Cybersecurity buyers are hard to impress. Ranging from CISOs to security architects, your audience is deeply technical, highly skeptical, and usually immune to generic B2B marketing.
They don’t care about buzzwords or brand storytelling. They do care about substance: what your product actually does, how it solves real security problems, and why they should trust you over a dozen lookalike competitors. Smart, intentional marketing is a must-have skill in the cybersecurity space.
At 97th Floor, we build cybersecurity marketing strategies that reach decision-makers and influence every stakeholder in the buying committee. We’ll break down the best practices we’ve observed, backed by ad examples and persona insights.
Let’s get into it.
Cybersecurity marketing is the specialized practice of promoting cybersecurity products or services to highly technical, security-conscious audiences. It goes beyond traditional B2B marketing by focusing on decision-makers like CISOs, SOC analysts, and IT leadership, all personas who demand depth, clarity, and provable value.
Effective cybersecurity marketing combines SEO, content, advertising, and design to engage buyers throughout a long, complex sales cycle. This involves building credibility, addressing real threats, and positioning your brand as a trusted solution in an oversaturated market.
As you might have experienced, Cybersecurity is a high-stakes environment where mistakes can cost millions (and your audience knows it). The technical acumen of your buyers means any hint of fluff or oversimplification can tank your credibility.
Other challenges include:
To break through, cybersecurity marketing needs to be as intelligent as the people it’s trying to reach. That means aligning every campaign with how your audience thinks, what they’re solving for, and how they evaluate vendors.
Where traditional B2B campaigns can succeed with broad messaging, cybersecurity campaigns must go narrow. They need to:
Bottom line: If your marketing isn’t built for security buyers, it’s not built to perform.
Creating a high-performing cybersecurity marketing strategy means throwing out the one-size-fits-all B2B playbook. We’ve dug through our history as a cybersecurity marketing agency to identify six principles that drive success in cybersecurity marketing, each paired with a unique ad example. Use these tips to help you take your next cybersecurity campaign to a new level.
You’re not marketing to “security teams.” Remember your target, whether it’s marketing to a CISO who oversees a sprawling enterprise, or a SOC Analyst who lives in alerts. Specificity is non-negotiable in cybersecurity marketing, because vague messaging gets ignored.
Darktrace succeeds here by getting specific. Not only are they directly calling out CISOs, but they’re tackling only one facet of security: email. This approach self-eliminates some audiences, but ensures that those who do interact with the ad are likely higher-intent. The headline text could be helped by offering some specifics about what the whitepaper offers, but the ad maintains strong branding and a strong call-to-action.
Brainstorm: What’s the most specific piece of content you can offer to your audience? How can you write ad copy that hits on just one pain point and offers one precise solution?
Cybersecurity buyers are burned out on abstract “platform” talk. What do they actually want? Time back. Fewer compliance headaches. Less operational friction. When your value proposition addresses those second-order benefits, it lands harder.
Identity security company CyberArk’s ad pinpoints a problem experienced by their customers: losing so much time finding the right security solution and dealing with compliance, that important projects get deprioritized. Rather than focusing on CyberArk’s product offerings, the ad leans on a secondary benefit that prospective buyers are eager for. A simple design and minimal colors make the ad visually appealing, and the offering of a personalized audit and compliance call is a strong call-to-action.
Brainstorm: What is the most significant benefit that your solution provides to your audience?
If you’ve been recognized by Gartner or Forrester, or if your solution meets hard-to-hit compliance benchmarks, by all means say it. Security professionals are looking for signs that you actually know what you’re doing. A little proof goes a long way.
Crowdstrike leverages Gartner’s authority in this ad, highlighting their place on Gartner’s Magic Quadrant. Gartner is a trusted source on cybersecurity and IT solutions for CrowdStrike’s audience, and using this report for advertising is a brilliant and low-effort win.
Brainstorm: Have you won any awards or accolades that you can put on an advertisement? What about client testimonials?
Cybersecurity buyers are lifelong learners. They respond to content that teaches them something new, especially when it’s visual, data-driven, and skimmable. If your brand can help them stay sharp, you earn trust and attention.
A10 Networks’ use of data visualization is a great idea. People are more apt to engage with graphs, statistics and data than a chunk of text. This chart invites A10’s audience to see how they stack up against their peers concerning TLS/SSL inspections, and the ad’s call-to-action implies that there is more to learn about how technology leaders consider decryption solutions.
However, this chart isn’t the easiest thing to swallow. This ad would be stronger with just a single metric or with a more simple visual from their data. As is, the ad requires too much of its viewer and, by failing to supply any conclusions about this data, leaves too much ambiguity about where this information puts its audience in relation to A10 Networks.
