Audience 1st

In this episode, host Dani Woolf is joined by Sue Bergamo, James Azar, and Chuck Herrin to discuss the challenges of API security in the context of digital transformation. They highlight the lack of visibility, tools, and control in organizations when it comes to API security. The panel emphasizes the importance of understanding the data flowing through APIs, having a clear ownership structure, and implementing secure development practices. They also discuss the impact of regulations and compliance on API security and the need for organizations to educate themselves and align their language with developers and application owners. In addition, the guests stress the importance of communication, collaboration, and education in addressing API security challenges. Guests at a Glance: Sue Bergamo: Sue Bergamo is a longtime CIO and CISO who currently works as an executive advisor for BTE Partners. She advises innovative CEOs on cybersecurity and is passionate about protecting and securing data. James Azar: James Azar is the CTO and CSO of AP4 Group, a critical infrastructure company. He is responsible for the internal technology and security practices of the company and works with power plants, oil and gas companies, and aviation organizations. Chuck Herrin: Chuck Herrin is the CTO of an API security company called Wib. He has decades of experience as an attacker and defender and has served as a CISO multiple times. He is passionate about API security and helping organizations protect their data. Key Takeaways: Lack of visibility, tools, and control are major challenges in API security. Organizations need to understand the data flowing through APIs and implement secure development practices. Ownership and accountability for API security should be clearly defined within organizations. Regulations and compliance frameworks are starting to specifically address API security. Security vendors should focus on eliminating false positives and providing guidance on addressing API vulnerabilities. Communication and collaboration between security teams and application owners are crucial for effective API security. Join Audience 1st Newsletter Today Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

In this episode, Dani Woolf interviews David B. Cross, the Senior Vice President and CISO for the Oracle SaaS Cloud. They discuss the importance of organic and dynamic conversations in podcasts, David's background in cybersecurity, and his passion for helping customers. They also dive into the challenges and opportunities in the cloud security market, the maturity of professionals in the industry, and the decision-making process for cloud security solutions. David shares insights on the preference for all-in-one solutions versus specialty tools, the importance of understanding the customer's business, and the need for collaboration and shared defense in the industry. Key Takeaways: Organic and dynamic conversations make podcasts more engaging and valuable for listeners. The cloud security market is crowded and confused, with challenges in education and understanding the changes that come with moving to the cloud. The maturity of professionals in the cloud security market varies, depending on the industry and verticals. Decision-making for cloud security involves partnerships and collaboration between different departments and roles within an organization. All-in-one solutions and specialty tools have different appeals depending on the size and resources of the organization. Understanding the customer's business and pain points is crucial for vendors to provide effective solutions. Integration, flexibility, and compliance tie into the decision-making process for cloud security solutions. Sovereignty and the ability to run in different clouds and regions are becoming important factors in the cloud security market. Join Audience 1st Newsletter Today Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

Today is part three of this season’s 3-part kickoff series where Dani Woolf gives you all the lessons learned from a year and a half’s work doing deep qualitative customer research. In this episode, Dani and Clark Barron, Founder and Host of Demand Gen Therapy, explore the practical applications of customer insight in cybersecurity marketing. They emphasize the need for marketers to understand the language and needs of their audience, as well as the importance of building genuine connections and relationships with customers. They also discuss the challenges of the buyer's journey, the evaluation process, and the decision criteria, and provide recommendations for addressing these challenges as marketers who are faced with aggressive growth goals. Key Takeaways: Marketers should demonstrate that they care about the cybersecurity industry and understand the language and needs of their audience. Gamification, dynamic experiences, and real stories can help fuel the motivation of cybersecurity practitioners. Marketers should simplify complex security topics and provide clear and concise information to non-technical stakeholders. Playbooks, toolkits, and quick decision-making guides can help address challenges related to tech complexity and regulatory changes. Marketers should focus on building genuine connections and relationships with customers and providing transparent and clear communication throughout the evaluation process. Join Audience 1st Newsletter Today Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

Today is part two of this season’s 3-part kickoff series where Dani Woolf gives you all the lessons learned from a year and a half’s work doing deep qualitative customer research. We’re going to cover the top insights she learned from the 50+ buyers she interviewed. As a refresher, it’s absolutely crucial to understand what it is you want to know from your research. Setting up goals is important or else your research will go to waste. Going back to what Dani needed to know: What are the motivations for working in the cybersecurity industry? What are the biggest challenges they face in their role? What are the goals they need to achieve in their role? What are the triggers that cause them to even look for a new security solution? What are the constraints or barriers to buying? How do they do about searching for security solutions? How do they like to be treated by vendors specifically? What are big no-no’s when it comes to vendor relationships and customer service? Whether you're a seasoned pro or just dipping your toes into the cyber and infosecurity space, the insights distilled on this week's episode of Audience 1st Podcast will help you understand not just the 'what', but the 'why' behind buyer decisions and experiences. Join Audience 1st Newsletter Today Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

