Adventures in Cybersecurity Content Marketing: Hard Won Lessons Earned from the Cybersecurity Trenches

Sep 30, 2020 | Events

On September 21-September 24, the smartest minds in cybersecurity marketing came together for CyberMarketing Con 2020, run by the Cybersecurity Marketing Society. Panelists covered a wide span of categories, providing guidance for professionals looking to expand their business and improve their marketing skills.

In the session “Adventures in Cybersecurity Content Marketing: Hard Won Lessons Earned from the Cybersecurity Trenches,” Jessica Vose, Senior Director of Marketing at Blackberry, shared her tips on mastering content marketing in cybersecurity. Vose is an award-winning marketer with over 15 years of corporate marketing and communication.

The Importance of Content Marketing

Vose emphasized that in cybersecurity content marketing, your credibility is your brand. For companies to be looked to as leaders, they need to be trustworthy. As a marketer, you need to ensure that you understand what is happening in the cybersecurity landscape so you can keep important stakeholders educated. 

Because the cybersecurity industry is ever-changing, a wealth of content is necessary, covering the latest new attacks and threats. Education is table stakes—because there are endless vendors trying to reach new prospects, you need to differentiate your company’s technology. Keeping tabs and developing an informational program on the latest trends will make your company critical to your stakeholders’ education. Vose said, “Make yourself someone who they’re constantly coming back to to understand what’s happening and what they can do about it.”

Content marketing has proven to be successful. According to the Association of National Advertisers, content marketing budgets are up 73% from two years ago, and they are predicted to rise in the future because there’s a strong commitment by marketers. Content marketing works—year-over-year growth in unique site traffic is 7.8x higher for content marketing leaders, and conversion rates are nearly 6x higher for content marketing adopters, according to Aberdeen. Finally, content marketing is cost-effective. It costs 62% less than traditional marketing and generates 3x as many leads, according to DemandMetric.

Critical Content Strategy Pointers

Content strategy is not easy. It takes work and time. But with a great strategy, content strategy is irreplaceable.

Vose discussed six key pointers for effective content strategy:

  1. Subject Matter Experts: As a cybersecurity marketer, having dependable subject matter experts to turn to for content is essential. You should conduct media training and coaching to understand their preferred formats.
  2. Data: Good data creates good content.
  3. Taxonomy: Having a standardized system that lists go-to formats of pieces of content and their purpose makes creating content easy. A taxonomy that outlines why to choose one format over the other, what each does, and what target audience and object it aligns to keeps everyone in the organization on the same page. The taxonomy should include:
    1. Content type description
    2. Best objective
    3. Target audience
    4. Sales stage (TODU, MOFU, BOFU, customer)
    5. Link to live example in final layout
  4. Customer journey: Syncing content inventory to the customer experience and journey and the sales funnel and model helps clarify how content is used and when best to use it.
  5. Storing and tagging: Companies should have a centralized inventory where all content is tagged and made searchable. Employees will be able to easily find content and reuse it in the future.
  6. Make it searchable: Content should be made searchable not only in metadata (title and tagging), but in the content itself.

Real Project Examples

Vose discussed four types of content that cybersecurity marketers may need to produce: threat research, rapid response content, testing content, and analyst content.

Threat Research

Threat research may materialize in the form of an annual threat report. Typically, an annual threat report is released once a year in January-March, and it summarizes the threat activity and trends from the previous calendar year from the organization’s point of view. This piece helps develop brand credibility and threat research and consulting skills for the company. It is a chance to educate prospects and stakeholders while also generating leads and demand.

Vose outlined a clear way to approach doing custom research:

  1. Brainstorm a table of contents by determining what to write about based on what data you can retrieve, what is popular, and what the company’s area of differentiation is.
  2. Set up a tiger team to gather data on the landscape to yield information on what topics matter and have value to your customers.
  3. Finalize the table of contents based on what the tiger team brings back, giving you a clearer picture on what the report will include.
  4. Gathering a team of executive stakeholders, including executives, legal, customer references, and brand employees, to help review the first draft of the report to ensure that everything is in place.
  5. Develop a content strategy and promotion planning. Having a better understanding of what the report will entail after the executive stakeholders review the report will help you see what other content you could incorporate.
  6. Find a writer. One writer should be enlisted to interview researchers and ensure consistency and brand tone of voice of the content.
  7. Brief the PR and executive stakeholders.Once the writer finishes a first draft, a team of PR experts and executives can agree on the final list of topics and themes.
  8. Incorporate feedback. The writer can edit the draft based on the feedback from the executive stakeholders. The second draft should be circulated with PR for pitching.
  9. The legal team should review the final copy to ensure everything is within compliance.
  10. Publish!

