We’ve all seen this movie before.

Two tech entrepreneurs walk into a VC firm and pitch their revolutionary cybersecurity start-up. The CEO had a successful exit with a previous company, and she has a solid pitch deck. The CTO was an engineer at Cisco, and he has serious product development credentials. They get the funding, develop the product, and launch it into the market with great promise. They secure their first set of customers, and revenue is growing. Things are looking up. They are getting traction, and they take on more funding. In fact, they bring in a CRO and CMO who build teams to drive sales and marketing, but the company just can’t seem to meaningfully expand. Within five years and $150M in funding, they are forced to sell the company for a fraction of the investment.

In 1991, Geoffrey Moore described this dilemma as “Crossing the Chasm.” He observed that expanding your market from early adopters to the early majority requires being able understand and pursue new markets effectively. This is true whether your company is a small startup or the division of a large corporation. Establishing beachheads in new industry verticals becomes more difficult as teams grow, and the value proposition gets watered down for a more general marketing and sales approach.

Crossing the Chasm

Global venture funding for the cybersecurity industry hit an all-time high in 2020 with $7.8 billion invested in 665 companies. About 1,500 companies that have been funded since 2017 have not yet exited. With more than 3,000 cybersecurity vendors out there in the wild, today’s cybersecurity market is complex to say the least. Cybersecurity technology users are baffled by the challenges of securing their networks, cloud data centers, IoT devices, edge infrastructure, and DevOps platforms. Cybersecurity vendors need to communicate a very technical value prop clearly and convincingly, and more often than not, these vendors do not have technical product marketing folks to help translate the story.

Too Smart to Thrive

Over the years, we’ve seen countless promising, innovative cyber startups fail for the wrong reason. Their product was great, maybe even ahead of its time. What the company lacked was the ability to tell their story well. Cybersecurity storytelling is difficult. As vendors grow and co-founders spend less time putting their heart and soul into every presentation and customer-pitch, the company’s ability to communicate its value falters.

We call this being “too smart to thrive.” This occurs when the company’s engineering and product teams focus too much on developing cool new features and custom solutions than on communicating their value prop for the products they’ve already built. Companies become too smart to thrive because their technical wizardry outpaces their ability to articulate their value clearly across the entire marketing and sales lifecycle.

TOFU, MOFU and BOFU

You’ve all heard of a sales funnel, right? Marketing generates the leads that go into the top of the funnel, and Sales qualifies the opportunities through the middle and bottom of the funnel to get them to sign on the dotted line. So what are TOFU, MOFU and BOFU? And what the heck does it have to do with storytelling? These are acronyms for:

  • TOFU: top-of-funnel
  • MOFU: middle-of-funnel
  • BOFU: bottom-of-funnel.

And TOFU, MOFU and BOFU have everything to do with effective storytelling.

Cybersecurity vendors that view marketing as a way to generate TOFU leads end up having to work harder to sell their prospects as they move down in the funnel. By developing campaigns and content for the MOFU and BOFU, organizations enable prospects to educate themselves.

Amazon Web Services Changed Marketing Forever

Amazon introduced Amazon Web Services (AWS) in 2006. AWS enabled companies to lease compute infrastructure by the hour. AWS EC2 On-Demand pricing ranges from less than a penny to $0.10 per CPU hour. While “timesharing” is not a new concept, Amazon made their service easy-to-use by allowing customers to pay for compute, storage, applications, and networking by the hour. AWS also created a vast amount of documentation, white papers, how-to-guides, pricing explanations, sample code, etc. that were suited for more technical buyers. This rich MOFU and BOFU allows their prospects and customers to educate themselves, effectively qualifying themselves with little to no sales support. AWS tells its story to customers in extraordinary detail and with great transparency. If you want to develop something on AWS, you simply need to search their website, and you’ll find out exactly what their solution does, how to implement it, and how much it will cost.

In 2020, AWS generated $13.5 billion in profits on revenue of $45.3 billion. AWS is the most profitable part of Amazon’s business, making up 63% of the company’s operating profits.

How Can Cybersecurity Vendors Improve their Storytelling Ability?

You don’t have to be AWS to tell your story well. Cybersecurity vendors or any cybersecurity organization can improve the way they articulate their value (aka storyselling) through a handful of best practices.

  1. Map your customer journey: It is essential to understand your customer’s hero journey. Follow your customer (the hero) from their first interaction with your brand to becoming a customer and eventually referring a prospect to you. Map out the key stages of the journey and understand what is needed at each stage to advance the prospect through the funnel.
  2. Get vertical: When it comes to cybersecurity, you need to be able to articulate your value proposition to each vertical you pursue. They have different lingo, business drivers, and application use cases. Depending upon your product, you may need to develop an in-depth understanding of the drivers, challenges, and use cases in: healthcare, discrete manufacturing, process manufacturing, oil & gas, electric utilities, water & waste management, air, rail, maritime, communications, business service, finance, etc. There is no way your team will be able to get up to speed quickly enough on these key verticals. Seek external help here.
  3. Don’t shy away from tech talk: Effectively telling your story across your marketing and sales cycle means articulating your technical and business value. Ensure that your sales and marketing team have the technical and business skills and tools to engage customers.
  4. Create MOFU and BOFU content: Don’t settle for high-level white papers and blog posts as your demand gen and education strategy. Develop MOFU and BOFU content to help your customers (and employees) educate themselves: technical white papers, reference manuals, how-to guides, how-to videos, use cases, sample implementation, test beds, ROI tools, strategic position papers, compliance guidance, etc.
  5. Invest in technical product marketing: Companies large and small have limited technical product marketing resources. Companies struggle with translating a technical explanation from the CTO or engineering team into a story because they lack the same technical expertise. Technical product marketing folks should understand both business and your technology. Invest in technical product marketing or bring in external resources to help your teams create better stories, content and campaigns.

That’s our story, and we’re sticking to it. No matter where you are in your cybersecurity marketing journey, Farallon can help you. We have a team of technical and business analysts that understand embedded, network, OT/industrial, and DevSecOps cybersecurity. We’ll help your teams become better storytellers and marketers. We’ll improve your sales funnel efficiency and ensure that your prospects understand who you are and what you can do for them. We’ll cut through the confusion of a complex and noisy cybersecurity industry. We thrive on seeing our customers succeed.