Working with our many cybersecurity clients on a range of marketing efforts, from market assessments, branding, and messaging to marketing program development and execution, we set the foundation for sales to get in front of the right prospects in the right way to drive the client’s overall growth objectives. Whether selling cybersecurity products and services directly or through channel partners, today’s landscape requires being very precise and deliberate in targeting and engagement techniques. Targeting this hard-to-reach audience requires finding the most effective ways to contact, engage, and nurture them with relevant information on a consistent and ongoing basis.
We’ve compiled a set of six tactics to consider as part of your cybersecurity sales and marketing efforts. Some of these come from our own client experience, and others are the result of successes from other sales leaders in the industry.
While some cybersecurity companies have embraced a “bottom-up” revenue model – targeting developers, security analysts, and other users of a solution – many firms still vie for the attention of executives. In marketing products and services in general, it’s easy to assume that going “to the top” will get you faster results because the executives are the decision-makers, right? However, this is not necessarily the case when marketing cybersecurity products and services. While the executives may love your pitch and think your products have value, they will often pass the purchase decision down to middle management or the technical and engineering teams. Security is complicated and must take into account adherence to standards bodies, compliance, current existing infrastructure, and vendor compatibility.
In government, for example, it is almost always assured that the top executives will pass purchase decisions off to their direct reports. Charles Booth, vice president of sales in the IoT, Cybersecurity, and Networking space says that top executives rarely pull the trigger when it comes to security solutions. “An executive strategic decision maker in the government sector has that power but rarely uses it,” said Booth. Having worked in the government sector for over twenty years, Booth attributes this to the executive role having an “expiration date” of 2-3 years. For executives to make a purchase decision, they would need to deeply immerse themselves in the process, which ties them up and keeps them from focusing on strategy, an integral part of an executive’s job.
In a mid-market commercial environment, seasoned sales executive Joel Broyhill shares how important it is to remain open to targeting different personas rather than the obvious ones, especially in the early stages of a company maturing their sales and marketing functions. “We had been targeting CISOs with our solution but started to realize that some of the lines of business leaders actually had a greater vested interest in investing in our solution. We started to see success by targeting business leaders instead and having them champion the solution with the CISO.”
Tip: By all means, pitching executives is sometimes the best path forward, but don’t rely solely on going to the top. Much of your marketing work and sales outreach can (and often should) be focused on targeting across a range of levels within the organization. If you are targeting the top, make sure your message and content is business-focused and credible.
Along with the above, it is imperative to understand the various personas involved in both purchasing and using your solution and then plan the right marketing activities to support them. For example, as part of our cybersecurity marketing practice, we recently worked with a client who sold security tools to developers and designed a go-to-market that was heavily “bottom-up” versus a “top-down” approach as is typical in many non-cybersecurity markets. In this bottom-up approach, we focused our marketing efforts directly on the developers who were responsible for writing more secure software, skipping the middle-management layer altogether—or at least building the organizational groundswell first with users before moving up. Some examples of marketing tactics we included were targeting very technical keywords, creating technical content, engaging on GitHub and Stack Overflow, and going to developer Meetups, among others.
Tip: Deeply immerse yourself in the buyer personas engaged in both using and purchasing your solutions. Then, focus your marketing efforts where you will get the most bang for your buck, and build that into your marketing and sales enablement plans.
While attending the larger cybersecurity industry events was always a necessary element of the marketing plan, many face-to-face conferences went virtual during the pandemic. While many of the traditional tradeshows (and some new events) have returned to in-person, there is still value in virtual events.
Modern audiences don’t want old-school marketing, they want inspiring experiences, which means it’s time to break the rules and re-think what a webinar or tradeshow can be. More immersive digital experiences are still needed to engage audiences. Interactive elements like surveys, polls, games, and breakout sessions help capture the attention of audience members and at the same time, allow you to learn more about your attendee.
That doesn’t mean you skimp on great content or speakers. Carefully think through what your presence (and investment) will be for events and how to maximize the return. It may not be the right choice to blow major amounts of your marketing budget on a large event.
Matthew Fisch, cybersecurity consultant and SVP sales emphasizes that getting in front of the right buyers requires you to “swim in their lane.” Matthew says you need to engage and hang out where they hang out, and not just attend security-focused events.
“If I want to sell into the banking or financial vertical, for example, I find events that they all go to, I get to know them, listen to them, and then build a real relationship,” said Fisch. “Then, when the topic of security comes up, I act as an advisor to help them build business solutions, whether it’s with my company or recommending products and services that I’m familiar with from being immersed in the industry. This builds trust and you can bet when they are ready to buy, I’m on their short list.”
