Working with our clients on a range of cybersecurity marketing efforts, from market assessment to branding and messaging to marketing program development, we set the foundation for sales to get in front of the right prospects in the right way to drive the company’s overall growth objectives. Whether selling cybersecurity products and services directly or through channel partners, today’s landscape requires being very deliberate in whom to target and how to engage with them. You need to find the most effective ways to reach, engage and nurture them with relevant information on an ongoing basis.
We’ve compiled a set of six tactics to consider as part of your cybersecurity sales and marketing efforts. Some of these come from our own client experience, and others are the result of successes from other sales leaders in the industry. Have your own cybersecurity marketing tips to share? We’d love to hear from you!
1. Don’t Assume Going to the Top Will Get You Results
While some cybersecurity companies have embraced a “bottom-up” revenue model - targeting developers, analysts, and other users of a solution - many firms still vie for the attention of executives. In marketing products and services in general, it’s easy to assume that going “to the top” will get you faster results because the executives are the decision-makers, right? However, this is not necessarily the case when marketing cybersecurity products and services. While the executives may love your pitch and think your products have value, they will often pass the purchase decision down to middle management or the technical and engineering teams. Security is complicated and must take into account adherence to standards bodies, compliance, current existing infrastructure, and vendor compatibility.
In government, for example, it is almost always assured that the top executives will pass purchase decisions off to their direct reports. Charles Booth, Vice President of Sales in the IoT, Cybersecurity, and Networking departments says that top executives rarely pull the trigger when it comes to security solutions. “An executive strategic decision maker in the government sector has that power but rarely uses it,” said Booth. Having worked in the government sector for over twenty years, Booth attributes this to the executive role having an “expiration date” of 2-3 years. For executives to make a purchase decision, they would need to deeply immerse themselves in the process, which ties them up and keeps them from focusing on strategy, an integral part of an executive's job.
In a mid-market commercial environment, seasoned Sales Executive Joel Broyhill shares how important it is to remain open to targeting different personas rather than the obvious ones, especially in the early stages of a company maturing their sales and marketing functions. “We had been targeting CISOs with our solution but started to realize that some of the lines of business leaders actually had a greater vested interest in investing in our solution. We started to see success by targeting business leaders instead, and having them champion the solution with the CISO.”
Tip: By all means, pitching executives at the highest level are sometimes the best path forward, but don’t rely solely on going to the top. Much of your marketing work and sales outreach can (and often should) be focused on targeting across a range of levels within the organization.
Develop Distinct Programs for Each Security Persona
Along with the above, it is imperative to understand the various personas involved in both purchasing and using your solution and then planning the right marketing activities to support them. For example, as part of our cybersecurity marketing practice, we recently worked with a client who sold security tools to developers and designed a go-to-market that was heavily “bottom-up” versus a “top-down approach” as is typical in many non-cybersecurity markets. In this bottom-up approach, we focused our marketing efforts directly on the developers who were responsible for writing more secure software, skipping the middle-management layer altogether—or at least building the organizational groundswell first with users before moving up. Some examples of marketing tactics we included were targeting very technical keywords, creating technical content, engaging on GitHub and Stack Overflow, and going to developer Meetups, among others.
Tip: Deeply immerse yourself in the buyer personas engaged in both using and purchasing your solutions. Then, focus your marketing efforts where you will get the most bang for your buck, and build that into your marketing and sales enablement plans.
3. Use Trade Shows for Show, and Verticals for Progress
While attending the larger cybersecurity industry events is a necessary element of marketing for many, it tends to help more with building brand awareness of your company rather than having an immediate impact on your pipeline. Let’s face it – the cybersecurity market is crowded and noisy. As such, unless companies invest in a robust, multi-channel lead generation plan for their presence at larger events, it’s common for very few “hot leads” to come through.
Matthew Fisch, Cybersecurity Consultant and SVP Sales for security company Towerwall, Inc. emphasize that getting in front of the right buyers requires you to “swim in their lane.” Matthew says you need to engage and hang out where they hang out, and not just attend security-focused events.
