INDUSTRY VIEW
Why should a VAR care about VAR? Value-added resellers and other channel players have long focused on value propositions built around complementary services. By focusing on Value at Risk( which from here on I shall call“ VAR”), these partners can demonstrate to customers the value of a long-term security relationship. The VAR approach involves quantifying the real-world costs of their inaction. Through cyber-risk quantification( CRQ), the channel can guide customers to an understanding of the potential for lost revenue and the likelihood of that loss occurring. For a business leader, numbers talk, so if the channel can express threats and risks in financial terms, potential customers will begin to think in terms of the impact of inaction rather than the expense of action.
The truth is many enterprises lack a formal mechanism to categorise risks or to amend those categorisations over time. In a surprising number of cases, C-level executives gain cyber-awareness from the headlines. After a high-profile incident happens to somebody else, internal due diligence involves investigating whether the organisation has the same vulnerability as the headline victim. In early 2025, the UAE Cyber Security Council warned that more than 223,800 domestically hosted digital assets were vulnerable and reported that half of all critical vulnerabilities had lain unpatched for more than five years. This situation will go unaddressed if we wait for more headlines.
The challenge faced by value-adding partners is how to inspire customers to action. Connecting money spent to risk averted is a strong starting point. Another bold step is to work with customers to quantify their risks and to use these quantifications to prioritise budget allocation. If you find they have two issues with potential business impacts but one has a 10 % chance of impact and the other a 20 %
INTELLIGENT TECH CHANNELS MIDDLE EAST AND AFRICA 35