Cymulate posted on 14 Jul 2020
CMO of Cymulate, VP Marketing, B2B Cyber Growth Strategist, Advisory Board, Entrepreneur, G-CMO Member
Business executives of a company find themselves in constant competition with external forces. Chief marketing officers (CMOs) fight industry competitors for market share and revenue. Human resources (HR) executives compete for talent. But those challenges don’t compare to that of the Chief information security officer (CISO), who must fight an adversary that is criminal by definition.
The security market has undergone explosive growth with over 3,500 vendors competing for attention and their share of the security budget. Today’s cybersecurity CMO must promote and differentiate their offering in a noisy, crowded market.
Like the CISO, who faces diverse adversaries, from script kiddies to state-sponsored hackers, the CMO faces diverse competitors, from startups to large, established vendors. So it’s unsurprising that this environment creates stress and fatigue, resulting in the majority (55%) of CISOs leaving their roles in less than three years, while the average tenure of a CMO is about 3.5 years. That of a CEO, however, is just over seven years.
Further, the Covid-19 pandemic has created grave consequences globally and unique circumstances for change. For CISOs, it has changed the definition of the network and assets they are required to protect, due to the transition of a workforce now working from home and their use of personally owned devices and networks. CISOs have also had to manage the personal and occupational impacts of the pandemic on their team. This has created an advantageous playground for attackers that resulted in an increase in cybercrime activity.
According to data, “Back in January, Google registered a total of 149,195 active phishing websites. In February, the number increased by 50%, being 293,235 of phishing websites registered. Comparing March to January, the number of total phishing websites spiked by 350%, hitting a number of 522,495 in total.” These new circumstances created emergency security budgets by companies that are more security-aware and mature, but they also halted spend for many other companies.
As CMOs, we have had to rethink our strategy, tactics and budgets. We’ve had to think about our customers: How would the situation impact their revenue? Would they freeze projects and decrease operational expenditure? If we hadn’t created awareness so far, what would be the likelihood of catching their attention now? Should we transfer efforts from lead generation to pipeline acceleration, upselling and customer retention?
For the CISO, the work-from-home environment puts more emphasis on employees. Scams and fraud are able to flourish where there is uncertainty — whether it is personal or related to health, job security or work — caused by the forced use of unfamiliar applications and processes or changes in authorization procedures. Many CISOs have begun to see their employee behavior, not the endpoint security, as even more critical to ensure corporate security.
The same uncertainty seems to have made people withdraw, and based on what I’ve been seeing, cybersecurity CMOs have realized that now, more than ever, it is time to move over from business to business (B2B) to business to human (B2H). We are used to selling to businesses, but people buy from people. With this in mind, vendors have started communicating with humans rather than communicating hard-sell product pitches.
As CMOs, we can focus on how we can help CISOs make their organizations more secure in light of the cybercrime surge and the current circumstances. But is there a way to create a short-term and long-term win-win situation?
I believe there is. Many companies, including the one I work for, are choosing to unconditionally help and delight without being able to forecast the return.
For example, Verint created a webpage to support customers’ pandemic-related concerns, including the monitoring of quarantines and social distancing. The company also assisted in meeting related security challenges, such as criminal activities and cyberattacks. Another company, Percepto, has committed to supporting business continuity of critical national infrastructure, such as power plants, with security and inspection capabilities provided by autonomous drones. And at Cymulate, we’ve offered free continuous security assessment services to identify weaknesses and optimize a company’s security posture.
By offering technology to help, your potential customers can test-drive your solution, and if it is indeed valuable, they will be more likely to purchase when their budgets are less constrained.
With the massive uptake of Zoom, many companies have been streaming live shows to entertain customers, partners, employees and their families at home. For example, we hosted such a virtual show, delivered by the world-famous mentalist Lior Suchard, which was meant to be an enjoyable distraction.
This crisis has also prompted professional collaboration with a zest of mutual caring. Many CISOs have created and joined groups to assist their peers in preventing and mitigating threats and breaches. In some cases, I’ve seen CMOs of cybersecurity companies facilitate roundtables, harnessing their technology and security experts. These roundtables provide a platform for CISOs to share problem-solving expertise and best practices and even get things off their chest.
In the technology ecosystem, and specifically in security, business is driven by relationships (and good products). With that, we’ve heard our prospects in recent months talk about the challenge of advocating their choice to invest in a new security solution, especially when in cost-saving mode. We realized marketing could equip prospects to demonstrate the return on investment (ROI) and prioritize spend. This is yet another way we can support our prospects’ security posture on the one hand and our pipeline acceleration on the other.
Although it’s early to reach a quantitative verdict on the business benefits of these kinds of activities, I expect these initiatives to create a win for both CISOs and CMOs.
If security vendors want to create mindshare and help the world while going about it, they can leverage this time to prove that they can help CISOs sleep better at night by making their companies safer. By giving something of value and asking for nothing in return, vendors will probably come out with stronger brand recognition based on trust, and this can lead to more customers.
Originally published on Forbes
News is out - We are excited to announce our new portfolio company, Thriver (formerly Platterz)!
Thriver develops a technological platform that assists companies in improving and strengthening their organizational culture and wellness.
Now, more than ever, it's time to move over from B2B to B2H. Companies should focus on how they can help CISOs make their organizations more secure. Is there a way to create a short-term and long-term win-win situation during difficult times?
Gily Netzer, CMO at Cymulate - Breach & Attack Simulation believe there is.
Why traditional insurance won’t work? What does it mean for the entire insurance industry? Read the full article by Tal Daskal, the co-founder and CEO of EasySend in Insurance Thought Leadership and get all the answers