Brainstorm: What data can you share with your audience that will make them want to learn more about you?
The best cybersecurity brands shape how the industry sees threats. Establishing thought leadership through bold, creative design and clear messaging makes your brand feel indispensable.
Palo Alto Networks’ ad stands out for cohesiveness between copy and design, strengthening the impact of the ad’s message. Pairing the idea of unknown threats with the impression of half-turned blinds evokes that eerie feeling of being watched by something unseen. This strengthens the ad’s promises of protection for “whatever, whenever, wherever.” Palo Alto Networks is positioning itself as an omniscient and omnipresent security solution, putting a certain 2006 babysitter receiving threatening phone calls customers at ease.
Brainstorm: What objects symbolize safety or privacy to your audience? How can you use those objects to create something visually interesting?
Let’s be honest, most cybersecurity ads look like they were built from the same uninspired template. But a little creativity goes a long way—especially when it surprises, entertains, or reframes a threat in a clever way.
All cybersecurity ads pretty much look the same, so we love it when a brand breaks out of the B2B monotony like Carbonite has. The visual analogy is straightforward and intriguing, demanding a pause and inviting a chuckle from its audience. With simple, unique ad creative, Carbonite establishes that its security solutions are so good that its customers can be completely unbothered about threats - even threats as sinister as prowling predators.
Brainstorm: What analogies does your brand or product lend itself to? How can you use that to surprise your audience?
To build a cybersecurity strategy that drives pipeline, you need to know who you’re talking to, what keeps them up at night, and how they influence the buying process. Each persona plays a different role, and each one needs a tailored message.
Below are four common groups we build campaigns around, with tips on how to reach them.
CISOs and Security Leaders
What they care about: Risk reduction, cost justification, strategic alignment
How to market to them: Be brief, credible, and focused on outcomes. CISOs aren’t deep in the weeds—they’re trying to evaluate whether your solution moves the needle on security posture or operational efficiency. Give them high-level proof points, ROI-driven messaging, and third-party validation like analyst reports or compliance frameworks.
Security Practitioners and Implementers
What they care about: Technical specs, real-world application, peer trust
How to market to them: These are the engineers and analysts who will poke holes in your claims. Your marketing needs to speak their language and show technical depth. Use product walkthroughs, architecture diagrams, feature comparisons, and use-case content that demonstrates exactly how your solution works in practice.
IT Decision Makers
What they care about: Integration, scalability, cost, security trade-offs
How to market to them: This group sits at the intersection of IT and security. They want solutions that won’t break their systems or their budget. Emphasize interoperability, performance, and ease of deployment. Case studies and pricing calculators can help them make a confident decision.
Boards and C-Suite
What they care about: Business risk, liability, brand protectionHow to market to them: You're not selling features—you’re selling peace of mind. Frame your messaging around financial impact, regulatory compliance, and business continuity. Use concise, high-trust formats like executive summaries, brief videos, or benchmarking data to support your case.
Marketing in cybersecurity is a high-stakes game. There’s less room for error, more skepticism in the room, and a shorter window to prove your credibility. Here are some do’s and don’ts that help keep cybersecurity campaigns focused, effective, and persona-aligned.
Do speak to specific personas.
Generic messaging gets ignored. Tailor every piece of content, ad, or landing page to one specific role and pain point.
Do lean on data and authority.
Use trusted sources like Gartner reports, industry benchmarks, and analyst quotes to back your claims. Show, don’t tell.
Do invest in content depth.
Your audience can sniff out fluff in a second. Write with substance. Collaborate with your SMEs. Make every piece worth your reader’s time.
Do prioritize technical accuracy.
One wrong detail can undermine the whole campaign. Double-check product specs, terminology, and claims, especially in visual assets.
Do align with the buyer journey.
CISOs don’t click “Buy Now.” Build layered campaigns that nurture interest across awareness, consideration, and validation stages.
Don’t overpromise.
"Total protection" or "unbreakable security" won't land and could backfire. Be confident, but stay grounded in reality.
Don’t assume they’ll connect the dots.
Spell out exactly how your product helps solve a specific problem. Don't rely on vague claims or industry jargon.
Don’t recycle general B2B creative.
Your cybersecurity audience has seen the same ad template 1,000 times. Differentiate with smarter, more persona-aware creative.
Don’t ignore design preferences.
Security audiences favor clarity and simplicity over flash. Avoid overly polished, “marketing-looking” assets that feel insincere.
Don’t skip the proof.
Your audience needs evidence before they trust your brand. If you don’t provide it, they’ll find a competitor who does.
Why Choose 97th Floor as Your Cybersecurity Marketing Partner?
