- Audience 1st
- Posts
- Why Developing Training Programs & Community is Essential for Security Buyers
Why Developing Training Programs & Community is Essential for Security Buyers
Vendors need to start learning from the people on the ground building communities, because those communities are going to be filled with potential leaders of the future.
Dani Woolf
08 Dec • Read Time: 7 minutes
The cybersecurity market saturated with tools that promise the world but often deliver half-baked results.
Buyers, especially those leading Security Operations Centers (SOCs), face a relentless barrage of vendors who fail to understand their day-to-day challenges.
This disconnect has led to a simple yet powerful shift in buyer expectations:
They now seek more than just tools—they want vendors to provide training programs and foster a sense of community.
Why? Because training directly addresses the skills gap, while community bridges the isolation many security practitioners feel.
Together, these elements enhance operational maturity, a key pain point for SOC leaders trying to align technology with business objectives.
In this episode, Jay Jay Davey, a veteran in security operations, lays out exactly why training and community are no longer 'nice-to-haves' but critical components in the buying journey.
POLL: What’s the most effective way for GTM teams to enhance training programs for security buyers? |
Before we dive in, don’t forget to subscribe to join 1700+ cybersecurity marketers and sales pros mastering customer research. You’ll get notified whenever a new episode and buyer insights summary drops.
Who is Jay Jay Davey?
Jay Jay Davey is a seasoned security operations leader known for driving SOC maturity and operational excellence.
With a strong track record of guiding organizations to enhance their security services, Jay Jay’s expertise spans incident response, cost reduction, and cloud security improvements.
His strategic focus has not only reduced SOC operating costs by up to £200,000 per year but also elevated detection capabilities and response efficiency.
Jay Jay has contributed significantly to the cybersecurity community as a co-author of the CSOM Certification with SecurityBlueTeam, a SANS Mentor, and an active mentor at Infosec.live.
He’s passionate about strengthening technical security by boosting threat detection quality, improving overall efficiency, and minimizing both threat exposure and SOC-related costs.
Pro Tip for Connecting with Jay
Be direct and come prepared with thoughtful questions about SOC maturity and security operations strategy.
Skip the sales pitch—Jay Jay values authentic conversations and practical insights that genuinely help solve problems.
Engaging in industry discussions or sharing meaningful insights on platforms like LinkedIn or Infosec.live is a great way to get on his radar.
Insights and Key Takeaways
The Entry-Level Dilemma in Cybersecurity Hiring
Insight: Jay Jay argues that expecting entry-level hiring in cybersecurity without prior experience is often unrealistic and impractical.
The industry often promotes the idea of "entry-level roles" in cybersecurity, but Jay Jay challenges this notion, explaining that cybersecurity is a highly technical field requiring significant training, resources, and risk management.
He emphasizes that expecting businesses to bear the full cost of onboarding and training entry-level hires is a heavy burden, especially in today’s economic climate.
Instead, Jay Jay suggests that professionals should aim to upskill and meet the higher standards set by the industry, rather than lowering the bar.
"Instead of dragging the barriers down to a lower level, why don’t we strive to meet the requirements?"
This perspective challenges marketers and salespeople to reconsider how they position training solutions to potential buyers.
The focus should be on helping buyers become more skilled and self-reliant, aligning with Jay Jay’s point that organizations prefer hires who can perform from day one.
GTM teams can emphasize the role of continuous upskilling in their messaging to align with this reality and address a major pain point in the hiring process.
Maturity in Security Operations: More Than Just Tools
Insight: Most Security Operations Centers (SOCs) are set up to generate alerts but lack a clear strategy for maturity, leading to inefficiency.
Jay Jay draws a parallel between SOCs and factories: raw materials (logs) go in, processes generate outputs (alerts), but without a maturity strategy, the SOC remains stuck in reactive mode.
Maturity in security operations involves aligning the SOC’s processes with broader business objectives.
This requires strategic integration of people, processes, and technology, rather than just adding more tools.
GTM teams should focus their messaging on how their solutions contribute to this broader maturity and alignment, not just on specific features.
"A lot of businesses stick a SOC into their business and just don’t do anything with it. They need a strategy that aligns with the business goals."
GTM teams can leverage this insight by framing their solutions as enablers of SOC maturity, emphasizing integration, strategic alignment, and operational efficiency.
Positioning products this way resonates with leaders seeking to optimize their SOCs, making the value proposition clearer.
Start with the Problem, Not the Tool
Insight: Jay Jay insists that effective tool evaluation begins with understanding the problem, not with examining features.
Jay Jay’s approach to evaluating cybersecurity tools is rooted in a problem-first methodology.
Instead of focusing on features, he advocates for starting with a detailed analysis of business-critical assets, threat models, and protection priorities.
This mindset ensures that solutions are aligned with the organization's specific needs and not just purchased based on flashy marketing.
GTM teams need to understand this nuanced approach when engaging with buyers, emphasizing how their solutions are tailored to meet specific business needs rather than being one-size-fits-all.
"I don’t look at the tool itself. I look at the problem. What are we trying to achieve here?"
This approach can be incorporated into GTM messaging by leading with the problems the solution solves and using buyer-specific scenarios.
Messaging should shift from showcasing product features to highlighting how the solution fits seamlessly into existing workflows, addressing the critical pain points that practitioners care about most.
Relationships Matter More Than Features in Cybersecurity Sales
Insight: Building genuine relationships with cybersecurity practitioners has a bigger impact on sales success than pushing features.
Jay Jay emphasizes that successful sales in cybersecurity depend heavily on personal relationships rather than aggressive pitches.
He shares stories of how personal connections with vendors, built through informal conversations and shared experiences, have influenced his buying decisions more than any white paper or feature list.
GTM teams should rethink their approach, shifting from transactional selling to community-building.
This could mean hosting informal meetups, creating peer-led discussion spaces, or engaging in forums where buyers feel comfortable sharing insights and experiences.
"Sales is 90% that human element. That relationship is what builds sales.".
GTM teams need to foster meaningful relationships, positioning themselves as partners rather than sellers.
This involves active participation in buyer communities, offering value through education and shared experiences, and being genuinely interested in the buyer’s challenges and needs.
TL;DR
If you want to win over security buyers, start by supporting them, not selling to them. Training programs and community engagement are no longer "extras"; they are critical components of a successful sales strategy.
Buyers want skills and connection, not sales pitches. GTM teams who embrace this reality—by leading with empathy, problem-solving, and genuine interest—will not only sell more but also earn lasting trust.
So, ditch the aggressive pitches and start listening.
Your buyers are waiting.
Until next time,
Dani
Subscribe to Audience 1st Podcast Newsletter
Thanks for reading! If you like summaries like this, subscribe to Audience 1st Podcast Newsletter to get notified whenever a new episode drops.
Excited to collaborate? Let’s make it happen!
Check out our sponsorship details to connect with real security practitioners and showcase your brand to an engaged community of cybersecurity decision-makers giving and seeking real buyer insights.
Reply