It’s the end of the year, and the media is busy with summarizing the year in cybersecurity- how many data breaches occurred, the total sum of money lost to cybercrime and the number of customer details leaked due to negligence or malicious activities. And behold- 2017 was worse than any year preceding it- we’ve witnessed denial-of service attacks that nearly shut down the internet, billions of dollars lost to cyber activities and companies and organization whose reputation has been so badly tarnished that it is hard to see how customers will ever trust them again.
As a cybersecurity marketer it is tempting to take this information and use it to promote your brand. You are, after all, selling solutions that will help people fight the cyber onslaught. And many marketers do use this “Fear, Uncertainty and Doubt” (or FUD) atmosphere to advocate their products and services. But as the industry grows more mature and sophisticated, this intuitive approach may actual be hindering your marketing efforts. Why? Because cybersecurity has gone mainstream. And as such there’s no shortage of news, statistics, and commentary on cyber events. And when the entire world is crying aloud about “Cyber” your voice won’t likely be heard, or worse, heard and dismissed by the same professionals you are trying to market to. Why is that? Because that audience is very peculiar when it comes to marketing. Until several years ago, cybersecurity (or, as previously known- IT Security) was a small segment of the IT market. This has slowly changed- in terms of budget, headcount, importance, and yes- self-importance. And with so much money being poured into cybersecurity startups in recent years, and companies spending big-time on cybersecurity marketing, the shy IT-security guys of the past and now the prom-kings and queens, wooed by all. And while this has no doubt elevated their self-worth, it has not changed their core-being of very technical, high-integrity professional who is not afraid to quarrel with their entire organization to achieve what they believe is the ultimate goal- improved security (Remember the dreadful password policy? That’s them). So having undergone the classic Hollywood makeover scene (unattractive girl becomes prom queen) they are highly critical and suspicious being marketed to. And this is where many marketers get it wrong. Here are few things to bear in mind when you consider your next marketing piece:
- Market to your audience
Decide if you are marketing to your end-customers (People who are using security solutions) or their manager (people who own the budget) and formulate the marketing strategy accordingly. Do not dumb down technical terms if you are marketing to a technical audience and vice versa.
- Talk about the solution, not the problem
Remember that these people know that “Cyber” is a problem. It is their livelihood. Unless you’ve found some new vulnerability or cyber-crime scheme, refrain from talking about the Cybersecurity problem.
- Thought leadership is ok, as long as you avoid triviality:
When there’s nothing specific to write about, many marketers resort to “Thought Leadership”. This serves to position their brand and raise awareness and credibility, but can also be perceived as presumptuous and condescending. It can also fall very easily into banality and boredom (as noted in the previous bullet, your audience know what cyber is, how important it is and what “Needs to be done”)- so unless you having something of substance to say, it’s best not to say anything at all (same goes to news-jacking and commenting on events and industry statistics).
- Avoid Saying “I told you so”-
If you foresaw a major catastrophe or discovered a vulnerability, don’t wait until after a major incident has occurred before sharing it with the world. Otherwise, you risk sounding like a smarty-pants know-it-all.
- Know your market category
Cybersecurity is extremely fragmented. With close to 150 product categories it is crucial that you know which category your product belongs to and focus on that category.
If a reporter approaches you to comment on a large DDoS attack and your company does encryption, you can explain that you have other expertise and politely decline to answer (do not reply an answer like yes, this was a DDoS attack, but they also needed to have better encryption. Peoples will see right through this tactic)
- Explain the differentiators
Knowing the Cybersecurity product category is important, and so is knowing and iterating what makes your product different than the others in the category. Are you simply say “My AI is better than everyone else’s” you are not helping your brand. Be specific about what your product does and how it does it (and try not to hide behind buzzwords such as AI, ML and blockchain).
- Bring value
As with every other piece of marketing content, focus on delivering value to your audience. It can be as simple as taking a long document (such as GPDR regulation) and summarizing it for the benefit of your readers. For exmaple, here at CyberDB blog we’ve created a list of over 150 LinkedIn security groups which people really loved- it saved them time and effort and provided a concrete value.
Remember that Cybersecurity has gone from virtually non-existent and un-sexy topic to the mainstream in very short time-span and that your audience is busy and selective. Focus on value and novel insights and not the obvious. And remember- no one likes being marketed to, but we all love great, relevant content.