CyberWire Daily - The German Cybersecurity Market with Gerald Hahn
Episode Date: December 29, 2017Gerald Hahn is CEO of Softshell ag, a German cybersecurity company. He shares his insights into the market for cybersecurity products in the German market, and how US companies can best prepare themse...lves to do business, there. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Our podcast team is taking a break this week from the daily news.
But don't fret.
You can get your daily dose of cybersecurity news at our website, thecyberwire.com.
In the meantime, we've got interviews for you this week, some interesting people we've talked to throughout the year.
So stay with us.
Calling all sellers. Salesforce is hiring account executives to join us on the cutting edge of technology.
Here, innovation isn't a buzzword.
It's a way of life. You'll be solving customer challenges faster with agents,
winning with purpose, and showing the world what AI was meant to be.
Let's create the agent-first future together. Head to salesforce.com slash careers to learn more.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks. But get this.
More than 8,000 companies like Atlassian and Quora have continuous
visibility into their controls with Vanta. Here's the gist. Vanta brings automation to
evidence collection across 30 frameworks like SOC 2 and ISO 27001. They also centralize key
workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home? Black Cloak's award-winning digital executive protection platform Thank you. third of new members discover they've already been breached. Protect your executives and their
families 24-7, 365 with Black Cloak. Learn more at blackcloak.io.
We call ourselves a distributor for cybersecurity, but in our real life, we are much more incubator,
which means we bring new companies into the German-speaking
region and market. That's Gerald Hahn. He's the CEO of Softshell AG, a German company.
Our conversation centers on the differences in the cybersecurity markets between Germany and
the United States and what companies should know if they want to try to set up shop and do business
with Germans. In the end, we earn our money with selling software to our resellers and they sell it to customers, to companies.
But most of our day, we do marketing and sales and PR stuff for them.
So take us through what is the current status of the German marketplace?
Yeah, so the German marketplace for cybersecurity
is very dynamic. The market is very big. What we know is the biggest security market in the world
behind the United States with an annual volume of 15 billion euro a year. So we think this is for historical reasons.
Germans are very sensitive with their privacy and data.
Germany is always leading the privacy and data privacy discussion within Europe.
And so Germans are crazy with IT security.
They buy a lot and they try a lot in a conservative way and completely different
to the mentality in the United States. But the volume speaks for itself. It is a very great
market and it's growing incredibly. When you say it's different from the United States,
what do you mean? I only can speak as an outsider.
I only can repeat what our partners and vendors from the United States are telling us.
And that is that in the United States, companies, customers are giving new solutions a try.
They buy a solution for one year, and if it's not good, they won't renew it.
In Germany, never would ever buy
something for test reasons they always want to test it for free and then they want to play with
it and not only a little bit they are really going deep under the hood they want to know
every single bite and how it works and they want to know the source code and everything. So this is a very engineering-focused country.
And this normally surprises U.S.-based vendors
because a normal salesperson cannot really succeed here.
You always need a very technical sales guy,
an engineer with a sales mentality
who can really explain within the first meeting
how the product works and which parts are used and so on. And this normally is very
unusual what I've learned for a typical American salesperson.
Yeah, that's interesting. So what is your advice for,
say, an American company who's trying to tap into that German market?
for, say, an American company who's trying to tap into that German market?
Focus on the engineering stuff.
Be ready for really deep technical questions.
And as more as they can answer within the first chat, as better it is. Because this gives customers the feeling that there is somebody who's serious and he can rely on.
And most IT guys here in Germany working for customers, they love the stuff.
They play with it also during the weekends and in the evening.
And you can catch them if you give them really a technical motivation to find out more about it.
A sales pitch normally really does not lead somewhere.
You know, we've got GDPR coming up in the coming year, in 2018.
How is that going to change things for you all there?
And what's your take on that from a global perspective?
Yeah, so GDPR is really interesting, especially cybersecurity vendors are trying to do with it.
Everybody is telling customers that they have to do something, otherwise they have to pay 20 million euro fine or 4% of their annual revenue and so on.
And they try to scare customers. But the background
is that the GDPR regulation
was led by German privacy people.
And most of the regulation within the new
GDPR law was already here in Germany with
the old data privacy laws. So it's not really new for
companies here and they always had to deal with these regulations. So nobody is scared and most
companies are already aligned with the new rules. Most companies know that it has not so much to do with technical solutions, but with organizational and structure within the company.
And so there is not really more sales or upsell because of GDPR.
It more gave law firms new customers because everybody wants to be sure that he really knows what's
coming. And so the solutions, the technical solutions and products are not really affected
by the new law. It's interesting. So Germany's already there. Germany's ahead of the game
from their position as being a leader when it comes to these sorts of privacy regulations
to begin with? Yeah, I think so. Yes. Most US-based companies expect results within the
first six or at least 12 months. And this is very challenging, not only because most companies are
not really ready for an expansion. For example, no German website, no German collaterals.
And this is something what the German market is expecting
to have at least a few German papers they can read.
Everybody speaks English, but it feels much more comfortable reading it in German.
So normally the companies need really a month before they have a few German things online.
And then they try to enter the market through the UK.
And it's not because of the Brexit.
It is because the island is an island and it always was an island within Europe.
It is really completely separated from the continent.
And so, also from their mentality, they are much closer to the United States than they are to the continental Europe.
But U.S. vendors always set their subsidiaries up in the UK and then they try to open Germany, France, Italy, Spain, Poland, etc.
And it's not working.
And after a year, they are super surprised and they give it another try.
So our suggestion is always set up a legal entity in Germany, hire a local guy, and then they take you serious. Then they know the companies that you are really
serious with the market and they have somebody to speak with in their own language. And within our
last years, we saw hundreds of vendors coming and going and also succeeding. But we never ever
saw a company succeeding here with significant revenues without having a legal entity and
German employees on the ground. So it's really important to respect the locals.
Yes, I think so. But I think this has nothing to do with Germany. I think it everywhere is the same.
I never would try to expand to the United States from, I don't know, Mexico or Argentina or so.
And I think this is a good comparison.
You need to be in the country and you need to work with locals.
Yeah, that's interesting.
It's also interesting to me how you say that we try to set up shop in the UK.
to me how you say that we try to set up shop in the UK. I think there's an odd thing with many Americans where we have a kind of a default respect for the British. We love their accent
and so on, you know. And so I think it works in that direction. And so I think maybe there's a
false assumption that, you know, that's the way we should go. It's a very interesting insight.
Yeah.
And maybe a last point and a very positive point is that our experience with Americans
are super positive.
And most Americans we have dealt with are super open, transparent, and they hold what
they told us, even if we not always agree with each other but they
are reliable and they are straightforward and this is what we really like working with with
with american companies and and u.s citizens because they are really straightforward honest
and nice to work with we have different experiences with other regions in the world, but this is what we admire most with Americans.
That's Gerald Hahn. He's the CEO at Softshell AG in Germany.
Cyber threats are evolving every second, and staying ahead is more than just a challenge. It's a necessity.
Thank you. data and ensuring your organization runs smoothly and securely. Visit ThreatLocker.com today to see how a default deny approach can keep your company safe and compliant.
And that's The Cyber Wire.
We are proudly produced in Maryland by our talented team of editors and producers.
I'm Dave Bittner. Thanks for listening.
Your business needs AI solutions that are not only ambitious, Thank you. Secure AI agents connect, prepare, and automate your data workflows, helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com.
That's ai.domo.com.