We understand cybersecurity marketing because we’ve done it—successfully—for some of the top names in the industry. If you need to lower your CPA, hit revenue goals, or get in front of the right people, we can help. We build strategies based on research, data, and a deep understanding of how security buyers think. And we always respect your audience’s intelligence, time, and high standards.
Learn more about our cybersecurity marketing services, or get in touch to start your next campaign.
Get in touch to see what's possible for your brand.
Success depends on your goals, but in most cases, it comes down to pipeline and revenue. We track metrics like MQL to SQL conversion rates, CPA, influenced opportunities, and marketing-attributed revenue. Vanity metrics won’t cut it in this space.
LinkedIn, Google Search, and niche platforms like Reddit are strong starting points. The real performance comes from blending paid media, SEO, and content into a single strategy. The right mix depends on your audience and budget.
More than you think. If your audience includes engineers or SOC analysts, surface-level content won’t earn their trust. You don’t need to write like a PhD, but you do need to be smart and accurate. Collaborating with your SMEs is key.
They go too broad. Trying to speak to everyone means you resonate with no one. Strong campaigns are specific; built for one role, one problem, and one clear outcome.
Most ads in this space look the same: dark, technical, and forgettable. You can stand out by using creative analogies, clean visuals, and focused messaging. Humor, when done right, also works. See the Carbonite ad example above.
Cybersecurity solutions buyers are worn out by the constant barrage of stale content flooding their search results, inboxes and social media.
Only brands that are willing to pause the content machine long enough to develop true empathy for their audience will be able to make any progress towards the mecca of trust and authority.
97th Floor believes that Empathy, paired with Innovation and Profitability, produces Great Marketing—marketing that fosters relationships and ultimately sales. We unlock empathy for our client’s customers through an exhaustive process of in-depth persona research and customer journey mapping.
Our customer journey maps reveal the questions, actions and touchpoints of an audience at each stage of the funnel: awareness, consideration and decision. Using these maps as a launching pad for every marketing campaign makes delivering "the right message at the right time" a reality.
The following are real persona customer journey maps created for our clients in and adjacent to the cybersecurity industry. They have been anonymized, but all other information is as-delivered to our clients.
Podcast advertising is a promising strategy for any marketing campaign, with 51% of podcast listeners agreeing that hearing a podcast ad made them more likely to make a purchase from that brand.
Cybersecurity marketers are in no drought for opportunities here, with dozens of long-running and far-loved shows capturing the ears of your audience.
We used Sparktoro and additional tools to find the top-listened podcasts from decision makers in cybersecurity; put a bug in their ear about you, yeah?
Note that this audience is extremely sales and advertising averse. They don’t appreciate self-promotion. While you can of course pay to sponsor the show and get a host-read ad in front of your audience, be extra thoughtful about your messaging and position as you do so.
Darknet Diaries has amassed a cult-like following for its deep-dive episodes exposing true, first-hand stories about “hackers, breaches, shadow government activity, hacktivism, [and] cybercrime.” Host Jack Rhysider, whose own background is in security operations, makes staggering stories accessible and captivating for both technical and non-technical audiences. The show brags over 90 millions downloads and received praise in The Guardian, Vulture and The New York Times.
Format: Guest Interviews
Update Frequency: Every first Tuesday of the month
On Air Since September 2017
Opportunities: If you happen to know someone or know someone who knows someone with an insane cybercrime story to tell, the connection may be worth making just to get your company’s name floating in Jack’s network. Otherwise, you can contact the team by emailing jack@darknetdiaries.com to inquire about sponsorship. See the complete list of active sponsors here. It includes a number of personal and professional security solutions and IT solutions.
Hosted by former NPR investigations correspondent Dina Temple-Raston, Click Here brings listeners audio stories from the “shadowy characters behind ransomware attacks, disinformation campaigns, and hacks and … the people trying to stop them.” Show topics range from “peek inside a North Korean malware lab” to “how hackers settle their disputes – think People’s Court without all the robes.”
Format: Guest Interviews mixed with investigative reporting and narration from the show host
Update Frequency: Every Tuesday and Friday
On Air Since August 2017
Opportunities: Click Here belongs to an ecosystem of cyber-related news produced by The Record from Recorded Future News. The publication sends a daily newsletter to its audience of “hundreds of thousands” via a mobile app.If you have a news tip, and perhaps an expert to lend, about cybersecurity startups, cybersecurity attacks, or policy surrounding privacy, disinformation or cybersecurity policy, you can pitch your story by reaching out to therecord@recordedfuture.com. The show also has in-show advertisements, maybe one per episode or so.
