Audience 1st

In this episode, Clark Barron, host of Demand Gen Therapy, interviews Dani Woolf about the challenges and disillusionment faced by B2B marketers today. They discuss the importance of deep introspection and understanding customers on a qualitative level. Dani shares her experience of circumventing obstacles to gather the necessary information to improve her marketing efforts. They also explore the mindset of marketers and the need for a sense of purpose in the industry. The conversation highlights the importance of moving away from generic personas and focusing on individual human beings.
Key Takeaways:
B2B marketers often face disillusionment due to being measured on metrics that don't make sense and working with limited resources.
Deep introspection and understanding customers on a qualitative level are crucial for solving the existential crisis in B2B marketing.
Circumventing obstacles and conducting research can provide valuable insights to improve marketing efforts.
Marketers in the security industry are often driven by a sense of purpose and a desire to affect meaningful change.
Marketers should be selective about the organizations they work for and focus on understanding their audience on a deep level.

In an industry whose goal is to protect people, purely profit-driven marketing makes no sense - and certainly doesn’t work.
After over a decade of running digital marketing for high-growth B2B technology startups, my guest, Dani Woolf, realized marketing is wildly different in information security. 
It took her four years after joining the cybersecurity industry in 2018 to create Audience 1st, a customer research agency built on four pillars: 
curiosity to truly understand audiences
empathy to listen first and identify cybersecurity buyers' pain points
dedication to provide insights that promote growth
and honest connection to establish authentic relationships with buyers. 
 
Dani Woolf continues to do meaningful work for people who care as the Creator and Host of the Audience 1st podcast and the WTF Did I Just Read? Tech Sales and Marketing Edition Podcast. 
Throughout this conversation, Dani shares her thoughts on marketers' role in cybersecurity, her "mission before money” mindset, and why repetition and messaging consistency are crucial in this space. 
You'll also hear why we need leaders who choose peaceful and kind ways of communicating and why Dani believes the creative tension between old-school and modern marketers in cybersecurity is a good thing. 
Additionally, Dani explains how she uses honesty to get real, deep insights from tech and IT pros, why she doubles down on being pragmatic and practical, and more ways to create positive change.
Listen to this episode to learn:
Why Dani advocates for slowing down and opening our hearts in cybersecurity (3:00)
How to avoid leaving people out through black-and-white approaches in communication (7:50)
Why having creative tension is a good thing (14:40)
How marketers can make a meaningful contribution to cybersecurity (18:30)
How to set expectations to have in-depth conversations with tech and security leaders (27:00)
Why it’s crucial to connecting with audiences beyond data (34:00)
Which benefits come from being pragmatic, practical, and prescriptive (41:20)
Listen to the original episode at Cyber Empathy.

Ross Haleliuk joins the Audience 1st Podcast to discuss his background and his work in the cybersecurity industry. He shares his motivation for creating his blog, Venture in Security, and explains how he aims to simplify complex cybersecurity concepts for readers. Ross also discusses the challenges and opportunities in the industry, including the need for better evaluation methods for security tools. He highlights the importance of building relationships with security practitioners and the need for more diversity of experiences in the industry. Ross concludes by introducing his new book, "Cyber for Builders," which provides insights and guidance for building cybersecurity companies.
Key Takeaways:
Ross Haleliuk's Diverse Roles: Ross discussed his multifaceted involvement in the cybersecurity world, including his positions at Lima Charlie, Venture in Security, and an angel syndicate for security practitioners. His diverse experiences provide a well-rounded perspective on the industry.
Cybersecurity's Complexity: Ross shared his initial hesitations about entering the cybersecurity field due to its complexity. He eventually embraced the challenge, finding a passion for demystifying cybersecurity concepts for broader audiences.
Creation of Venture in Security: Motivated by a desire to simplify cybersecurity knowledge, Ross started Venture in Security. He aims to make complex topics accessible to various stakeholders in the industry, including founders, marketers, salespeople, and practitioners.
Breaking Down Complexity: Ross emphasized the importance of simplifying cybersecurity topics. He believes in making the industry understandable to those new to the field and those from different professional backgrounds.
Vendor-Practitioner Dynamics: The conversation touched on the challenges between cybersecurity vendors and practitioners, highlighting issues like stigma, accessibility, and the one-sided nature of many vendor-practitioner interactions.
Asymmetry of Information: Ross pointed out the significant information asymmetry in cybersecurity, where buyers struggle to assess the value and effectiveness of security tools, and sellers often make unverified claims.
Bridging Industry Gaps: Ross suggested ways to bridge the gap between vendors and practitioners, emphasizing the need for building authentic relationships, and better understanding the needs of practitioners.
Evaluating Cybersecurity Tools: The interview discussed the necessity for improved methods to evaluate cybersecurity tools, highlighting the challenge in assessing the effectiveness and value of these tools.
Cyber for Builders Book: Ross announced his book, "Cyber for Builders," which serves as a comprehensive guide to building cybersecurity companies. The book covers industry understanding, trend evaluation, team assembly, fundraising, and go-to-market strategies.
Join Audience 1st Newsletter Today
Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

