relentless pressure to release software fast, developers and AppSec teams need intelligent tools that protect code without compromising productivity.
Checkmarx Partners were keen to bring the discussion right to the doorsteps of customers and prospects to share Checkmarx SCS expertise and offer practical solutions that allow organizations to use open source code safely. The result of this ambition was a series of roadshows that brought together senior security leaders and professionals for education, networking, and best-practice sharing.
The Checkmarx Channel Marketing Team made these events easy for our Partners to execute by providing go-to-market materials and resources to help promote the roadshows. The series of events across the Middle East and Asia welcomed a highly engaged audience of senior cybersecurity professionals and were a good opportunity for Partners to build new business relationships and showcase their expertise.
Vivien Lim, APAC Partner Marketing Lead at Checkmarx, oversaw the roadshows and noted some key takeaways that will be valuable to other Partners aiming to build awareness in this space:
- Aim for interactive education: This is a new and complex topic, so there’s a lot to learn, but we wanted to make the roadshows interactive. Often, in-person events follow a format of presentations where attendees listen and ask questions at the end. However, we aimed to keep things open, rather than being dominated by a single speaker. This allowed attendees to talk freely about their problems and enabled Checkmarx and our Partners to better understand how to help them. We also encouraged senior personnel to attend and network with attendees. Our North America CISO, Peter Chestna, joined some of the events and shared his insights. Reflecting on the event, he said: “I was honored to be part of this roadshow. As a company, we were excited to hear from business leaders about their application security challenges, share evolving threat information, and show how together (with Checkmarx and our Partners) we can help get more secure outcomes from their modern application development.”
- It’s all about the customer—not just our solution: To gain a real understanding of the challenges facing customers and prospects it is essential that we listen. We need to understand the practical issues on the ground and the biggest pain points. It is only by listening to what forward-looking business leaders are saying about the problems they’re experiencing that we can fully understand their challenges and work on how to best help them.
- Invite forward-looking business leader attendees: It is a testament to the scale and severity of this problem that it isn’t just CIOs that are interested. This is a conversation that is happening urgently at all levels within businesses. CEOs, CISOs, CTOs, and even CFOs attended the roadshows, bringing a range of broader concerns like compliance and reputation management. There’s a clear shift in recognition that cybersecurity is everyone’s problem. It is an existential threat that isn’t just an issue for the security team.
- The event must be a true collaboration between Partner and vendor: Industry education doesn’t just come from the vendor—Partners play a crucial role. They are in-country and know what the dominant issues are. They also own the customer and prospect relationship. That means there should be a synergy between Partner and vendor effort, with the vendor showcasing partner expertise. Also, the maximum value is realized when the relationship goes beyond the event itself, when Partners invest in getting their solution architects trained on Checkmarx so they are well-positioned to support customers immediately as the opportunities arise.
- Industry collaboration is key—we must encourage an open forum across industries: There has been a paradigm shift in the etiquette around inviting competing companies to cybersecurity events. It is no longer taboo to invite companies from the same sector, because there is an understanding that everyone needs to learn from each other and share best practices—just like hackers do. There is also a new mindset in fighting cybercrime—we all need to come together to protect our industries. If we are in a position to secure our own enterprise, we need to share how we’re doing this and stand strong as an industry. The challenge that we face transcends the boundaries of commercial competition; it’s an existential threat and needs to be met with a united front.
Reflecting on the importance of a roadshow they led in Thailand with Checkmarx Partner, Get On Technology, Wootichai Poonyakanok, Get On's CEO, said, “Open-source risk has been on the rise and many enterprises are looking at how they can secure their software supply chain. The SCS Roadshow, co-hosted with Checkmarx, came at the right time for our market. Having these valuable roundtable discussions allows us to understand the challenges that our customers are facing, and how Get On Technology and Checkmarx can help enterprises with their AppSec Journey.”
Checkmarx Sales Leader (Thailand) Angkana Sawatwutthiphong agrees that now is the time to be having these important conversations with clients and identifying the leaders who are proactive about addressing SCS, saying, “With so many cyber-attacks happening because of application vulnerabilities, this roundtable discussion was timely. It allowed us to work together with Get On Technology, who specializes in application security, to share best practices with forward-looking leaders.”
The SCS partner roadshows are building connections and value across the cybersecurity industry. They are proving to be an engaging educational tool and also providing a forum for senior leaders to discuss the growing challenges of software supply chain security, network with their peers, and learn about best practices.
For partners they offer the chance to demonstrate deep expertise in the topic and build a reputation among prospects that are seeking the kind of advanced, intelligent solution Checkmarx One delivers.
Ready to host a roadshow?
If you would like to host your own roadshow to build pipeline and seize the SCS market opportunity, contact Checkmarx Channel Marketing Team.