“2.5 Admins is a podcast featuring two sysadmins called Allan Jude and Jim Salter, and a producer/editor who can just about configure a Samba share called Joe Ressington.” The show covers tech news and answers listener-submitted admin-related questions.The show’s audience is well-educated high-earning IT professionals.
Format: Conversational
Update Frequency: Weekly
On Air Since April 2020
Opportunities: The show welcomes interested sponsors to get in touch at show@2.5admins.com.
Late Night Linux is a family of seven podcasts, including 2.5 Admins, all about "Linux, open source software, and systems administration.” Late Night Linux was the group’s first show, and covers all things free and open source software.
Note that the show contains explicit content.
Format: Conversational, doesn’t appear to host guests
Update Frequency: Weekly
On Air Since December 2016
Opportunities: To advertise on any of the Late Night Linux shows, contact joe@latenightlinux.com.
Hosted by Kurt Seifried and Josh Bressers, Open Source Security Podcast delivers weekly conversations on all things IoT, application security, operational security, cloud, devops, and security news.
Format: Two hosts
Update Frequency: Weekly
On Air Since September 2016
Opportunities: You can email the hosts from their website. Both Kurt and Josh are active on infosec.exchange, part of a decentralized social network powered by Mastodon. Sounds like a good place for some audience research, at the very least.
Hosted by cybersecurity veterans Graham Cluley and Carole Theriault, Smashing Security offers a “helpful and hilarious take on the week’s tech SNAFUs.” Winner of the "Best Cybersecurity Podcast" in 2018, 2019, and 2023, and the "Most Entertaining" in 2022 and 2023, Smashing Security has had over nine million downloads.
Note that the show contains explicit content.
Format: Two hosts, occasional guest interviews
Update Frequency: Weekly on Wednesdays
On Air Since December 2016
Opportunities: Smashing Security has generous options for sponsors, including opportunities “for sponsors to appear in 15-minute featured interviews included within the podcast.” To learn more about sponsorship, email studio@smashingsecurity.com. Smashing Security also conveniently features all past episode guests on a nice list. Pursue it and let ideas flow: who in your organization would fit here? Guest list.
Running for nearly twenty years, Security Now offers weekly conversations on security topics such as malware, ransomware, and hacks; digital identity, data privacy, and policies; hardware and IoT security concerns; software and plug-in security patches and updates; and many more. The show hosts are cybersecurity authority Steve Gibson and technology expert Leo Laporte, each bringing “their extensive and historical knowledge to explore digital security topics in depth.”
Format: Two hosts
Update Frequency: Weekly on Tuesdays
On Air Since August 2005
Opportunities: Security Now belongs to the TWiT faTmily of podcasts, a group that amasses a yearly audience of 25 million downloads. TWiT’s podcasts have built a relationship with listeners over several decades, which is great news for you; not only is 88% of TWiT’s audience tech or IT decision makers, but 88% of listeners have actually made a purchase based on a TWiT host-read ad. Get started by emailing advertise@twit.tv.
Risky Business Media was founded in 2007 by cybersecurity journalist Patrick Gray. A rotating group of hosts including Patrick and others publish multiple episodes each week for their audience of cybersecurity professionals.
Format: Host conversations
Update Frequency: Weekly
On Air Since February 2007
Opportunities: Risky Business’ audience is “top heavy,” meaning that a majority of their more than 25,000 weekly listeners are CISOs or information security decision-makers. View Risky Business’ media kit for more information about their audience, and contact sales@risky.biz for pricing. You can also reach out with editorial opportunities. Note that Risky Business Media also publishes two cybersecurity newsletters.
There are two ways to target your audience vis podcast advertising. The first is with baked-in or title-by-title targeting. Baked-in ads are added to the podcast audio file itself, making them permanent. This means that all listeners will hear the same ad when they listen to that episode of the show, regardless of their location, demographic or when they hit play. These ads can appear anytime in an episode and can be longer than thirty seconds.
Dynamic insertion or audience network podcast advertising inserts ads into ad spots (pre, mid, or post-roll) which can be targeted to the person listening. This allows podcasters to keep the advertising on their shows fresh, and it allows advertisers to select contextual targeting and third-party segments. The ad is then inserted in whatever shows that audience is listening to.
Host-read ads are created and voiced by a show’s host, and are usually read in the style of the show. Because of the host’s narration, these ads seem like a personal endorsement to audiences.
Host-read ads are a great choice for most cybersecurity podcast ads because the target audience aligns closely with specific podcast shows, like those listed above. We can select a show or a few shows and have host-read ads for cyber solutions during those shows.
PRO TIP: For host-read ads, it’s best practice to give the host bullet points instead of an actual script. This way you can make sure that what you want covered gets said, but the host has the opportunity to make it seem more authentic to them.
