A Huge Percentage of Vendors Jumps on This Ambulance Chasing Bandwagon and I Hate It

Who is Allan Alford?

Allan Alford is a CISO, technologist, and straight-shooter with over 20 years of experience in cybersecurity.

He’s the kind of CISO who’s just as likely to build a product as he is to break one, always keeping a foot in both the enterprise and customer-facing worlds.

Allan has a deep disdain for buzzwords, ambulance-chasing vendors, and unsolicited calendar invites—but he’s got a soft spot for honest conversations, well-aged whiskey, and marketing that actually makes sense.

When he's not busy keeping cyber threats at bay, Alford moonlights as a podcast host, sharing his wisdom on "The Cyber Ranch Podcast."

It's like a TED Talk, but with more cowboy hats.

Pro Tip for Connecting with Allan

Allan values authenticity and no-nonsense communication.

When reaching out, avoid buzzwords and hype.

Be direct, clear, and focused on how you can genuinely add value.

Show that you understand the challenges of cybersecurity, and he’ll appreciate your transparency.

Insights and Key Takeaways

Focus on Securing What Matters Most

Insight: The goal isn’t to “secure all the things,” but to protect what is most vulnerable and critical.

Security teams don’t aim to protect everything.

They prioritize based on what’s most vulnerable or valuable.

Marketers and sales teams should adopt a similar approach: focus on the most critical pain points of your customers rather than offering an all-encompassing solution.

Narrowing down the message to align with specific business risks will resonate more with security practitioners, who are often overwhelmed by broad, one-size-fits-all pitches.

Avoid "Ambulance Chasing" in Your Marketing

Insight: Using major security breaches as a scare tactic is ineffective and off-putting.

Marketing that exploits recent breaches to generate urgency often backfires.

While it’s okay to acknowledge these events, using them as a hook makes CISOs feel like you’re taking advantage of fear.

Instead, focus on a positive message about how you address specific risks.

Demonstrating empathy for the pressures they face builds trust and fosters more meaningful conversations.

Tap into "Friendlies" to Test Your Messaging

Insight: Before launching a campaign, get feedback from trusted practitioners who understand your audience’s challenges.

It’s easy to assume your message will land well, but it’s more effective to validate it with industry insiders first.

Leverage advisory board members, field CISOs, or friendly practitioners to provide feedback on campaigns.

This not only saves time and resources but also ensures that your messaging aligns with the actual needs and language of security professionals.

Research-Driven Decisions Start with Community Insights

Insight: Security practitioners rely heavily on peer insights and community feedback when evaluating vendors.

Word-of-mouth is crucial for security practitioners.

They rely on peer networks to inform initial evaluations before engaging with vendors.

Marketers should recognize the power of community-driven influence.

Encourage your satisfied customers to share positive experiences in trusted forums, as this can be more persuasive than traditional advertising.

Blind Calendar Invites Are a Fast Track to Frustration

Insight: Unsolicited meeting invites lead to immediate backlash and lost trust.

Cold calendar invites are a no-go.

Instead, try a more respectful approach, like a short, personalized LinkedIn message that shows genuine knowledge of the recipient’s role or challenges.

It’s not about quick wins; it’s about building authentic relationships that start with transparency.

Be Realistic About Your Position in the Market

Insight: Marketers need to maintain a clear, honest view of where their product stands in the competitive landscape.

Overhyping a product’s capabilities or claiming to be the only solution is a surefire way to lose credibility.

Acknowledge your competitors and highlight what genuinely sets your product apart.

Security practitioners appreciate honesty and specificity—tell them exactly where you excel and where you don’t.

It makes your pitch more trustworthy and positions you as a potential partner rather than just another vendor.

Build Relationships, Not Transactions

Insight: Long-lasting relationships start with honesty about capabilities and limitations.

Practitioners remember vendors who are honest about what they can and cannot do.

This transparency sets the foundation for long-term relationships. Instead of trying to pitch a perfect solution, aim for an open conversation about mutual fit.

If your product isn’t the right fit, recommend an alternative. It builds credibility and leaves the door open for future opportunities.

Don't Overvalue the CISO as the Ultimate Decision-Maker

Insight: Directors and managers often hold more decision-making power than CISOs.

While CISOs may hold the final sign-off, the day-to-day evaluations are often handled by their direct reports.

Tailor your marketing to include the needs and pain points of these “lieutenants,” who are more likely to engage in-depth and influence the final decision.

My Final Thoughts

At the end of the day, marketing is about more than just making noise—it’s about making connections and demonstrating value.

Stay real, stay focused, and most importantly, stay grounded in what truly matters to your audience.

Security practitioners don’t want the hype; they want honesty, relevance, and solutions that fit.

Keep it simple:

• Lead with value.

• Stop chasing the ambulance.

• Be a partner, not a peddler.

• Build relationships, not just pipelines.

It’s a lot less about “being the best” and more about being useful.

Until next time,
Dani