Audience 1st

?? RANT INCOMING. Because I’m PISSED at some of you...for MANY of you. When the hell did this become okay? 1. Creating fake aliases on LinkedIn to build “relationships”? 2. Using negative press as bait in outbound campaigns? 3. Badmouthing competitors in discovery calls? 4. Sending untrained marketers to events to staff booths when they can't even answer basic questions about the company they work for and the product they are marketing and selling? 5. Expecting marketing teams to 2x, 3x, even 5x pipeline in unrealistic timeframes...with budgets slashed in half. 6. Doubling down on outdated KPIs and vanity metrics instead of listening to actual customers. 7. Silo-ing marketers from customer calls, buyer insights, qualitative data, even analyst briefings. 8. Paying a stupid 6 figures to analyst firms who regurgitate data they're telling your customers instead of picking up the damn phone and asking your buyer what matters. 9. Ghosting customers when they’re literally raising their hands to build with you? Make it make sense. This isn’t bad business. It's sabotage. FYI - Asking for a friend. (But also not.) RANT OVER. What else did I miss? Drop it in the comments below ?? #b2b #marketing #cybersecurity #customerresearch #audience1st #cybersynapse

One year ago, I had a chaotic idea at 11:47pm. What if I dropped every Audience 1st Podcast episode title into ChatGPT and told it: “Write a funny headline as if you were writing a story for The Onion based on this title.” It was supposed to be a dumb little time-killer while I couldn’t sleep. Instead, it turned into a terrifyingly accurate, completely unhinged, and honestly brilliant series of sarcastic headlines. So I turned it into a thing. Here’s the updated list of 77 Customer Research Podcast Titles as Written by The Onion (ok, fine, ChatGPT), linked in the comments below ?? We could all use a little laugh at the absurdity of marketing, sales, and buyer behavior. Let me know your favorites in the comments. And if you want in on how to actually do customer research that doesn’t suck, join the 1700+ marketers and sellers already part of the Audience 1st crew. #cybersecurity #marketing #sales #growth #gtm #customerresearch #audience1st

Every month, I test messages with the people who matter most. Not my team. Not investors. My buyers. Those who actually feel the consequences of bad GTM strategy. I asked my community to share which message resonated most with them. The winner? Cybersecurity Buyer Research as a Service (BRaaS) We do the buyer research. You make the moves. Why did I double down on this service? Because cybersecurity GTM teams are still building products and launching campaigns based on internal assumptions. Because buyers are still frustrated by vendors who don’t understand them. Because every misstep in messaging, product, or sales wastes time and erodes trust. At CyberSynapse.io, we (and our network of active cybersecurity practitioners) help teams course-correct before that happens. In just 30 days, we surface exactly what your buyers want, need, and won’t tolerate. You walk away with real-world buyer intel so you can build, position, and sell with confidence. I want to say THANK YOU to all who shared their time and unfiltered feedback with me this month. You shape what we do and make this message real. If you're ready to stop guessing and start knowing what your buyers really want, talk to us: https://lnkd.in/dBgpecvV #cybersecuritymarketing #customerresearch #b2bgrowth #gtmstrategy #cybersynapse #audience1st

Cybersecurity product marketers DO NOT get enough damn credit. They are being asked to do a lot, ALL THE DAMN TIME: → Differentiate in a saturated market → Prove value fast to skeptical buyers → Align product, content, and sales around GTM strategy → Help hit pipeline goals with fewer resources and tighter timelines Not to mention, handle cross-department communication and...INTERNAL POLITICS. ?? Here’s the problem I ran into working in-house for three high-growth cybersecurity startups (and maybe you’ve felt this too): We’re often building strategy around what we THINK we know, not what our buyers are actually thinking. And when that happens, GTM stalls. We write messaging that “makes sense” to internal stakeholders, but buyers scroll past. We build content that feels strategic, but it doesn’t convert. We prioritize roadmap features based on hunches, not real-world urgency. When I hit rock bottom (burnout) things shifted for me: I stopped trying to solve symptoms. I started asking better situation-based questions that created a gap between where we were and where we wanted to be. THIS is why I built CyberSynapse.io with Ben Siegel. And that’s EXACTLY what CyberSynapse.io helps you do, without running a 3-month internal research sprint. We handle EVERYTHING: ? Recruiting the right cybersecurity buyers (CISOs, engineers, architects, directors - you name your ICP, we have it OR we'll recruit them for you) ? Running qualitative interviews focused on your top GTM questions ? Synthesizing the insights into clear, prioritized action plans tied to your business outcome So you can: → Justify strategic shifts with real data → Create content that resonates on first contact → Empower sales with messaging buyers actually believe → Cut campaign waste before it happens The result? Teams move faster. Budgets stretch further. And launches land. If you're ready to let use manage your buyer research so you can make the right moves, DM me or book some time with me, linked in the comments below ?? #cybersecurity #marketing #gtm #buyerresearch #customerresearch #cybersynapse