Dani is kicking off this new season of Audience 1st Podcast with a 3-part series on the lessons learned from a year and a half of deep customer research in the cybersecurity field. In this episode, we're diving into customer research mindset and methods that no one else in B2B marketing is really telling you about. Dani emphasizes the importance of cognitive shifts required to phase into a customer-centric approach, continuous learning, and adapting strategies based on evolving customer needs. The episode is rich with insights you aren't hearing from other B2B marketers on the most effective customer research practices and the importance of engaging directly with customers to gain deeper, more actionable insights. Key Takeaways: Mindset Shift Before Strategy Implementation: Focus on internal mindset changes before optimizing external strategies. The Importance of Direct Customer Engagement: Overcoming barriers and engaging directly with customers for deeper insights. Personal Accountability in Research: The necessity of defining and pursuing relevant research objectives. Real Conversations Over Metrics: Prioritizing genuine customer interactions over chasing unrealistic goals. Valuing Feedback for Improvement: Embracing and learning from customer feedback and criticism. Diversity in Customer Perspectives: Recognizing the importance of various customer viewpoints. Leveraging Different Qualitative Research Methods: Utilizing various platforms and tools for effective customer research. Budget Constraints Shouldn't Limit Research: Implementing cost-effective customer research methods. Initiative in Customer Research: Taking proactive steps in customer research without waiting for higher approval. Organizational Responsibility in Customer Research: Emphasizing the role of every department in customer research. Effective Use of Simple Research Tools: Maximizing the potential of accessible and user-friendly research tools. The Power of Open-Ended Questions: Encouraging detailed responses and deeper insights. Probing for More In-Depth Answers: Techniques to dig deeper during customer interviews. The Significance of Active Listening: Importance of fully understanding customer communications. Understanding Non-Verbal Cues: The role of body language in gaining comprehensive insights. Applying Research Insights: The necessity of putting research findings into action. Continuous Customer Research: Recognizing customer research as an ongoing, evolving process. Join Audience 1st Newsletter Today Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

There was a thirst of having security knowledge and expertise, but there was no way for people to access it.  They can Google their face off, that's fine.  But with security, there are a lot of nuances that are particular to each company.  And so you kind of need someone that has been there and can provide an expert opinion.  These founders, all they want to know is what should I do now and what should I do later? Brutally honest insights from Ayman Elsawah, Fractional CISO and Founder of Cloud Security Labs, vCISO advisory for B2B Saas Startups. In this episode of Audience 1st Podcast, we uncover: Roles and responsibilities of a Fractional CISO: Misconceptions and challenges Ayman faces in the cybersecurity industry Ayman's ultimate goal as a fractional CISO  Trend in the CISO role - from in-house CISO to fractional CISO Differences highlighted among in-house CISOs, fractional CISOs, and virtual CISOs. Importance of understanding the startup mentality and ensuring a good culture fit Use of metrics like security culture and compliance to gauge the success of security investments Vendor best practices to engage with fractional CISOs Such critical insights unraveled in less than 41 minutes. Join Audience 1st Newsletter Today Join 1400+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

Discover the importance of accessibility in cybersecurity products for all users. Learn about the impact of integrating accessibility into security tools. Gain insights from Justin Merhoff, Director of Security at Deque Systems, Inc. Explore the need for open dialogue and awareness to drive change. Understand the importance of aligning security tools with accessibility guidelines and standards. Hear about the personal journey of a cybersecurity professional and their passion for accessibility.

In this podcast, Charles Payne, CISO at Neptune Media, shares insights on maximizing ROI with ancillary events. He discusses aspects of smaller events that attract security buyer attention, common mistakes vendors make, and how ancillary events influence purchasing decisions. Payne also explores the impact of smaller events on a company's brand perception and strategies companies can use. Additionally, he shares insights into the types of technologies security buyers are inclined to explore at smaller events and the follow-up actions that leave a lasting impact.

Your CFP was approved and you’re about to give a public talk. Before giving a getting on stage at a large (or small) event: You've gotta get your entire talk that you want give people down to: What is the core ride or die message? That is your through-line in all of your stuff. Everything must be connected to that. And then do NOT embrace every single of your 40 talking points. Find five. And those five should matter to your person. If you don't know if they'll matter to your person, you haven't done your research. Brutally honest insights from Kirsten Rourke, founder of Rourke Training, Performance and Engagement Coaching for Speakers Who Love the Spotlight and Those Who Have to Survive It. In this episode of Audience 1st Podcast I JUST dropped, Kirsten and I talk about: → Challenges executives face in public speaking, according to an expert perspective. → Top three universal skills or principles everyone should master, regardless of their profession. → The application of 'know your audience' concept when conveying technical or data-heavy information to a non-tech savvy audience, such as in board meetings. → Suggestions for professionals on how to keep their audience engaged during complex or technical presentations, such as in cybersecurity. → Strategies for introverted professionals, especially in fields like cybersecurity, to overcome the fear of public speaking. → The incorporation of body language and non-verbal communication to enhance public speaking abilities. → Common mistakes professionals make in public speaking and methods to avoid them. → Advice for individuals who regularly present complex data and analytics, such as marketing or cybersecurity professionals. → Closing thoughts and key takeaways for listeners, including marketers, salespeople, and cybersecurity professionals, to apply in their roles. → Information on how to contact or enroll in public speaking programs for those interested in advancing their skills. Such critical insights unraveled in less than 45 minutes. Join Audience 1st Newsletter Today Join 1400+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

There's a massive disconnect between product/solution providers and the people building cybersecurity programs in the industry. The programs are built to standards.  So what if product companies start building products to meet those standards? Product vendors should be able to (but often can’t) tell what type of program they are building to and how they meet the controls inside that framework.  We need to have risk management and to be able to make decisions.  We need to shape people's thinking around and away from this auditor, pure “black and white” view in order to bring positive changes to the industry. Brutally honest insights from Brian Haugli, CEO of SideChannel, Former F500 CISO & CSO and Founder of RealCISO.io. In this episode, Dani Woolf had a conversation with Brian about his challenges, goals, what vendors do that piss him off, and the alternatives. Join Audience 1st Newsletter Today Join 1400+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter