1.5 Years of Cybersecurity Buyer Research Distilled to 15 Minutes

To make customer research truly valuable, it’s so important to define clear goals from the start.

Without knowing precisely what you want to uncover, research can quickly lose focus and lead to data that sits unused.

Here’s what I set out to discover:

• Core motivations: What draws professionals to work in cybersecurity? Understanding these motivations reveals the deeper values driving their work.

• Key challenges: What are the biggest hurdles they face daily? Identifying these pain points is crucial for creating relevant solutions.

• Role-specific goals: What do they need to accomplish to succeed? Knowing their objectives helps tailor solutions that align with their priorities.

• Solution triggers: What prompts them to search for new security solutions? Recognizing these triggers helps vendors position their offerings at the right time.

• Buying barriers: What constraints prevent or delay them from buying? Understanding these obstacles enables better alignment with their needs and constraints.

• Research behavior: How do they go about finding security solutions? This insight helps shape the channels and approaches used to reach them effectively.

• Vendor preferences: How do they want vendors to engage with them? Catering to their preferences builds trust and better relationships.

• Vendor “no-no’s”: What are the biggest missteps in vendor relationships? Knowing what not to do is just as crucial for fostering loyalty.

Whether you’re a cybersecurity veteran or just stepping into the infosec world, this week's episode of Audience 1st Podcast offers valuable insights into the motivations and expectations shaping every buyer's journey.

Alright let’s get started:

Motivations in Cybersecurity:

Fixing things, mission of protection, solving complex problems, helping people: Professionals in cybersecurity often have a deep-rooted passion for problem-solving and a strong sense of duty.

They are driven by the challenge of tackling complex security issues and the satisfaction of protecting people and organizations from digital threats. It's more than just a job; it's about making a real difference in a rapidly evolving tech world.

Biggest Challenges:

Data governance, technology complexities, board presentations, skill shortages, time management, legacy tools, asset management: These challenges reflect the high-stakes, fast-paced nature of cybersecurity.

Dealing with advanced and ever-evolving technologies while ensuring compliance and managing scarce resources is a tall order. The difficulty in communicating complex tech issues to non-technical stakeholders like boards further complicates their role.

Key Goals:

Protecting crucial assets, making real-time decisions, efficient operation, quick responses: The focus here is on prioritization and agility.

Security practitioners aim to shield the most vulnerable and valuable aspects of their organization, and they need the tools and information to respond swiftly to threats. The goal is to create a security posture that's both robust and flexible.

Triggers for Evaluating Security Solutions:

New requirements, vendor dissatisfaction, emerging threats, regulatory demands, internal shifts:

These triggers are a response to the dynamic nature of the digital landscape. New threats emerge constantly, regulations change, and organizations evolve, necessitating a periodic reevaluation of security solutions.

Barriers to Buying:

Manual processes, team maturity, other priorities, clunky technology, vendor access demands: These barriers highlight the practical and operational constraints organizations face.

Whether it's the hassle of outdated processes, the maturity level of the team, competing priorities, or concerns about vendor overreach, these factors significantly influence purchasing decisions.

Buyers Journey:

Involves community discussions, events, thorough research, and vendor comparisons: This journey indicates a n eed for comprehensive and community-based decision-making. Cybersecurity professionals rely heavily on peer opinions and detailed research to navigate the crowded and complex market of security solutions.

Evaluation Process Challenges:

Tool abundance, vendor opacity, outdated techniques, budget constraints: The sheer number of tools and lack of transparency from vendors makes choosing the right solution challenging.

Coupled with budget limitations and outdated evaluation methods, the process becomes even more daunting.

Decision Criteria:

Business alignment, user experience, compliance, support, integration: These criteria underscore the need for solutions that not only meet technical requirements but also align with broader business goals, are user-friendly, comply with regulations, offer reliable support, and integrate well with existing systems.

Dislikes in Vendors:

Fear tactics, chauvinism, jargon, egos, gatekeeping, profit-first attitudes, bullying, echo chambers, misunderstanding challenges:

These dislikes point to a desire for authentic, respectful, and transparent interactions. Practitioners resent tactics that feel manipulative or disrespectful, and they want vendors who truly understand and address their unique challenges.

Likes in Vendors:

Respect, problem-solving, authentic relationships, clarity, emergency support, understanding problems, trusted information, realistic conversations, availability:

These preferences highlight the importance of trust, clarity, and support in vendor relationships. Practitioners value vendors who are not just selling a product but are committed to understanding and solving their specific problems in a transparent and supportive manner.

There you have it.

A year’s worth of insight distilled into one episode.

Certainly, there are many more nuggets I can share but these are the trends I’m seeing among the practitioners I’ve spoken to.

Thanks for joining me on this deep dive.

Stay with me for the next episode coming up. I’m going to share how you can actually take these insights and apply them into action.

Until next time,
Dani