PRO TIP: Make the host your advocate. Build a relationship with them. Let them experience your product as best they can so that they can speak authentically to their trusting audience.
Pre-recorded ads are scripted by an advertiser and then recorded by a voice talent before being added to the podcast pre, mid, or post-roll. This type of podcast ad is best if your podcast advertisements won’t be on one specific show.
For example, using a title-by-title approach doesn’t sense if your targeting requires a geographic restriction.
Here, we can pick contextual targeting so the podcast episode has to be about that topic. Then, we can also layer on third-party segments, such as the user interests or experiences. Finally, layer on location targeting..
A voice talent will read the pre-recorded ad that can then be dynamically inserted whenever a podcast listener meets all of those requirements.
It all depends on your budget, goals and even the length of your spot. Compare each spot below.
Podcast ads aren’t clickable in most cases, so they are definitely a top-of-funnel awareness play. However, you can drive action from a podcast ad by having a great offer. Most podcast ads have a very enticing offer such as saving a certain percent on a product or a first month free.
PRO TIP: Longer campaigns outperform short ones. Run ads on at least 5 episodes of a podcast to improve recall by 39%. Make each spot different to prevent audience tune-out.
While counting episodes downloads will tell you impressions, use these four tactics to get better success metrics from your podcast advertising.
Story-telling is essential for podcast ads. You don’t have a visual component to draw people in, so you’ve got to hook them with words.
And remember, the offer is so important. Podcast advertising isn’t the most straightforward journey. It’s not like clicking on a LinkedIn ad. We’re asking the user to go to our website manually, so we better offer them a good reason why they should!
We help our cybersecurity clients hit aggressive CPA targets, fill the sales pipeline, and hit marketing-attributed revenue goals. And we're serving up insights even richer than the ones you just read... Check it out!
Ascend.io provides an automated platform to manage data engineering & analytics workloads 10X faster by combining data ingestion, transformation, delivery, orchestration, and observability into a single platform.
Because their product is so technical and so niche, Ascend was a relatively unknown company. In fact, Ascend’s product is so unique that the company doesn’t have any direct competitors that do exactly what they do.
Desperate for leads, Ascend made a common B2B mistake—focusing only on the bottom of the funnel and their ads were performing poorly.
We got to work building out consumer personas based on Ascend’s audience knowledge and our own proprietary research and built out a Customer Journey Map for Ascend’s most valuable personas. We knew who our audience was, where they were spending their time, what questions they were asking, and what touchpoints to provide them.
Our strategy then unfolded in three parts: taking a full-funnel approach to existing platforms (LinkedIn & Google), launching on new platforms (Reddit, Twitter, and Terminus), and continually refreshing ad campaigns. Across all channels, we expanded the campaign objectives to include lead generation, website conversions, and website visits with a mix of ad formats, including single image, conversation ads, and document ads.
Leveraging content downloads, an increased focus on awareness, impressions and traffic from LinkedIn ads increased conversion metrics for each persona at every stage of the funnel.
Every measurable metric, including the most important metric of demo requests, skyrocketed thanks Ascend’s increased visibility across multiple channels and multiple stages of the funnel.
Ilumio is a cybersecurity company known for its micro-segmentation solutions, offering network security against cyber threats. Their innovative technology helps organizations effectively secure their network infrastructure.
When ilumio came to 97th Floor, they ranking for less than 4,000 total keywords with only 264 of those keywords holding a first-page ranking. Addressing this limitation became a primary focus to enhance Illumio's online visibility and reach.
Audits identified keyword cannibalization issues on Illumio's site. 97th Floor's top priority was eliminating these competing pages to enhance organic traffic.
The next step involved optimizing pages targeting keywords with strong baseline rankings and high search volume. Additional audits and keyword research informed content re-optimization, internal linking, and site structure changes.
After only one year of working together, Illumio was ranking for 9,671 total keywords, with 812 keywords on the first page.
"97th Floor brings a lot of good ideas on how to refine what we’re doing." – Erick Frierberg, Chief Marketing Officer
Solo.io is an Application Networking Platform enabling companies to take the next step in their cloud journey.
When Solo.io came to 97th Floor we established that they were missing out on impressions due to budget constraints and outdated geo-targeting, so they doubled their Google spend. This move enhanced their brand visibility, a key performance indicator.
Their prime objective, however, remained boosting Marketing Qualified Leads (MQLs) where a lack of mid-funnel strategies in Solo.io’s existing campaigns hindered their conversion efficacy.
