<img alt="" src="https://secure.badb5refl.com/165368.png" style="display:none;">

The Risk-Based, Relationship-Driven Consultant

By Natalie Anderson on May 4, 2023

Subscribe to the Apptega blog

The Risk-Based, Relationship-Driven Consultant

May 4, 2023 | BY Natalie Anderson

When looking for a consultant, companies often prioritize risk analysis as the primary concern. And while risk analysis is essential, companies should also look for consultants that clearly establish their value and show how their services will simplify operations to free up resources and grow the business.  

For consultants, improving the cybersecurity posture and overall well-being of the client’s organization is crucial, but establishing a consultant-client relationship based on strong communication and trust should be an equally high priority. 

The Apptega Cybersecurity Podcast recently caught up with Michael Faas, director of strategy and risk at MorganFranklin Consulting, and James Jackson, senior manager of cybersecurity, to get their perspectives on how to build an optimal client-consultant relationship. 

The Consultant-Client Relationship 

Consultants offer companies diverse expertise across specialized areas of focus, providing additional resources to achieve faster and more effective outcomes. When searching for consultants, companies need to acknowledge the importance of both conducting risk assessments and fostering a strong relationship.  

According to Faas, “Engagements are risk-based but relationship-driven.” A consultant should act as a technical expert, capable of delivering tailored solutions and fostering a collaborative environment, but the role of consultants goes beyond providing specialized skills. Establishing a personal connection with the client helps build trust.  

Consultants should seamlessly integrate into the client's staff, contributing both to high-level strategic thinking and hands-on implementation. Companies should seek consultants that prioritize understanding the unique needs of the business and provide guidance based on their expertise.  

To cultivate a successful client-consultant relationship, it is essential to strike a balance between technical expertise and clear, transparent communication. By establishing a personal and balanced client-consultant relationship, companies can effectively manage risks and achieve transformative outcomes. 

Garnering Client Buy-In 

A strong consulting process that prioritizes a relationship-driven approach starts with identifying the problem that needs solving and understanding the unique needs of the client. This approach, laid out by Jackson, enables consultants to work backward – sometimes mapping to a framework, sometimes creating a tailored approach to further company initiatives that are already in place. 

To earn client buy-in, consultants must demonstrate how they can help their clients progress to the next level. This involves asking the right questions and addressing pain points, rather than offering a predetermined set of solutions. Consultants should strive to learn about the client’s business and uncover opportunities for protection and improvement.  

Furthermore, consulting is an ongoing and iterative process, with continuous improvement ingrained in every aspect from gap assessment to ongoing audits and certifications. Jackson states that, “Continuous improvement must be baked into everything that consultants can do.” 

Identifying indicators of success for clients requires defining end-point goals, involving subject matter experts and stakeholders from the outset, and maintaining transparent communication regarding the level of effort required. 

Growing Businesses Through Consulting 

By introducing cybersecurity best practices, consultants alleviate the burden on clients. Establishing trust and building a strong relationship is crucial for consultants to act as extensions of the client’s staff, facilitating vendor vetting, the creation of optimal protection strategies, and implementing the necessary controls. 

While risk remains a constant, selecting the right consultant can be a game-changer. A skilled consultant not only ensures that the client's voice is heard but also assists in enhancing their expertise and quality of business. By building a strong relationship and employing active communication and trust, consultants can effectively manage risks, bolster cybersecurity posture, and contribute to the long-term success of their client’s businesses. 

Listen to the full conversation here.  

More Resources

Walking the Line Between Compliance and Productivity in your Security Program

By focusing on cybersecurity basics to lay a strong foundation, organizations can create a proportional infosec program that doesn't harm productivity.

Learn More

The Product Pulse

Looking to learn about Apptega’s latest and greatest product updates? Well, you’re in the right place. Here’s what's new.

Learn More

Fully Automated AI-Powered vCISO Services Now Live in Apptega

Today, Apptega launched ApptegaGPT, an in-app virtual CISO service that leverages generative AI to produce recommendations for how organizations can meet their compliance obligations.

Learn More

Subscribe to Our Cybersecurity Insights