Merritt Group Blog

3 Tips for Security Vendors on Selling & Marketing to the CISO

blog image

We had the privilege of being a sponsor of the T.E.N.’s ISE® Sales and Marketing Breakfast at the RSA Conference a couple of weeks ago. In case you haven’t heard of it, this breakfast is a must attend event for sales and marketing professionals who really want to up their game to reach the CISO buyer. With more than 42,000 conference goers, 31 keynote sessions and a show floor packed with 700 security vendors, it was clear security pros were ready to hear sales and marketing tips and tricks from top CISOs.

The goal of the T.E.N. breakfast is to communicate best practices for security vendors to connect with CISOs and security decision makers. Featured at the breakfast was a panel of leading CISOs who shared real-world experiences and valuable insights about what’s important to them day-to-day and how best to approach them from a sales and marketing perspective. Here are my three big takeaways on how vendors can more effectively reach top decision makers to increase sales:

1. Help prioritize the risks that matter. C-suite priorities are all over the board. In fact, our Merritt Group “Marketing and Selling to the CISO” report found that CISOs’ most pressing security concerns vary from third-party vendor risk management to cloud security, and from data loss prevention to identity and access management. There are countless competing concerns, and a successful marketer must understand what matters most to their buyer. Frank Aiello, VP and CISO at Maximus, said it best when he explained the process of determining these priorities. Rather than immediately deciding which solutions to purchase, his team took a step back and brainstormed how they could shift their thinking. “We sat down and defined our top seven cyber risks along with the likelihood and impact on a heat map,” he said. For marketers, obtaining insights into an organization’s internal priorities can go a long way in tailoring your sales pitch to their unique needs.

2. Focus on building relationships. Despite the influx of professionals that flooded San Francisco during RSA, the security community is actually very small. With security leaders frequently floating between companies, a simple introduction provides endless possibilities. Shelbi Rombout, SVP and Deputy CISO at MasterCard explained that she will always take a call from someone she has a relationship with. Echoing these thoughts, Kevin McKenzie, VP & CISO at Dollar Tree Stores added, “I’m not looking for a product; I’m looking for a relationship.” Take the time to show your targets that you’re more than just a voice over the phone. Relationship building and nurturing can go a long way in marketing and sales conversations.

3. Look at the bigger picture. At RSA — and in everyday life — it’s easy to get caught in the hustle and bustle of endless to-do lists to tackle, meetings to attend and choices to make. When interacting with C-suite decision-makers though, it’s crucial that you cut through the noise and focus on what matters most to them: their business. Jim Nelms, CISO at LabCorp said, “Technology will come and go. What I care about is business outcomes.” Begin sales conversations by communicating how your security solutions will help the leaders accomplish their business goals. This will catch their attention, keep them engaged and show that you have a stake in the organization’s success.

Want to learn more on how to market and sell to the CISO? Check out Merritt Group’s recent articles on RSA and our “Marketing and Selling to the CISO” report for more tips.  

Topics: content marketing Security public relations performance marketing creative services 2019