When I talk to CISOs, I find that: Some love the role. Others hate it. But no matter the sentiment, what's clear is: CISOs today are business leaders first, security experts second. Vito Sardanopoli article on The CyberNest - The Art and Science of Cybersecurity Leadership - distills this really well: The role isn’t just about protecting assets. It’s about driving business resilience, influencing executives, and making security a competitive advantage, not just a cost center. In looking back at my career as a demand gen marketer working for high-growth security startups, I wish I knew this sooner. I see too many vendors still pitch to CISOs as if they’re IT managers, not executive leaders. They throw technical jargon, compliance checklists, and fear-driven messaging at them—without addressing the BUSINESS OUTCOMES CISOs actually care about. What does this mean for security vendors? → Stop selling security. Start selling risk reduction. CISOs don’t buy tools. They buy risk reduction, resilience, and strategic business enablement. If your value proposition doesn’t connect security to revenue, customer trust, or operational continuity - revisit your positioning and messaging. → Speak their language. Business, not just bits and bytes. Train your sales and marketing teams to translate technical value into business impact. → Shift to ongoing executive conversations. CISOs are constantly REASSESSING risk, adapting strategies, and influencing boards. Build trust, continuity, and strategic alignment. → Understand that security is cultural, not just technological. A security-aware workforce is just as important as a security stack. DO NOT ignore the human element! → BONUS: Recognize that CISOs need to achieve more with less (or at best with the current resources they have), as Ross Haleliuk put it this morning in his LinkedIn post. What’s your biggest challenge you see in aligning security with business outcomes? Drop your thoughts in the comments. ?? And read up on Vito's piece, also linked in the comments. ?? #cybersecurity #CISOs #leadership #riskmanagement #customerresearch #thecybernest

I’ve spent nearly 2.5 years dissecting the absolute worst sales and marketing tactics in cybersecurity with Chris Roberts. 50+ episodes. Hundreds of cringeworthy messages. And after all that? I’ve realized something: Most cybersecurity vendors don’t have an outreach problem. They have a respect problem. You don’t respect your buyer’s time—so you spray and pray emails across an entire security team, hoping someone bites. You don’t respect their intelligence—so you gaslight them in sales calls, pretending they agreed to things they never did. You don’t respect their expertise—so you send emails that imply "You’re doing security wrong, but lucky for you, I have the answer!" And somehow, vendors are still confused as to why response rates suck. Because it's WTF Wednesday, I took some of the top episodes of WTF Did I Just Read? Tech Sales and Marketing Edition and...well...had a little fun below. Here are the top five insights for you to take away from 50+ episodes: 1. Manipulation isn’t marketing. If your entire sales strategy is built on fear-mongering, guilt-tripping, or psychological tricks, congratulations—you’ve officially become the phishing emails you claim to protect against. 2. Fake exclusivity is insulting. “You’ve been personally selected for this rare opportunity!” (Along with the other 500 CISOs who got the exact same email.) Stop treating cybersecurity leaders like they just won a prize from a cereal box. 3. Buyers aren’t fragile. “I can only imagine how stressed you must be…” Who told you CISOs need a therapy session from a random SDR they haven't established a relationship with? This isn’t trauma bonding. Build a value-driven relationship. And sell like a professional. 4. Vendor dinners are a game. Some CISOs have mastered the free steak hustle. But vendors enable it by making engagement about bribery instead of value. 5. No one cares about you at 7AM. Cold-calling security leaders (or marketers for that matter - ME *COUGH COUGH*) before their first coffee to push a webinar invite? Hell no. Here’s What Actually Works - Act like a human. - Give a damn about your buyer’s problems before you pitch a solution. - Earn attention. Don’t demand it. Not complicated. Just...rare. Do better, yes? And don't be like the floozy characters below. Security buyers, what’s the worst outreach tactic you’ve seen lately? #cybersecurity #sales #marketing #gtm #wtfdijr

I hear “move fast” to the cloud TOO MUCH without a lot of context as to how to do that efficiently and effectively. So, I asked Kyle Wickert from AlgoSec how organizations should actually approach hybrid cloud security from day one (without setting themselves up for an expensive cleanup later). His answer? UNDERSTAND what you’re moving before you move it. SOUNDS simple, right? But guess what many companies do? They lift and shift workloads into the cloud, treating it like a data center relocation instead of a security transformation. No clear mapping of application dependencies. No reassessment of security models for cloud-native architectures. No thought given to IAM, network segmentation, or workload isolation. Here’s what Kyle says should be happening instead: ? Start with visibility. Map out your business applications, dependencies, and what’s actually talking to what. If you don’t know that on-prem, you’re screwed in the cloud. ? Move in controlled phases. Migrate application by application, business function by business function - not everything at once. Bite-sized chunks. ? Map security controls BEFORE migration. You need equivalent cloud-native security - NSGs, cloud firewalls, IAM policies - set up before workloads land in the cloud. Otherwise, you’re wide open. Security isn’t about slowing things down. It’s about moving fast WITHOUT crashing into avoidable security disasters. Want to listen to the full episode with Kyle? Check out the link in the comments below ?? #cybersecurity #cloudsecurity #algosec #customerresearch #audience1st

