• Audience 1st
  • Posts
  • How to Think in Terms of Enabling Business to Engage CISOs

How to Think in Terms of Enabling Business to Engage CISOs

You may not have to articulate that, but ask yourself, "What is the business case? Why would a CISO spend any amount of money with me?"

Author

Dani Woolf
21 Apr • Read Time: 5 minutes

There is a false perception that to successfully pitch to CISOs, you should solely speak geek—heavy on the tech talk, light on the business case.

That’s might be your biggest barrier to getting the conversation started on the right foot.

If you’re not speaking the CISO’s language and acknowledging the constraints they’re under, you’re setting yourself up for a swift rejection.

Have you ever considered the inherited tech stack a new CISO has to manage?

Or how about the pressure they face to align security with business goals from day one?

In this episode, I had a raw and unfiltered conversation with Brent Deterding, CISO of Afni, Inc., about what really moves the needle for him and what vendors get wrong.

Get ready for some tough love and a fresh perspective.

POLL: What’s the most effective conversation starter when engaging with a CISO?

Login or Subscribe to participate in polls.

Before we dive in, don’t forget to subscribe to join 1700+ cybersecurity marketers and sales pros mastering customer research. You’ll get notified whenever a new episode and buyer insights summary drops.

Who is Brent Deterding?

Brent Deterding is the CISO of Afni, Inc., who blends no-nonsense communication with a deep understanding of the business side of security.

Formerly on the vendor side, Brent uses his dual perspective to cut through marketing noise and deliver real solutions that align with business goals.

Known for his "bullshit detector" and straightforward style, he’s all about transparency, credibility, and clear communication.

Pro Tip for Connecting with Brent

Be prepared, be clear, and speak his language.

Brent values vendors who present a strong business case, are transparent about pricing and terms, and make it easy to evaluate solutions.

Skip the fluff, get to the point, and always back up your claims with evidence.

Insights and Key Takeaways

Speak the CISO’s Language

Insight: CISOs want to hear about solutions in business terms, not just technical jargon.

CISOs are not just technologists—they are business leaders responsible for protecting the company while enabling it to achieve its goals.

Marketers and sales teams need to communicate how their solution aligns with the company’s overall objectives.

Instead of focusing solely on features, frame your messaging around ROI, risk reduction, and cost-effectiveness.

Use metrics, case studies, and industry insights that show a clear business case for investing in your solution.

Be Authentic, Transparent, and Prepared

Insight: Credibility matters. Brent emphasizes the importance of authenticity and transparency from vendors.

CISOs, like Brent, can easily spot when someone is not being upfront.

Be prepared to discuss pricing and provide clear terms of use right from the start.

Avoid vague or exaggerated claims and focus on delivering a straightforward, honest message that aligns with the CISO’s priorities.

Authenticity not only builds trust but also keeps the conversation moving forward.

Understand the CISO’s Challenges

Insight: CISOs, especially those new to a role, often inherit technology they didn’t choose.

Brent’s bleeding neck challenge?

As a new CISO, he doesn’t get to do things he would necessarily like to do and has adopted a lot of technology he would not have chosen in the first place.

Many CISOs step into roles where they inherit a tech stack that isn’t ideal.

When engaging a CISO, acknowledge this reality and offer solutions that can integrate with existing systems or address specific gaps.

This approach shows that you understand the constraints they face and positions you as a helpful partner, not just another vendor.

Be Ready to Back Up Your Claims

Insight: CISOs have a finely tuned "bullshit detector" and are on the lookout for red flags in conversations.

CISOs are often skeptical, and for good reason.

They’ve seen exaggerated claims and misleading marketing too many times.

Avoid making promises you can’t keep or using vague terms.

Be clear about what your solution can and cannot do.

Establish credibility by providing case studies, client references, and demonstrations that prove your product’s effectiveness.

Make the Buying Process Easy

Insight: Complex buying processes are deal-breakers.

CISOs like Brent don’t have the time or patience for complicated procurement processes.

Make it easy for them to understand, evaluate, and purchase your product.

Provide simple, clear documentation, avoid burdensome forms, and offer flexible trial options that allow them to experience the value firsthand.

An easy buying process not only speeds up sales cycles but also enhances your reputation as a vendor.

TL;DR

Connecting with a CISO is not about pushing products—it’s about aligning with their mission, language, and challenges.

Brent’s insights are a reminder to keep things real:

  • Lead with a clear business case, not technical jargon.

  • Be upfront and transparent from the start.

  • Show you understand their constraints and existing tech stack.

  • Make the buying process as simple as possible.

When you genuinely serve CISOs by meeting them on their terms, you build trust, credibility, and lasting relationships.

Until next time,
Dani

Subscribe to Audience 1st Podcast Newsletter

Thanks for reading! If you like summaries like this, subscribe to Audience 1st Podcast Newsletter to get notified whenever a new episode drops.

Excited to collaborate? Let’s make it happen!

Check out our sponsorship details to connect with real security practitioners and showcase your brand to an engaged community of cybersecurity decision-makers giving and seeking real buyer insights.

Reply

or to participate.