• Audience 1st
  • Posts
  • How to Fuel Word of Mouth Referrals in the Cybersecurity Industry

How to Fuel Word of Mouth Referrals in the Cybersecurity Industry

Even if you never made a sale with somebody, if they brought you 10 people that ended up needing a solution like yours and you were able to help them move their mission forward, it still works out.

Author

Dani Woolf
20 May • Read Time: 8 minutes

In cybersecurity, the real win isn’t just about sealing the deal—it’s about earning your buyers’ trust so deeply that they refer you, even if they’ve never bought from you.

Sounds crazy? Not to John Gates.

John believes that meaningful relationships and positive experiences are far more powerful than traditional sales tactics.

In fact, he’s seen situations where vendors who didn’t land the sale still earned his referral simply by being honest, reliable, and genuinely helpful.

Want to thrive in cybersecurity sales?

In this episode, I had a brutally honest conversation with John, about his challenges, goals, what vendors do that piss him off, the alternatives, and how to focus less on immediate transactions and more on becoming a trusted resource that buyers rave about to their peers.

POLL: What’s the most effective way you’ve leveraged word of mouth and referrals in cybersecurity marketing?

Login or Subscribe to participate in polls.

Before we dive in, don’t forget to subscribe to join 1700+ cybersecurity marketers and sales pros mastering customer research. You’ll get notified whenever a new episode and buyer insights summary drops.

Who is John Gates?

John Gates is the Director of Security Operations at a Fortune 500 company, where he brings a no-nonsense approach to cybersecurity.

With a deep focus on building authentic relationships and delivering real solutions, John values transparency, honesty, and continuous engagement.

Outside of work, he’s an avid reader and keeps a close eye on the dark web to stay ahead of emerging threats.

Pro Tip for Connecting with John

Be honest and upfront about your product’s capabilities.

John values transparency and clear communication, so focus on how your solution can deliver real, measurable outcomes—no overpromising or incomplete solutions.

Insights and Key Takeaways

Prioritize Relationship Building Over Immediate Sales

Insight: Building relationships often matters more than closing immediate deals in cybersecurity.

John emphasizes the long-term value of relationship building, highlighting that establishing trust can lead to more referrals, even if an initial sale doesn’t happen.

In cybersecurity, where trust is the foundation of any transaction, GTM teams should focus on creating genuine connections rather than pushing for fast conversions.

Start by showing up consistently, offering help where needed, and understanding the buyer’s real challenges.

Deliver Contextual, Actionable Intelligence

Insight: Security teams need actionable insights, not overwhelming amounts of data.

"A lot of times it’s like opening the fire hose on somebody. I need more contextual-based data that really applies to my business."​

John Gates

John’s top challenge is dealing with overwhelming volumes of data that lack context and relevance.

For GTM teams, positioning your solution as one that filters noise and provides clear, actionable insights will resonate deeply.

Focus your messaging on how your product helps streamline threat hunting by delivering intelligence that aligns with specific use cases and business needs.

Don't Sell Incomplete Solutions

Insight: Incomplete solutions set customers up for disappointment and damage trust.

"What I don't like is when it’s out there, and you really don’t have a solution completely done… you’re setting the customer up for disappointment."

John has experienced vendors selling solutions that aren’t fully developed, which ultimately leads to frustration and loss of trust. GTM teams need to be transparent about their product’s capabilities and limitations. If a feature is still in progress, be clear about it. Customers like John appreciate honesty and are more likely to give you a chance if they know exactly what to expect.

Be Present Post-Sale to Drive Retention

Insight: Post-sale engagement is critical for building long-term trust and retention.

"When you build that rapport and you have a true relationship with a business, that’s word of mouth… People are outright suggesting you because of the experience they had."

John Gates

GTM teams often focus heavily on acquisition but neglect customer success after the sale.

John emphasizes that consistent communication, ongoing support, and a genuine interest in the customer’s needs are crucial to retaining customers and generating referrals.

It’s not enough to check in occasionally; you need to stay actively engaged and ready to help.

Simplify Threat Hunting with Better Tools

Insight: Effective threat hunting requires solutions that make the process simpler, not more complex.

"I dream of being able to proactively seek things out before they become a problem…and keep a system at a normal state."​

John Gates

John is focused on proactive threat hunting but finds that many tools are overly complex or lack user-friendly features.

If your product streamlines the threat-hunting process, GTM teams should emphasize its simplicity and effectiveness.

Highlight how the tool helps users anticipate threats rather than react to them, making it easier for security teams to maintain a strong security posture.

Authentic Communication is the Key to Trust

Insight: Transparency and honesty in communication build trust with cybersecurity buyers.

"When you build that rapport and you have a true relationship with a business, people are outright suggesting you because of the experience they had."​

John Gates

John values transparency and straightforward communication. For marketers and sales teams, this means avoiding hype, buzzwords, and exaggerated claims.

Instead, focus on clear, honest messaging that speaks directly to the buyer’s needs.

If there are gaps in your solution, acknowledge them and explain how you plan to address them.

Authenticity in communication not only builds trust but also leads to better long-term relationships.

Engage the Whole Buying Committee

Insight: Effective engagement requires building relationships with the entire buying committee, not just a single contact.

"You have to go to their website and find out how to get on their vendor list… Continue to build a relationship and get to know each other."​

John Gates

John advises vendors to approach the entire buying committee rather than focusing on a single decision-maker.

This requires understanding the roles, needs, and priorities of each stakeholder involved.

Tailor your messaging to address the specific concerns of each member and provide resources that are relevant to their roles.

Building consensus within the buying committee can accelerate the sales process and increase the likelihood of success.

Prioritize Threat Response with Timely Solutions

Insight: Proactive threat response is John’s ultimate goal, but it requires the right tools and support.

Proactive threat response is a major challenge for security professionals, and John wants tools that enable him to detect and prevent issues before they escalate.

GTM teams should emphasize how their solutions support this proactive approach, making it easier for security teams to stay ahead of threats.

Highlight features that automate detection, provide timely alerts, and offer actionable insights.

Word of Mouth is Your Best Marketing Tool

Insight: Word-of-mouth referrals are more powerful than any ad or sales pitch.

"When you build that rapport and you have a true relationship with a business, that’s word of mouth… People are outright suggesting you because of the experience they had."​

John Gates

John believes that a strong reputation and positive experiences drive more referrals than any marketing campaign.

For GTM teams, this means prioritizing customer success and satisfaction over aggressive sales tactics.

Encourage satisfied customers to share their experiences, and create referral programs that reward both the referrer and the referred.

TL;DR

Selling to cybersecurity professionals like John Gates isn’t just about having a great product—it’s about delivering real value, building trust, and maintaining engagement long after the sale.

Here’s what to keep in mind:

  • Build genuine relationships, even if a sale isn’t immediate.

  • Deliver context-rich, actionable threat intelligence.

  • Be honest about what your product can and cannot do.

  • Engage the entire buying committee, not just one stakeholder.

  • Prioritize post-sale engagement to drive retention and referrals.

Focus on solving real problems and earning trust, and you’ll turn customers into advocates.

Until next time,
Dani

Subscribe to Audience 1st Podcast Newsletter

Thanks for reading! If you like summaries like this, subscribe to Audience 1st Podcast Newsletter to get notified whenever a new episode drops.

Excited to collaborate? Let’s make it happen!

Check out our sponsorship details to connect with real security practitioners and showcase your brand to an engaged community of cybersecurity decision-makers giving and seeking real buyer insights.

Reply

or to participate.