Tip: Swim in your customer’s lane by finding the industry-focused events (both live and virtual) they frequent and attend them as an engaged participant. Listen to the key issues they face. Learn to speak their language and build a relationship. Later, you can follow up with suggested security solutions positioned to them around the specific problems you know they face.
While vertical marketing strategies are commonplace due to their effectiveness, many smaller cybersecurity firms still shy away from narrowing their focus to a few key verticals for fear of alienating a potential prospect that does not fall within those parameters. Instead, they may focus on the pain points their solution addresses horizontally across sectors and treat verticals as an afterthought. This approach is generally not sufficient to stand out in the cybersecurity space. Why? Since many buyers of cybersecurity products face the same pain points, too many vendors end up sounding the same. Buyers of security solutions all want secure endpoints, a secure network, the ability to detect and respond to a breach quickly, secure software development practices, strong governance, remediation policies in place, and the ability to gain rapid insights when a breach does occur, to name a few.
With so many vendors pitching their solutions, the cybersecurity space can be noisy and confusing with little differentiation in messaging, which can quickly become frustrating for buyers.
Instead, marketers should focus on topics their prospects care about, relevant to each target vertical. If a target buyer is a hospital, focus on topics they care about, such as HIPAA. If it’s a government target, focus on the standards they must adhere to, such as JITC (Joint Interoperability Test Command) or TAA (Trade Agreement Act). Discuss cybersecurity solutions from the buyer’s perspective, relevant to their day-to-day – and to do so in their language.
Tip: Leverage sales intelligence tools such as Zoominfo or Seamless.AI to develop industry vertical segmentation with tight targeting, intent data, and associated list development, and create specialized content and campaigns accordingly.
Done right, a technical white paper can be very useful for engaging technically oriented prospects. It provides detailed, high-value information that the customer cares about while positioning the company as a thought leader, which drives credibility in support of sales. Keep in mind that you should not use a valuable white paper for cold, top-of-funnel lead generation, as it may never get the attention it deserves. Instead, use it as a follow-up from other lead generation efforts, whether digital advertising campaigns or an in-person interaction. This may sound obvious, but you’d be surprised how many marketers use white papers as first-touch lead generation activities, and then follow-up after customer visits or other interactions with glossy, shiny marketing material. By all means, include the glitz, but be sure to leave prospects with substance they can use.
One method Matthew Fish used with great success was a white paper he authored on GDPR when it first hit the industry, which he used to start conversations with key executives at the vertical-focused events he attended. “I’d follow up after in-person interactions with key executives by giving them my GDPR white paper, which they found very useful,” said Fisch. “And now they know me and trust that I know their pain points on this subject. That makes it a lot easier to let them know what my company does and how our products can help them.”
Tip: Build up your cybersecurity content marketing plan by working from a list of topics that would provide value to your customers based on issues they face on a daily basis. Once these assets are created, use this content to nurture new and existing prospects.
Marketing teams in every cybersecurity company know the challenges around case studies and testimonials in this market. Customers are often reluctant to announce to the world what products and solutions they use to keep their organizations secure. While the reason is obvious – inviting a breach from a hacker who knows the loopholes – it leaves cybersecurity marketers with a problem. How can you maximize the value of a happy and satisfied customer for prospecting efforts?
One way to help prospects understand the benefits of your solution without explicitly naming them is to write use case-oriented thought leadership articles based on client engagement but anonymized and with broader best practices referenced. This serves as high-value content as well as education around the challenges presented and a solution offered.
Another way to get your name out there without having your customer reveal any security secrets is to invite clients to discuss trends in published content, ideally in alignment with your solutions, even if they don’t reference them directly. This is particularly valuable for high-profile clients, such as F500 or other well-known entities.
Tip: Be creative in finding ways to showcase your solution’s value in the customer’s voice and “promote” a happy customer without having them tout your products overtly. The simple association with them can get you noticed.
The cybersecurity market is constantly and rapidly evolving, which makes marketing a security company challenging. In our Cybersecurity Market Outlook: Industry Trends and Insights, we highlight the key trends in cybersecurity that can help further augment your cybersecurity marketing plan and boost your sales enablement.
If you’re considering bringing on additional help with your cybersecurity marketing plans and programs, we recommend reviewing our eBook, Finding the Right Cybersecurity Marketing Partner, or you can contact us directly for an introductory chat.