While many core marketing principles apply regardless of sector, planning how to market a security company effectively is a bit different than marketing other solutions. Critical to driving growth is having the right segmentation strategy, positioning, brand visibility and demand generation plans.
Magnetude recently published an eBook on “How to Market a Security Company” that walks through key steps for planning cyber security marketing efforts – including tips for getting started and examples of what’s working for others.
Below are a few of the highlights from the eBook.
When we work with our clients on target market prioritization and segmentation, we’re often aiming to hone in on a narrower slice of the market than they typically set out to target—and then creating educational content and launching demand generation programs around it. In the cyber security world, at the enterprise level, you have the CIO or CTO, the CISO, and then the department managers and analysts. At the SMB level, firms have a smaller security staff and might be targeting an IT director with limited security knowledge, or even targeting a non-technical CXO or a third party who manages part or all of the security function.
While reaching the C-suite and speaking directly with the financial decision-maker is the goal of many firms in the cyber security market, it is important to remember that many CIOs and CISOs have potential vendors suggested to them by their teams.
Once you have established your targets, you need to determine how these buyers make decisions. There are a wide variety of possible vehicles, from industry-specific security web sites to broad paid advertising campaigns. In general terms, advertising channels like Google AdWords can cast the widest net, but they can be expensive and not as targeted as other options. In the cyber security market, many of the keywords are extremely competitive and command premium prices. Unless you have a large budget, we usually help clients identify long-tail keyword phrases where they can get better positions at a lower price. There are also a number of great industry websites that cover security, but like Google AdWords, competition is high.
The good news is social media posts are one of the least expensive ways companies can reach prospects and begin a conversation. In our recent blog, Nine Reasons for B2B SMBs CEOs to Invest in Their Social Media Presence, we review why and how leaders should use social media posts to establish thought leadership and start communicating with prospects. For companies more focused on rapidly uncovering new sales opportunities, we’ve seen success with highly targeted and personalized email nurture campaigns. Tight targeting, differentiated messaging and thought leadership are key.
Finding the right message for your audience is particularly effective when you’re telling them something they don’t know and relating it to an existing need. When the Mirai virus was used in the Dyn DDoS attack in the fall of 2016, savvy security firms were reaching out with blogs and emails telling companies how to protect their network from DDoS attacks and secure their IoT devices. After the recent global WannaCrypt/ WannaCry ransomware attacks in May of 2017, timely messages on protecting the network and improving corporate security postures were being written before the virus had crossed the Atlantic.
Content should be relevant, timely and provide value to your readers. To be effective, your content should touch on the pain points your security prospects are facing—the talent shortage, the lack of confidence in how tools are being used, or the volumes of security threats that go undetected or de-prioritized.
A 2017 Cisco Security Report found that: “74% [of security professionals] believe their tools are very or extremely effective in blocking known security threats. The problem: Confidence in tools does not necessarily transfer to effective security.”
While this is just one example, insights like these should be taken into account to drive thought leadership content, refine your messaging, or even help inform the solutions you offer.
While these steps serve as the foundations for a good program, they will only achieve marginal results unless you add the final key ingredient: persistence. One of the biggest issues we see is when firms expect immediate results; unfortunately, the security market does not work that way. Security firms have an average sales cycle between six to twelve months, sometimes longer. In addition, security solutions often require more vetting and consideration than other purchases given their nature.
For many firms, but especially for compliant (PCI, HIPAA, SEC/SOX, etc.) organizations, cyber security is frequently the top concern that keeps management up at night. Bringing a new technology and company into their environment creates the standard fear, uncertainty and doubt (FUD) reaction.
Security companies must overcome this reaction through a combination of superior technology and sales & marketing skills – specifically the ability to establish trust. Trust does not happen overnight. It requires time, exposure and commitment. To get into the consideration set for a purchase, you have to already have that brand awareness and affinity in place before the buyer is starting their selection process.
With cyber security clients spanning network security, mobile security, SIEM, threat detection and more, Magnetude Consulting can lead a range of cyber security marketing initiatives, often working with clients on an ongoing basis to support go-to-market efforts.
For a more in-depth perspective into how the cyber security market is evolving and how best to position and market your firm, download our eBook, “How to Market a Cyber Security Company”.