Using in-depth persona research, we developed and pitched a full-funnel LinkedIn campaign that would target personas for Solo’s two main products: Legacy API Gateway and Gloo Mesh.
The campaign included newly designed and written ads at the awareness, interest and conversion stage to meet Solo’s market where they are and move them through the funnel.
Solo.io would deem the campaign successful if we achieved a Cost Per Lead Under $200.
In just 4 months, the LinkedIn campaign generated 246 leads at a cost of $141/lead. This is a 26% increase in total leads and a 29% decrease in total cost per lead for Solo.
Gigamon is an analytics network vendor providing hybrid cloud infrastructure, security, and observability solutions for the world’s most demanding enterprises.
Gigamon was doing everything right in pursuit of first-page rankings for their industry's coveted keyword - "network security" - but they weren’t seeing any progress.
A top-10 spot for this keyword would give Gigamon serious edge.
When 97th Floor stepped in, we decided to optimize Gigamon's focus page for a lower-volume keyword.
Page and domain-level reports as well as semantic and technical SERP analysis alerted our team that a series of small optimizations in a holistic SEO strategy could be the counter-intuitive solution to ranking for "network security.”
We strategically switched our focus to the keyword “network security tools,” which gets searched just 600 times each month.
Our targeted optimizations quickly propelled Gigamon to the front page for "network security tools" within a month, and to the top position the following month. Concurrently, we secured 40 new domain links in a single month.
Our dual approach effectively boosted Gigamon's SERP standing. Remarkably, the very next month we secured the 5th spot for "network security", the ultimate goal.
This strategy led to a significant 94% increase in sessions for Gigamon. Today, this page continues to attract more organic traffic than any other on their site, playing a pivotal role in their impressive 50% year-over-year increase in organic traffic.
"If you need somebody to be dependable like they're internal and to really care about the outcomes of your marketing programs, then 97th Floor is a great partner." – Kate Evetts, Director of Digital Marketing at Chronosphere
Chronosphere is a SaaS-based, cloud-native monitoring solution for enterprise businesses. Chronosphere’s platform gives companies the ability to remediate issues faster with real-time insight while getting data growth under control.
When Chronosphere came to 97th Floor, their strategy was hyper-focused on target accounts and driving awareness. They had a lot of traffic but were not generating many leads. They partnered with 97th Floor to increase brand awareness, drive more traffic to their site, and most importantly, increase their number of demo requests—all at a lower cost per demo.
When we caught wind of major industry events on the horizon, we immediately saw a golden opportunity to spotlight Chronosphere to an engaged audience. With key events unfolding in New York City and Detroit, we zeroed in on a strategy that would ensure Chronosphere couldn't be missed.
Our move? We went big with out-of-home advertising, choosing the in-airport TV network ReachTV for our canvas. Timing was everything, so we aired our ads right when flights were buzzing in and out of the event cities—capturing attention before and after each event. But we didn't stop there. We made sure Chronosphere was the talk of the town, with our ads riding high on taxi tops, ferrying attendees through the hustle and bustle of the city streets. This wasn't just advertising; it was about making a statement where it mattered most.
Our out-of-home (OOH) ad campaign for Chronosphere significantly boosted engagement: US site traffic increased by 46%, with a standout 743% rise in Detroit and an 18% uptick in NYC. Impressions for “what is Chronosphere” jumped by 81%, while the “Chronosphere vs Datadog” comparison saw clicks and CTR surge by 400% and 381%, respectively.
Feature Image photo by Markus Spiske on Unsplash.
B2B marketers know the importance of capturing their upper-funnel audience, but foggy attribution and the ease of spending for these non-search ads makes this endeavor feel risky.
To understand how cybersecurity companies are approaching this challenge, we analyzed the upper-funnel advertising strategies of 15 cyber companies.
In our analysis, we’ve identified 4 industry outliers whose distinct upper-funnel ad plays are worth study:
Founded in Romania in 2001, Bitdefender’s now global presence serves small and medium business, mid-market enterprises and consumers. Bitdender is proud of its over 440 patents for core technologies, “including machine-learning algorithms to detect malware and other threats and anomaly-based detection techniques vital to detect and prevent new and unknown threats.” Their guiding mission is to be the most trusted cybersecurity provider.
| Software Development | 1,001-5,000 Employees | $100M-$500M | Founded 2001 |
BitDefender is vastly outspending every other company in our sample, claiming 60% of both spend and impression share over a 12 month period.
They also outpace competitors in number of creatives, totaling 1,112 varieties in 12 months. The runner-up in this category ranks at only 554 unique creatives.
