30/60/90 for Enterprise AEs: Turn PoCs Into Renewals

The Enterprise AE Playbook presents a structured framework for enterprise sales in cybersecurity, emphasizing a 30/60/90 plan, proof-of-concept (PoC) strategies, and metrics for deal success.

30/60/90 Snapshot

Days 1–30 | Lock ICP & Create Signal

Refine ICP and a top-50 account list; set 3–5 triggers (funding, audits, key hires).
Launch 3 multithread sequences (champion / blocker / buyer) with MEDDICC embedded in notes.
100+ targeted touches, including partner intros; everything logged, nothing heroic.

Days 31–60 | Proof in Motion

Two qualified PoCs live with clear success criteria (session coverage > 90%).
Map 5–10 co-sell partners; 3 joint calls/webinars; track influenced pipeline.
Weekly forecast scrub with exit criteria (MEDDICC > 8/10); SE + PMM loop for objections.

Days 61–90 | Wins & Repeatability

Close 1–2 enterprise deals through an exec path (CISO alignment + paper fast-track).
Build TTV/ROI one-pager per vertical; three objection plays everyone can run.
Scope 3 expansion opps; start renewal cadence early.

Case Study: OT Vendor Sessions → Renewal & Expansion

Context: Regional healthcare provider (OT + clinical systems). Evaluation stalled over third-party vendor access into sensitive networks.

Exec re-frame: 1-page brief to CFO/CIO on unmonitored vendor sessions + audit exposure (HIPAA, ransomware blast radius).
Proof fast: 14-day monitored trial during a live maintenance window; success criteria agreed upfront.
Paper path: Used existing reseller to mirror MSA language and shorten legal; bundled year-end support credits to align budgets.

Outcome

Cycle time: −18 days vs. prior attempts (pilot → signature inside the quarter).
Renewal: 12-month term; moved from "tool" line-item to Ops-risk control owned by security.
Expansion: Phase-2 for two plants + service desk onboarding (approved plan, funding queued).

Proof

Privileged session capture: 94% (baseline 58%).
Mean time to evidence (playback): < 5 min.
Vendor access MFA: 100% enforced in pilot scope.

CIO: "Evidence in the SOC made renewal straightforward."

SecOps lead: "Playback visibility removed the procurement roadblock."

Why It Works

This framework succeeds because it replaces hope with proof. Every phase builds evidence that de-risks the next. The 30/60/90 isn't just a plan—it's a sequence of confidence-building moments that make "yes" easier than "no."