Scary can create urgency
The Scream movie franchise has been a box office smash over the last 3 decades (yes, the first one was 1996!). It’s used wave after wave of dramatic storyline, unsuspecting victim and bad guy to get bums on seats. And it seems much of the cyber security market is following the playbook.
Yes, IT markets like cyber security and infosec are all about risk and exposure – and leveraging the underlying vulnerability and fear of the buyer is part of the script. But how much scaremongering is required for good business? And when is it bad for building a positive positioning?
Scary is getting scarier
For cyber sec vendors it’s all about outplaying the bad guys and not being taken-out in scene 2 – but it’s clear that things don’t always go to plan. Popular media is full of data-theft, ransomware attacks and compromises – whether it’s public services, high-profile figures or household brands. And now industry must deal with AI-generated adversaries too, with every facet of digital engagement in the threat zone. In IT security, it must seem like the Scream boxset is playing repeat.
So, it’s easy to see why impending doom is an appropriate lever for cyber sec marketing – but REALLY, does it have to be turned-up to the max and with so little respect to the brand and customer?
The pitfalls of scare mongering
Fear, uncertainty and doubt (or FUD) have been around since the birth of marketing. It’s applied to most industries – but perhaps there’s never been such a good vehicle as the security market. Here regulatory pressures and an ‘at-risk’ CIO/CTO/CiSO can lead to over-zealous scare tactics.
With shadowy underworld figures, storm clouds and a complement of hoodies, the average cybersecurity campaign can look closer to a low-budget horror flick than a b2b campaign selling a 6-figure resilience solution.
What should cybersecurity marketers look for in their marketing?
Campaign and product marketing heads should ensure their portfolio is marketed with a healthy balance of optimism/opportunity to offset the threat being faced down.
The customer takeaway should be that the solution is a force for good:
- Positioned as an enabler rather than just a defender. This avoids the overly negative positioning that impacts perception and brand.
- Serving progressive capabilities that can be promised and practiced. Telling a measured story of business liberation and beyond the value inhibitor of ‘a restrictive shield’.
- Customers are looking for subtle cues that instill cool, calm confidence. Continuity isn’t achieved with dashboards alone.
Does your marketing provide these takeaways? You may want to continue reading if you’re not sure.
Businesses need a happy ending
As we covered above, not all stories have a happy ever after. But it’s incumbent on the security vendor (and their tech marketing agency) to ensure that positive forces can (and should) prevail against these ‘mongers of doom’. After all, the modern CiSO needs to understand and believe in the fundamental promises of tech – not that there’s lots of Ghostface’s out there.
With so many threat vectors, actors and connected processes these days, the CiSO decision-making will be structured, diligent and conscious. They won’t be scared into making the purchase. Not anymore. They want to be treated in a respectful manner – making professional decisions on business exposure AND enablement.
The best approach to address this is with the optimum balance of ‘measured threat’ x ‘actionable resilience’ x ‘business state achieved’ with the solution. Not too much FUD – but similarly not over-arrogant either.
We want to avoid the genre of Scream – but likewise we don’t want to lose the edge and end up with Scary Move either.
This needs an expert b2b tech marketing agency with deep experience in cyber security. One that has proven methodologies to elevate plays and an operating model to create empathy and appetite in buyer groups.
The Rubicon Agency has significant cyber security expertise, supporting many of the leading security vendors to raise their game in security marketing.
Check out our experience in infosec.
