How to Become a Thought Leader in Cyber Security

by | Sep 9, 2016 | Marketing Strategy, Marketing Technology

I’ve noticed a trend in our little corner of the world: demand for cybersecurity-related marketing is increasing tremendously. In the last 2 months alone, we’ve seen inquiries for digital or content marketing programs for cybersecurity firms or software providers in the space grow by 3x. The story’s the same—you’re an industry innovator who initially grew organically based on large government and/or private cybersecurity contracts, and you’ve reached a point where you need to begin a successful marketing initiative to begin driving leads. Unfortunately, you’ve probably had a less than positive experience with marketing, and are looking for ways to kickstart marketing on your own. One area we’ve seen success for leaders in the industry (and our clients) is through establishing yourself as a thought leader in cybersecurity.

Let’s Take a Quick Look at Customer Demand in the Cyber Security Space     

The Sony Breach. Anthem. Even the current Leslie Jones hack. Cybersecurity is more than ever at the forefront of the public’s consciousness. Its appeal makes sense — people want to, need to and should feel safe when engaging with any aspect of cyberspace. In the past decade, there has been a 400% increase in the number of data breaches that have occurred. (For a great visualization of this see Information is Beautiful). But many challenges abound in the world of cybersecurity and corporations, governments, and non-profits are feeling the pain of not having addressed security infrastructures.

“Reactive security mentality only addresses the root of the incident,” Says Dave Crandall, Enterprise Architect. “Shifting to a proactive strategy means looking at a security program. It is not one tool or one solution, it is a cultural shift in thinking and a enterprise wide approach to prevent incidents.”

Thankfully, new developments point to a promising future.

Apple recently opened up its platform to white hat hackers, offering a sizable sum for those who can find vulnerabilities in its OS. The U.S. government hired 3,000 cybersecurity professionals at the beginning of 2016. In addition to this, fin tech and healthcare companies are moving to a blockchain protocol for enhanced security measures. As a matter of fact, the DoD and NATO actively sought and rewarded proposals for companies that can build on the promise of military-grade security using the technology. With these organizations finally getting on board, this makes it an optimal time to establish yourself as a thought leader in a growing space.

According to TechSci Research, the cyber security market is expected to grow eight percent through 2021, with Cisco and Symantec holding the largest market shares. The market is growing from its current size of $122.45 billion in USD to $202.36 billion in USD per Research and Markets. According to Gartner, cybersecurity trends for 2017 include a focus on IoT, cloud, people-centric security, remodeling security infrastructure and data triage whereby focus and resources will be placed on securing highly sensitive information.

Regardless of the developments and trends in this field, there still exist innumerable challenges all that make it difficult to market your cybersecurity firm. But, by addressing problems and staying on top of up-and-coming topics, you can capitalize on the market’s growth trend, and leverage one of the most effective marketing techniques available to you: position yourself (or your firm) as a thought leader.

Challenges Facing Cybersecurity Firms

Cybersecurity has long been viewed as an afterthought of computing. The reactive nature of the discipline has led to a compounding of problems.

Cyber security firm challenges: thought leader in cyber security

According to Crandall, “Security professionals are in a tough position, they have to be right every time. At a personal level a major breach can mean their job or even difficulty finding the next job. Security leaders have to look at shifting from being reactive to proactive program approach.”

1. Its Efficacy can be Difficult to Prove

Unless your system has encountered a potential attack that has been thwarted, it’s extremely challenging to prove that any cybersecurity implementation works. According to Lookout Blog, “isolated measurement only looks at what we know and not what is still living in the shadows and, maybe most importantly, how long it takes for a security technology to detect any kind of malware once a device encounters it.”

2. Lack of ROI

Given that the efficacy can sometimes be difficult to determine, this directly correlates with a lack of measurable ROI—or perception of such. Many in senior management wonder how an organization can justify expensive cybersecurity measures when it can’t reliably show a return on its investment? This, however, might partly be a perception problem. Unfortunately for many of us in the “real world,” perception can quickly become reality.

3. Mitigation, not Proactivity

Because of the perceived lack of ROI, there’s often little buy-in for implementing security measures from business leaders. Organizations then adopt a mitigation mentality. They reason that because security isn’t truly needed until there’s proof of need (i.e., an attack or potential attack), it can be addressed (and paid for) at a later time.

4. Notoriously Thankless

Unless there’s organizational buy-in, measurable ROI, and proof of efficacy, it’s tough for security professionals to feel as if they’re being recognized as making an impact, resulting in a pervasive feeling that the cyber security discipline is “thankless.” According to Gib Sorebo, “We complain that we’re relegated to one of many back office functions like procurement, human resources, or facilities, functions that we, ironically, treat with the same level of boredom and disdain that we feel are directed at us.”

Dave Crandall also had this to add,”Being a thought leader often means being disliked internally. Security leaders are still often seen as roadblocks to the rest of the tech enterprise. Security leads need to market their value internally in order to shift the culture toward proactive efforts. Once culture shifts, true thought leadership can be implemented.”