However, if possible, the final report should live within a broader kit to send to the sales team and outside stakeholders: sales brief, ads, emails, eval guide, landing page for gating content, the report itself, infographics, videos, webinars, press releases, social media, and blogs.

Because Vose has been through the process many times, she has learned many important lessons, including getting the executives on board early to make sure they’re okay with the plan, briefing the PR team early, and making sure customer references check for existing customers.

Rapid Response Plan

A rapid response plan is produced in response to a substantial, large-scale event in the industry, such as a pandemic. The plan supports your company’s relevancy to the event and credibility, and also showcases how you can support customers as they determine their strategy.

To prepare now in the case of an unpredicted event, you can determine the steps necessary to inform the market of your company’s performance if something happened. This includes developing a RACI, a group of people who are responsible, accountable, consulted, and informed if an event occurred. Next, develop an MVP content kit and SLAs for turnaround of the assets.

Vose’s outline for the rapid response process includes:

  1. Follow the steps in the plan and RACI.
  2. Keep notes from the war room as information comes in.
  3. Determine what content formats are needed in order of priority and according to the audience.
  4. Brief writers and provide them with outlines, notes, and points of contact and subject matter experts.
  5. Have legal, sales, and the executive teams review all materials before they are published.
  6. Execute!

In one of Vose’s past rapid response plans, the kit included a business brief, blogs, customers communications, FAQ for sales, live video demos demonstrating how the company’s tech works in crisis, landing pages, press releases, and social media.

Throughout this process, Vose learned that it is necessary to prepare now, make sure you have a seat at the table to access all information, and get information to customers ASAP through blogs, social media, and customer communications.

Testing Content

Actions speak louder than words. So testing content, content that depicts how your company’s tech is used in different cases and where it stands when compared to other tech, is important. This report amplifies the successful results of the product after it is tested in a testing house, enhancing brand credibility and providing content and data for the future. Vose said, “It’s great for quantitative content that you can poach for a variety of purposes—you can sprinkle it through different pieces.” Depending on budget, performance, and preferences, testing content can be released three to four times a year.

Vose’s recommendation on creating testing content includes:

  1. Read the test report, including what was being tested and use cases. Get a briefing from the product, product marketing, and sales team to identify key takeaways, such as what the company excelled at, customer concerns, and any questions.
  2. Develop a derivative content strategy and promotion planning based on key takeaways.
  3. Have the key stakeholders (executives, legal, customer references, brand, and sales) review the draft.
  4. Incorporate feedback and create the second draft.
  5. Have the legal team review the second draft.
  6. Publish and promote!

In one of Vose’s past real-life experiences, the testing kit included the test report, landing pages, blogs, infographics, sales briefs, press releases, social media, and emails.

Her hard-won lessons are don’t go at it alone (work with the product, product marketing, and SE teams), understand the use case narratives that were tested, and keep using the testing reports and results in future content releases.

Analyst Content

Analyst content curates highlights from the reports of analysts (like Gartner) and magnifies the findings to your audience. This content develops brand and technology credibility while also providing content for the future. Analyst content can be published one to three times per year, depending on budget, performance, and preferences.

Vose discussed these steps to create a comprehensive report from analyst content:

  1. Read the report.
  2. Get briefing from the product, product marketing, and sales team on key takeaways.
  3. Understand licensing restrictions from the publisher.
  4. Have analysts who published the reports review the content to ensure it adheres to their messaging constraints and limitations.
  5. Have stakeholders (executives, legal, customer references, brand, and trusted sales) review the first draft.
  6. Incorporate feedback and create the second draft.
  7. Have the legal team review the final draft.
  8. Publish and promote!

Vose’s lessons include understanding localization (some firms might require you to use their translation services, which are expensive), understanding messaging constraints such as marketing claims, and gating the content and using progressive profiling.

Hard Won Lessons Learned

Over the years, Vose has refined her approach to creating cybersecurity content marketing. Marketers should focus on:

  1. Crafting educational content for stakeholders.
  2. Understanding primary vs. derivative snackable content for each project.
  3. “Kitting” your content when possible.
  4. Briefing your sales team because they’re sharing the content with their customers.
  5. Understanding how to use the company’s website to promote content.
  6. Running the final drafts by legal and customer references when in doubt.

If you’re interested in perfecting your cybersecurity content marketing strategy, visit https://cybermarketingcon2020.heysummit.com/ to watch the full panel session.