I do a lot of work with IT Security Vendors. It’s a fascinating place to be a marketer. There is no doubt, IT Security is a very technical market. And one that might change more continuously than any other B2B market I know. Of course, we all know that there are individuals and countries that are motivated to break into our most important network and systems and either steal our data, disrupt our operations or both. And whether their motivation is profit, political gain, warfare, espionage or fame, they are more networked, smarter and better resourced than ever. The non-stop battle between good guys and bad guys is a treadmill that has launched and fueled companies like Palo Alto Networks, FireEye, Barracuda and countless others small and large for the last decade.
A critical question that faces all IT Security companies is how to break through the noise and the crowd and be heard and noticed. In a few short months 30,000+ people will descend on the Moscone Convention Center in San Francisco for the annual RSA Conference, the largest event in the global IT Security industry. Along with the 30,000 attendees, over 500 exhibitors will vie for their attention over four exhibit halls. Several hundred more will try to bootstrap some attention with offsite meetings, parties and even a few stunts. It was in this exact environment that FireEye successfully launched in 2009 with their “Advanced Threat Protection”. I will bet about anything that seven years later, you won’t be able to walk more than 10 feet in any direction without seeing some variation or combination of at least two of these three words. In fact, of the 505 exhibitors listed at http://www.rsaconference.com/events/us16/expo-sponsors/exhibitor-list, 385, or nearly 80% describe themselves with one or more of these combinations. (thanks to the Import.io service for making this analysis easy) But that’s the old news.
How then to stand out? It’s hard. But what works is to deeply understand the reality of the IT Security buyers and practitioners world. What has changed that impacts their success or failure? What are the key business initiatives they need to support? What’s changed in the world we live in that is making their job harder or easier? In 2009, FireEye stood out because they were the first to stand up and yell what everyone knew, the threats had changed but the ability to defend against them had not. With that context in mind, there are five things I’d shout about if I were one of the five hundred vendors on the show floor. Some of these topics are new, many are not, and finding my unique value is a second step, but first, let’s discuss what’s going on that is impacting the customer’s world –
1) The IT Sec Skills Gap – There is a tremendous shortage of IT Security people in the US and globally. The demand has simply outstripped the supply. As my friends at Seculert have pointed out, their are over 300,000 unfilled IT Security jobs in the US today, and that number is projected to grow to 1.5 Million by 2020! Hmmm, think you are going to hire your way out of your problems?
2) The Era of Ubiquitous, High speed, Always on Connectivity – this has been coming for a long time, but is now hitting a tipping point. Just yesterday, the Wall Street Journal wrote about this yesterday in an article entitled: The Future of Public Wi-Fi: What to Do Before Using Free, Fast Hot Spots , in which they reported;
…it’s one of the first parts of New York City to turn old phone booths into hot spots. In the months ahead, they’ll cover the city like graffiti in the 80s, meaning I can walk around town using fast, free Wi-Fi—not Verizon ’s slow, pricey data. Even better, it uses a new technology to automatically connect when I’m in range. No need to re-login.
At the same time, thanks to data from my friends at Skycure, we know just how risky public Wifi networks can be. Are we ready for our CEO to walk through Manhattan skipping carelessly and happily from Network to Network?
3) The Maturing of the Digital Natives – Digital Natives are taking over the workforce. Research show that while they are concern and skeptical about privacy and security in their use of devices and services, they have an almost defeatist attitude to the situation. As InfoSec magazine reported here, the new employee is more capable, more skeptical but lazier than their older Digital “Immigrant” co-workers. Think your workforce of the future is better prepared, able and willing to help you manage risk?
4) The Board Cares, of Course it Does – As Fidelis and Ponemon point out in the studies found here, and has been confirmed in countless other studies and reports, Boards care. The Target breach opened the eyes of boards, and the potential damage to brand, reputation and financial liability has more than gotten their attention, it’s now near the top of the list, and might be the biggest risk that any board needs to manage. This has changed the life of the CISO and his team dramatically, it’s increased both visibility, and often resources. If the CISO was asking for a “seat at the table”, he’s got it now. Just how hot that seat is, it just depends…
5) Past Prevention – We get sick. We will get sick. Every good doctor knows that sometime the bugs move faster than the body can defend against them. We are finally admitting this in our approach to IT Security. We can invest and invest in prevention, but the one that gets through is the one that can steal our data and disrupt our business. We must become not just protected but responsive, we can get sick, but we can’t let the infection win.
ONTO THE SHOW!…
To the 30,000 people at Moscone next month, none of the above will be shocking or surprising or even new. But the smart vendors are the ones who can teach us more about these mega-trends, what it means to buyers and how they can relate their value to what the buyer needs, not on the show floor, but back at the office. In 2009 IT Security knew the threat was changing. FireEye got in front of this parade and has rode it to great success with their solutions. Who will start the parade to market success this year at RSA? I don’t know, but I think they will be talking about one or more of the topics above, and doing it in a unique and meaningful way. It ain’t easy, but it’s doable and it is what it takes to rise above the noise of 500 vendors and 30000 customers. See you in the crowd next month!