5. Lack of Trained Professionals

This perception that cyber security isn’t a “sexy” or desirable job is combined with the lack of awareness of the need for more professionals who are trained in the space. The thankless nature of cyber security, coupled with the lack of organizational prioritization of cyber security measures leads computing professionals to become dissuaded from pursuing the discipline. This problem is so pervasive that an estimated 209,000 cyber security vacancies go unfilled. This can create a prime opportunity for cyber security firms like yours, who market and position themselves properly.

Opportunities for Cyber Security Firms

With the vast number of challenges that exist in cyber security, there are unique opportunities that you can leverage.


…given the dearth of cyber security personnel, anyone with a strong skill set and passion for the field can make inroads. If you’re inclined to be a white hat hacker, there’s incredible demand for your talents.

…some cyber security companies that are entering the space do little more than validate security implementation. They continue to perpetuate the reactive nature of cyber security but position themselves as experts to gain market share. The industry is starving for professionals who bring true value, yet they don’t know how to find them.

So, if you’re interested in driving your own venture, want to leverage one of the most effective approaches in marketing cyber security firms, and you can provide genuine value that addresses the main challenges of the field, you’ll be able to benefit from the massive demand for professionals like you, thought leadership.

What is Thought Leadership?

The Thought Leadership Lab defines thought leaders as, “…the informed opinion leaders and the go-to people in their field of expertise. They are trusted sources who move and inspire people with innovative ideas; turn ideas into reality, and know and show how to replicate their success.”

Thought leadership requires that you demonstrate a specialized set of knowledge, both actionable and conceptual, that is driven by innovation, foresight, insight, and significant hands-on experience.

As a cyber security expert, you’re uniquely primed to be a thought leader because there is so much that clients must tackle within the field. As a thought leader, you can help organizations drive cyber security strategy, stay on top of trends, benefit from market demand and incentives, address roadblocks, prove real ROI, establish programs for measuring security efficacy, and navigate the general landscape of the field.

A thought leader is usually someone who publishes and speaks to provide value to a wider audience than just a single organization, but you can also be hired as a coach, instructor, and expert consultant.

Top Ways to Establish Yourself as a Cyber Security Thought Leader

8 ways to become a thought leader in cyber security

Engage in Industry Conversations

Industry conversations occur through many mediums. Whether it’s at a small professional gathering, on authority blogs, magazines, and websites, or via social media, when you engage with people who are having conversations about developments, trends, and issues in cyber security you demonstrate authority in the space. Ensure that your comments and replies contain your full name and a link back to your online space.


Speak at Events

When you speak at conferences, lectures, seminars, and mixers as a subject matter expert, you gain visibility and recognition as a thought leader. Select an event and submit a proposal to the organizers. Be sure to feature a compelling topic that matches the theme of the event and highlight your greatest accomplishments.


Publish Your Own Content

Having a website is not an absolute requirement for thought leadership, but it does increase your search engine (SEO) visibility tremendously and allows you to make an impact by publishing your own content. If you have a site, have developed a content marketing strategy, and host your blog, you can provide value by periodically speaking on significant topics in a much more accessible long format.

You can also publish your own content by writing articles for magazines and websites. Start by reaching out to cyber security-specific outlets and general outlets that may feature cyber security topics. It’s usually easier to break into trade publications when you’re starting out.   

Guest Blog

Publishing your content doesn’t have to be relegated to your own blog. As a matter of fact, one of the best ways to establish yourself as a thought leader in cyber security is to guest post on authority and high-visibility blogs. Reach out to blog administrators and offer to provide a guest blog in exchange for your bio and links to your online space to be included in the bottom of your post. Be sure to include a call-to-action to readers. Ensure that your topic makes sense for the blog you’re pitching to.


Proof of Concept Projects

Create proof of concept projects and publish your results as a case study. Share this on LinkedIn, on your blog, or with other industry leaders. Doing this is a great way of establishing your actionable and hands-on expertise, a critical factor for those seeking to be thought leaders.

Conduct and Publish Research

Similar to conducting your own projects, publishing research is one streamlined means of becoming a thought leader. Seek out journals and submit your findings.


Weigh in on Current Events

Along with engaging in industry discussions, position yourself as a thought leader in cyber security by offering your insight to news outlets and journalists. Establish relationships with cyber security journalists. Whenever they need your expertise, be sure you’re available to them. If there’s breaking news, reach out directly and offer to help them augment their analysis with your insight.



Whenever you speak at a conference, lead a workshop, publish research, or complete proof of concept projects, send out a press release to get potential press coverage for your efforts. Press coverage brings visibility to your expertise and begins to promote you as a thought leader in this space.


You can’t become a thought leader overnight, but you can leverage a number of these techniques to quickly establish yourself as one. We’ve found that engaging in industry conversations, blogging, and leveraging a new PR model (when you can), helps you get on the radar of those who matter—your future customers—faster.

What other ways can you become a thought leader in cyber security? Do you face your own challenges in developing marketing for your cyber security firm? We’d love to hear your questions and ideas below.

Related Article Headline

CTA  Area Here