In late September 2022, Bitdefender announced a multi-year partnership with Scuderia Ferrari, the Formula One racing division of Ferrari. Bitdefender’s logo made an appearance on Ferrari cars, helmets, uniforms, and on the SF-23 single-seater days later on October 2nd at the F1 Singapore Airlines Singapore Grand Prix.
While the relationship may seem shallow at first, Co-founder and CEO of Bitdefneder Florin Talpes makes a clear connection between the two industries:
“When every second counts, only the most advanced cars win races on the track, and only the most advanced technology has the power to effectively prevent, defend and respond to cyberattacks."
By partnering with the powerhouse of racing, Bitdefender earns coverage and status as a powerhouse in cybersecurity.
FireEye - now Trellix - was founded in 2004 and quickly earned a reputation uncovering high-profile hacking groups. The company notably participated in taking down Ozdok, a botnet that at its strength accounted for 32% of spam worldwide; detected previously unknown vulnerabilities in Microsoft products; and traced nearly 50% of all 2022 state-sponsored hacking campaigns to China and Russia.
| Computer and Network Security | 1,001-5,000 Employees | $500M-$1B | Founded 2004 |
Trellix boasts the most diverse allocation of budget to different platforms and devices.
While most cyber companies heavily prioritize desktop display advertising, Trellix targets users via Facebook, Instagram, Twitter, YouTube, OTT, Desktop Video, Mobile Video, Desktop Display and Mobile Display.
Trellix also claims the largest OTT spend in our sample at 10% of their budget. We applaud this strategy, as our own strategic OTT spend for cyber clients has paid off big time.
One of Trellix’s top creatives is a video advertisement showing how shockingly calm a security operations team can be when relying on Trellix.
This footage also happens to resemble the internal marketing teams for those brands trusting 97th Floor with their ad spend… just a coincidence, then!
Cybereason is an endpoint protection platform. Their company page describes them as a “new kind of cyber security company -- one that delivers future-ready attack protection that ends cyber attacks on the endpoint, across the enterprise to everywhere the battle is being waged.”
| Computer and Network Security | 1,001-5,000 Employees | $20M-$50M | Founded 2012 |
Cybereason is the only company in our sample whose impression volume outpaces their spend. However, there is a simple explanation for this: 99% of Cybereason’s non-search ad spend is devoted to Desktop Display ads. Display ads always guarantee high impressions, but is this the best way for Cybereason to be spending their budget?
One possible interpretation of this strategy is that Cybereason is playing by the 95-5 rule. The rule supposes that at any given time, only 5% of buyers are in the market and looking to buy. Conversely, 95% of buyers are not looking to buy. However, buyers hold strong biases for companies they already know when preparing to make a purchase decision. Investing in the 95% of out-of-market “future buyers” with brand awareness advertising can yield large dividends down the road as the 95% eventually rotates into the buying stage.
Since its founding in 2012, an owl has been the center of Cybereason’s brand identity. When Cybereason began a rebranding process in 2020, conversations with stakeholders revealed that the owl would stay.
Chief Marketing Officer Meg O’Leary says, “The reality was that our customers and partners not only liked the owl as a part of our visual identity. They felt it reflected their own identity as cyber defenders. They too must be wise thinkers and shrewd hunters who adapt as they go, cutting through darkness and complexity to zero in on and neutralize their targets. The owl symbolized the best in all of us as defenders.”
Cybereason’s owl appears on all the creatives we pulled, featured on a black background to remind audiences that both owls and Cybereason see in darkness to detect and destroy threats. The ‘E’ in End found in the design seems to mimic an owl’s three talons slicing through enemies.
In 2020, the rebrand introduced the League of Defenders - a group of owls with distinct looks and abilities to encompass all of Cybereason’s abilities and services. You can meet the League here.
Cybereason stands out from competitors as a brand with strong visual identity, creating a mascot for the cybersecurity industry.
Founded in 1997 by Steven Thomas and his girlfriend Kristen Tally, Webroot’s first commercial product was a trace removal agent called Webroot Window Washer. Today, Webroot “secures businesses and individuals worldwide with threat intelligence and protection for endpoints and networks.”
| Computer and Network Security | 500-1,000 Employees | $100M-$500M | Founded 1997 |
In a drastic departure from the norm, Webroot spends a massive 88% of their budget on Meta. Perhaps they’ve got on that both B2B and B2C customers are real people who sometimes just love to scroll.
Campaign Highlight: Live a Better Digital Life with Webroot
Leaning heavily towards its consumer audience, Webroot's recent video ads focus on how Webroot protects everyday people from digital dangers like viruses and identity theft. The videos feel honest and relatable; one video features a mother whose daughter has just enabled a virus on their brand new computer. The scene is strewn with toys and other markings of a busy home. Each video is filmed in a set made mostly of Webroot's signature green, and a short jingle sums up the spot: "Live a better digital life with Webroot."