In this episode, host Dani Woolf is joined by Sue Bergamo, James Azar, and Chuck Herrin to discuss the challenges of API security in the context of digital transformation. They highlight the lack of visibility, tools, and control in organizations when it comes to API security. The panel emphasizes the importance of understanding the data flowing through APIs, having a clear ownership structure, and implementing secure development practices. They also discuss the impact of regulations and compliance on API security and the need for organizations to educate themselves and align their language with developers and application owners. In addition, the guests stress the importance of communication, collaboration, and education in addressing API security challenges.
Guests at a Glance:
Sue Bergamo: Sue Bergamo is a longtime CIO and CISO who currently works as an executive advisor for BTE Partners. She advises innovative CEOs on cybersecurity and is passionate about protecting and securing data.
James Azar: James Azar is the CTO and CSO of AP4 Group, a critical infrastructure company. He is responsible for the internal technology and security practices of the company and works with power plants, oil and gas companies, and aviation organizations.
Chuck Herrin: Chuck Herrin is the CTO of an API security company called Wib. He has decades of experience as an attacker and defender and has served as a CISO multiple times. He is passionate about API security and helping organizations protect their data.
Key Takeaways:
Lack of visibility, tools, and control are major challenges in API security.
Organizations need to understand the data flowing through APIs and implement secure development practices.
Ownership and accountability for API security should be clearly defined within organizations.
Regulations and compliance frameworks are starting to specifically address API security.
Security vendors should focus on eliminating false positives and providing guidance on addressing API vulnerabilities.
Communication and collaboration between security teams and application owners are crucial for effective API security.
Join Audience 1st Newsletter Today
Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

 
In this episode, Dani Woolf interviews David B. Cross, the Senior Vice President and CISO for the Oracle SaaS Cloud. They discuss the importance of organic and dynamic conversations in podcasts, David's background in cybersecurity, and his passion for helping customers.
They also dive into the challenges and opportunities in the cloud security market, the maturity of professionals in the industry, and the decision-making process for cloud security solutions.
David shares insights on the preference for all-in-one solutions versus specialty tools, the importance of understanding the customer's business, and the need for collaboration and shared defense in the industry.
Key Takeaways:
Organic and dynamic conversations make podcasts more engaging and valuable for listeners.
The cloud security market is crowded and confused, with challenges in education and understanding the changes that come with moving to the cloud.
The maturity of professionals in the cloud security market varies, depending on the industry and verticals.
Decision-making for cloud security involves partnerships and collaboration between different departments and roles within an organization.
All-in-one solutions and specialty tools have different appeals depending on the size and resources of the organization.
Understanding the customer's business and pain points is crucial for vendors to provide effective solutions.
Integration, flexibility, and compliance tie into the decision-making process for cloud security solutions.
Sovereignty and the ability to run in different clouds and regions are becoming important factors in the cloud security market.
Join Audience 1st Newsletter Today
Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

Today is part three of this season’s 3-part kickoff series where Dani Woolf gives you all the lessons learned from a year and a half’s work doing deep qualitative customer research. In this episode, Dani and Clark Barron, Founder and Host of Demand Gen Therapy, explore the practical applications of customer insight in cybersecurity marketing.
They emphasize the need for marketers to understand the language and needs of their audience, as well as the importance of building genuine connections and relationships with customers.
They also discuss the challenges of the buyer's journey, the evaluation process, and the decision criteria, and provide recommendations for addressing these challenges as marketers who are faced with aggressive growth goals.
Key Takeaways:
Marketers should demonstrate that they care about the cybersecurity industry and understand the language and needs of their audience.
Gamification, dynamic experiences, and real stories can help fuel the motivation of cybersecurity practitioners.
Marketers should simplify complex security topics and provide clear and concise information to non-technical stakeholders.
Playbooks, toolkits, and quick decision-making guides can help address challenges related to tech complexity and regulatory changes.
Marketers should focus on building genuine connections and relationships with customers and providing transparent and clear communication throughout the evaluation process.
Join Audience 1st Newsletter Today
Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

Today is part two of this season’s 3-part kickoff series where Dani Woolf gives you all the lessons learned from a year and a half’s work doing deep qualitative customer research.
We’re going to cover the top insights she learned from the 50+ buyers she interviewed.
As a refresher, it’s absolutely crucial to understand what it is you want to know from your research. Setting up goals is important or else your research will go to waste.
Going back to what Dani needed to know:
What are the motivations for working in the cybersecurity industry?
What are the biggest challenges they face in their role?
What are the goals they need to achieve in their role?
What are the triggers that cause them to even look for a new security solution?
What are the constraints or barriers to buying?
How do they do about searching for security solutions?
How do they like to be treated by vendors specifically?
What are big no-no’s when it comes to vendor relationships and customer service?
Whether you're a seasoned pro or just dipping your toes into the cyber and infosecurity space, the insights distilled on this week's episode of Audience 1st Podcast will help you understand not just the 'what', but the 'why' behind buyer decisions and experiences.
Join Audience 1st Newsletter Today
Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