“If I want to sell into the banking or financial vertical, for example, I find events that they all go to, I get to know them, listen to them, and then build a real relationship,” said Fisch. “Then, when the topic of security comes up, I act as an advisor to help them build business solutions, whether it’s with my company or recommending products and services that I’m familiar with from being immersed in the industry. This builds trust and you can bet when they are ready to buy, I’m on their short list.”
Tip: Swim in your customer’s lane by finding the industry-focused events they frequent and attend them as an engaged participant. While there, introduce yourself and talk with them about the key issues they face. Learn to speak their language and build a relationship. Later, you can follow up with suggested security solutions positioned to them around the specific problems you know they face.
4. Create Vertical-Focused Cybersecurity Marketing Strategies
While vertical marketing strategies are commonplace due to their effectiveness, many smaller cybersecurity firms still shy away from narrowing their focus to a few key verticals for fear of alienating a potential prospect that does not fall within those parameters. Instead, they may focus on the pain points their solution addresses across sectors, and treat verticals as an afterthought. This approach is generally not sufficient to stand out in the cybersecurity space. Why? Since most buyers of cybersecurity products face the same pain points, too many vendors end up sounding the same. Buyers of security solutions all want secure end-points, a secure network, the ability to detect a breach, secure software development practices, strong governance, remediation policies in place, and the ability to gain rapid insights when a breach does occur, to name a few.
With so many vendors pitching their solutions, the cybersecurity space can be noisy and confusing with little differentiation in messaging, which can quickly become frustrating for buyers.
Instead, marketers should focus on topics their prospects care about, relevant to each target vertical. If a target buyer is a hospital, focus on topics they care about, such as HIPAA. If it’s a government target, focus on the standards they must adhere to, such as JITC (Joint Interoperability Test Command) or TAA (Trade Agreement Act). Discuss cybersecurity solutions from the buyer’s perspective, relevant to their day-to-day - and to do so in their language.
Tip: Leverage sales intelligence tools such as DiscoverOrg to develop industry vertical segmentation with tight targeting and associated list development, and create specialized content and campaigns accordingly.
5. Follow Up with Content Containing Substance, Not Glitz
Done right, a technical white paper can be very useful for engaging technically oriented prospects. It provides detailed, high-value information that the customer cares about while positioning the company as a thought leader, which drives credibility in support of sales. Keep in mind that you should not use a valuable white paper for cold, top-of-funnel lead generation, as it may never get the attention it deserves. Instead, use it as a follow-up from other lead generation efforts, whether digital advertising campaigns or an in-person interaction. This may sound obvious, but you’d be surprised how many marketers use white papers as first-touch lead generation activities, and then follow-up after customer visits or other interactions with glossy, shiny marketing material. By all means, include the glitz, but be sure to leave prospects with a substance they can use.
One method Matthew Fish used with great success was a white paper he authored on GDPR, which he used to start conversations with key executives at the vertical-focused events he attended. “I’d follow up after in-person interactions with key executives by giving them my GDPR white paper, which they found very useful,” said Fish. “And now they know me and trust that I know their pain points on this subject. That makes it a lot easier to let them know what my company does and how our products can help them.”
Tip: Build into your cybersecurity content marketing plan a list of topics that would provide value to your customers based on issues they face on a daily basis. Once these assets are created, use this content to nurture new and existing prospects.
6. Find Creative Ways to Showcase Customer Successes
Marketing teams in every cybersecurity company know the challenges around case studies and testimonials in this market. Customers are often reluctant to announce to the world what products and solutions they use to keep their organizations secure. While the reason is obvious – inviting a breach from a hacker who knows the loopholes – it leaves cybersecurity marketers with a problem. How can you maximize the value of a happy and satisfied customer for prospecting efforts?
One way to help prospects understand the benefits of your solution without explicitly naming them is to write use case oriented thought leadership articles based on client engagement but anonymized and with broader best practices referenced. This serves as high-value content as well as education around the challenges presented and a solution offered.
Another way to get your name out there without having your customer reveal any security secrets is to invite clients to discuss trends in published content, ideally in alignment with your solutions, even if they don’t reference them directly. This is particularly valuable for high-profile clients, such as F500 or other well-known entities.
Tip: Be creative in finding ways to showcase your solution’s value in the customer’s voice and “promote” a happy customer without having them tout your products overtly. The simple association with them can get you noticed.