key insight CEO. Mission-driven to protect life-saving services from cyberattacks.
In the cybersecurity business, I see leaders jumble their key promises to their customers in a relentless pursuit of complex capabilities and underlying capabilities.
This struggle is nothing new. In the 1980s, a race for features resulted in the ‘ultimate programmable VCR’, completely sacrificing ease of use. The desire to watch and record videos at home has been followed by a myriad of ways to program recording and playback. The result is a long and poorly written manual that many parents turn to their children for help.
Indeed, great brands are supported by brand pillars. Core promises are backed up by examples of real reasons to believe. But when the brand pillar becomes a burden, it undermines the message. They destroy core promises.
When IT leaders look at today’s cybersecurity products, they find a proliferation of acronyms, deep technical claims, and broad feature sets, leaving the average leader wondering where to start and what to believe. CSPM, UEBA, Zero He Trust, Cloud Native, Open XDR, etc. soon. These are undoubtedly important concepts, but ultimately they are the tools to an end. These conceptual how-to guides create a deeper manual than any programmable VCR from the 1980s.
To clear up this confusion, brands try to boil down a long list of technical claims with oversimplified and incredibly comprehensive promises. They make claims such as “leader” and “number one”. They claim their solutions provide “absolutely complete protection” or make organizations “100% secure.” Customers know these are exaggerated and impossible claims. They create broad coverage that can make an infinite number of technical claims, but fail to deliver core promises that customers can understand or believe.
From conversations with IT leaders, we learned that cybersecurity customers want a trusted partner, not big claims. they want results. They want to refocus on their core business. They want to know if cybersecurity risks are being managed by experts as an ongoing security journey.
They don’t want thousands of acronyms. They also don’t want fluffy, incredible promises.
The security journey is definitely complicated. Layered security controls require deep technology and subject matter expertise. A “trusted partner” must demonstrate this deep competence. But importantly, these features don’t undermine the core promise. In cybersecurity, a “trusted partner” is a partner who first provides a great service and then a great underlying technology.
Great brands have a core promise that goes down to the smallest detail. Cybersecurity brands must find ways to create a “reason to believe” (RTB) by exposing their underlying capabilities and expertise without letting the RTB carry on the core brand promise. Hmm.
Yes, in the 1980s many brands sold programmable VCRs. Yes, many brands sell cybersecurity gadgets today. But in the end, even in the 1980s, we just wanted to watch videos and shows, didn’t we? Wouldn’t it be so much better to stream videos from a simple remote control? Doesn’t today’s cybersecurity really need a trusted partner who can provide continuous guidance and service, not an acronym endless self-help menu?
The Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. am i eligible?