At 97th Floor, we're big believers that Extraordinary Marketing requires three things: deep audience understanding, bottom-line focus, and courageous disruption. Our analysis of these four bold cyber companies leaves us here:
Cybersecurity is a deeply competitive and complex industry for marketers. In this short webinar, we discuss some of the essential ways marketing leaders should approach their growth.
Generic ad copy and keyword-stuffed blog posts won’t get you far. The key to effective marketing is intentionality. Every piece of your holistic marketing strategy should be fine-tuned to target the niche of people who are most likely to convert and provide business value. A holistic marketing strategy optimized with detail is marketing worth investing in.
So what does intentionality in a holistic marketing strategy mean?
Be specific about the goals, knowledgeable about the audience, and create every bit of content with the audience and specific goals in mind.
Algorithmia provides a machine learning infrastructure that allows enterprises to be more successful in their machine learning efforts. They came to us because they are in a competitive market, up against companies like Amazon and Microsoft in both SEO and digital advertising. As a relatively young company, they knew they would need to be intentional in their strategy in order to succeed in that competitive space.
With their goals for organic traffic and leads in mind, we performed thorough site, keyword, and content audits in order to better understand where Algorithmia’s SEO stood. They had been producing content, but not at scale, and were missing the opportunity to increase their domain authority by targeting top-of-funnel keywords with new and optimized articles.
This kind of content shows potential customers and Google that Algorithmia is an authority on all things machine learning.
We also conducted audits of their previous ad strategies and took a deep dive into our target audiences to determine the best way to get the right people to convert on our ads.
After gathering data on their audience and previous marketing strategies, we put a strategy into action. While we did add new top-of-funnel content to the SEO strategy, we didn’t forget about users further down the funnel. We continued to create content that serves the needs of more qualified audiences as well. A holistic approach is key to intentional marketing.
As for digital advertising, we honed in on very specific job titles, such as VP of Engineering, Senior Data Engineers, etc. We did days of research to truly understand who our audience personas are on a human level. This research included spending time on sites and social media pages that our audience spends time on and gaining a thorough understanding of their roles, responsibilities, pain points, and sense of humor. This information allows us to truly connect with users by mentioning familiar problems they face and other aspects of their daily lives, making our ads feel less like ads. Once we understood those target customers better, we created ad copy messaging and design that was tailored just for them.
We chose LinkedIn as our main ad platform, since it is where those ideal customers were most likely to be found and easiest to target. LinkedIn’s Lead Gen Forms allow users to convert directly on LinkedIn, which provides a more direct path to conversion and simplifies the user experience. We knew that our audiences were marketing-averse and sensitive to user experience, so we were pleased to see this ad feature more than double our conversion rate.
Tracking the right metrics is just as important as selecting the right strategy. For Algorithmia’s SEO, we created a dashboard of every piece of content published, and tracked performance metrics on a micro scale. Because Algorithmia’s goals were tied to the success of the content we were creating, it was important that their teams could see the results of each piece of content in real-time.
The content we produced for Algorithmia has proved itself to be an evergreen source of organic traffic to the site. We spent the first 4 months creating content, and an additional 4 months building links, and within that time our content earned over 10,000 organic visits from Google.
For digital advertising, understanding the quality of each lead, rather than just the quantity, was critical to understanding the ROI. So, we made a point to personally document the quality of every single lead that came in. We made sure we knew where the greatest number of high-quality leads were coming from, so that we could fine-tune our strategy even more as we got more performance data.
When we implemented the highly detailed ad targeting for our personas, we achieved a 48% increase in qualified leads month-over-month and a 187% increase in weekly percentage of quality leads over 9 weeks.
The final step in an intentional strategy is to consistently follow through. In marketing, you can’t just set it and forget it. You have to continually watch for changes in performance and reevaluate results.
We continuously track and monitor keyword rankings to keep up with Google’s ever-changing SERPs and continually optimize our ad targeting, always looking for new ways to connect with our audience. Another thing to keep in mind is that digital advertising audiences get fatigued quickly, requiring ad copy and creative to be refreshed often. This also allows for testing and refining the messaging and tone of the ads.
Holistic marketing strategy should have a singular goal, serving the customer. Staying on top of changes in performance will allow you to help your company shift and change with the tides of digital marketing and bring in the best results over time.
Every business serves real people, not algorithms. And people want to feel understood.
Sure, you could employ a cookie-cutter digital marketing strategy that works for a few months, call it a success, and move on. But cookie-cutter strategies won’t get you results. Stay customer focused, stay holistic, stay intentional.