I’ve talked to dozens of Wiz customers over the years - security leaders, engineers, CISOs - and the answer to why they chose Wiz over other cloud security players is always the same: ?? “The product is stupid simple to use.” ?? “It works—without making my life hell.” ?? “They are FUN.” (Yes, fun - in cybersecurity. ??) Google's acquisition isn't just a milestone for Wiz, but for the entire cybersecurity industry. The playbook for how they got here? It wasn’t just product. It wasn’t just funding. It wasn’t just timing. It was a MASTERCLASS in go-to-market, customer research, and brand-building. Here’s why Wiz didn’t just succeed—they DOMINATED. 1. Relentless Focus on the Buyer Wiz cut through it by LISTENING to their customers. Security and development teams loved the product because Wiz made it insanely easy for them to adopt, integrate, and actually use. Unlike most vendors who throw features at the wall, Wiz prioritized customer insight over assumptions. They built based on what security teams actually needed, not just what the market trends dictated. 2. Frictionless Product-Led Growth Wiz was built for the MODERN security buyer - practitioners who don’t have time to sit through sales calls or implementation headaches. They gave users INSTANT value with fast deployment and frictionless onboarding. Wiz flipped the script with an experience so seamless that it practically sold itself. 3. Community and Virality = GTM Superpower They didn’t just market. They created MOMENTUM. CISOs and security teams were talking about Wiz in Slack channels, at conferences, dinners, and in other backroom discussions. 4. Category Domination with NARRATIVE CONTROL Wiz owned the “cloud security operating model” narrative. Instead of trying to wedge themselves into an existing category, they reshaped the conversation entirely. (Something I see so many vendors struggle with, BTW). Wiz didn’t just build a product. They built a movement. They didn’t just sell features. They solved real customer problems. They didn’t just launch campaigns. They created momentum. THIS is how you win. Congrats to Assaf Rappaport, Ami Luttwak, Yinon C., Roy R., and the whole team at Wiz for a phenomenal milestone!?? #cybersecurity #gtm #gotomarket #customerresearch #clouddecurity #wiz #google

For the longest time, I thought growth meant saying “yes” to every challenge, working harder than everyone else, and muscling through setbacks like a fricken gladiator. It wasn’t growth. It was exhaustion. And it wasn’t an agile mindset. It was rigidity disguised as resilience. Here’s the real problem: Most GTM leaders I talk to think they have a growth mindset. But what they actually have is a grind mindset. They mistake overcommitting for ambition. They confuse busyness with effectiveness. They treat adaptability as an afterthought, not a strategy. I used to think that if I just kept pushing through, I’d eventually figure it out. That’s not what happened. What happened was I kept hitting the same walls: ? Burnout from taking on too much. ? Slow decision-making because I was afraid of being wrong. ? Wasted cycles on strategies that should’ve been killed sooner. That’s when I made a shift. I stopped focusing on just growth and started embracing agility - working smarter, faster, and being more adaptable. Here’s what that looked like: 1. Shorten feedback loops. Don’t wait months to see if a campaign or message works—test small, iterate fast, and pivot before you burn budget. 2. Kill bad ideas quickly. The best GTM teams aren’t afraid to cut their losses. Stop clinging to “sunk costs” and start moving on faster. 3. Make micro-moves, not massive overhauls. Then measure. Adjust. Scale what works. MOST IMPORTANTLY: 4. Ask for help. Your network, your customers, your community—they know things. Stop trying to reinvent the wheel alone. Growth without agility = spinning your wheels harder. Agility without growth = running in circles. Are you growing? Or grinding? #gtm #growthmindset #cybersecurity #marketing #b2b #selfaffirmationsundau

One of the spicier takes I heard a couple weeks ago was the idea that?network security is a thing of the past and a solved problem. Some folks think that?identity and cloud security have made network security irrelevant. The thinking goes something like this: → Identity security and zero trust are taking priority over traditional network security. → Cloud-native security controls replace the need for traditional firewall-based security. → As long as organizations have good IAM policies, they’re covered. Kyle Wickert from AlgoSec strongly disagrees. “The network is still extremely relevant. It hasn’t gone away—it’s just morphed. Organizations are stretching their networks into the cloud, into new environments, and their applications are doing more than ever before.” The issue? CISOs and executives assume that network security is “handled” as part of cloud security. But many cloud security strategies still rely on foundational network controls—and those controls aren’t always properly configured. They assume the problem is solved when it isn’t. They all depend on a fundamental set of network controls being there that aren’t always there. While CISOs are busy focusing on identity and cloud security,?attackers are taking advantage of weak network security policies to slip right through. Listen to my latest episode with Kyle on Audience 1st Podcast, where we break this down in more detail, linked in the comments below ?? #cybersecurity #cloud #informationsecurity #customerresearch #audience1st