Dani is kicking off this new season of Audience 1st Podcast with a 3-part series on the lessons learned from a year and a half of deep customer research in the cybersecurity field.
In this episode, we're diving into customer research mindset and methods that no one else in B2B marketing is really telling you about.
Dani emphasizes the importance of cognitive shifts required to phase into a customer-centric approach, continuous learning, and adapting strategies based on evolving customer needs.
The episode is rich with insights you aren't hearing from other B2B marketers on the most effective customer research practices and the importance of engaging directly with customers to gain deeper, more actionable insights.
Key Takeaways:
Mindset Shift Before Strategy Implementation: Focus on internal mindset changes before optimizing external strategies.
The Importance of Direct Customer Engagement: Overcoming barriers and engaging directly with customers for deeper insights.
Personal Accountability in Research: The necessity of defining and pursuing relevant research objectives.
Real Conversations Over Metrics: Prioritizing genuine customer interactions over chasing unrealistic goals.
Valuing Feedback for Improvement: Embracing and learning from customer feedback and criticism.
Diversity in Customer Perspectives: Recognizing the importance of various customer viewpoints.
Leveraging Different Qualitative Research Methods: Utilizing various platforms and tools for effective customer research.
Budget Constraints Shouldn't Limit Research: Implementing cost-effective customer research methods.
Initiative in Customer Research: Taking proactive steps in customer research without waiting for higher approval.
Organizational Responsibility in Customer Research: Emphasizing the role of every department in customer research.
Effective Use of Simple Research Tools: Maximizing the potential of accessible and user-friendly research tools.
The Power of Open-Ended Questions: Encouraging detailed responses and deeper insights.
Probing for More In-Depth Answers: Techniques to dig deeper during customer interviews.
The Significance of Active Listening: Importance of fully understanding customer communications.
Understanding Non-Verbal Cues: The role of body language in gaining comprehensive insights.
Applying Research Insights: The necessity of putting research findings into action.
Continuous Customer Research: Recognizing customer research as an ongoing, evolving process.
Join Audience 1st Newsletter Today
Join 1700+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

There was a thirst of having security knowledge and expertise, but there was no way for people to access it. 
They can Google their face off, that's fine. 
But with security, there are a lot of nuances that are particular to each company. 
And so you kind of need someone that has been there and can provide an expert opinion. 
These founders, all they want to know is what should I do now and what should I do later?
Brutally honest insights from Ayman Elsawah, Fractional CISO and Founder of Cloud Security Labs, vCISO advisory for B2B Saas Startups.
In this episode of Audience 1st Podcast, we uncover:
Roles and responsibilities of a Fractional CISO:
Misconceptions and challenges Ayman faces in the cybersecurity industry
Ayman's ultimate goal as a fractional CISO 
Trend in the CISO role - from in-house CISO to fractional CISO
Differences highlighted among in-house CISOs, fractional CISOs, and virtual CISOs.
Importance of understanding the startup mentality and ensuring a good culture fit
Use of metrics like security culture and compliance to gauge the success of security investments
Vendor best practices to engage with fractional CISOs
Such critical insights unraveled in less than 41 minutes.
Join Audience 1st Newsletter Today
Join 1400+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter

Inaccessible security tools and solutions pose security risks and hinder individuals with disabilities from accessing and using them effectively.
Integrating accessibility into security products and services can improve usability, inclusivity, and security for all users.
Companies that prioritize accessibility in their security offerings can gain a competitive advantage and build a loyal customer base.
Brutally honest insights from Justin Merhoff, Director of Security at Deque Systems, Inc, a web accessibility software and services company.
In this episode of Audience 1st Podcast I JUST DROPPED, Justin and I explore his personal journey of becoming a cybersecurity professional and how he discovered the need for accessibility in security tools and solutions.
Some key insights from the episode are:
Justin believes in the importance of accessibility in cybersecurity. He highlights the need for security tools to be accessible for screen reader users and the impact it has on security awareness training.
Stakeholders in the cybersecurity industry have varying reactions to the intertwining of accessibility and security. While some understand the importance, others need to see it from a different angle. Justin encourages open dialogue and awareness to drive change.
When evaluating security tools, Justin ensures they align with accessibility guidelines and standards. He mentions the importance of Voluntary Product Accessibility Templates (VPATs) and adherence to WCAG guidelines.
Justin reflects on the need for empathy and feedback in the industry. He shares his own journey of becoming more empathetic towards BDRs and emphasizes the importance of keeping security vendors on their toes.
Justin shares an experience with Traceless.io, a vendor that handled a misunderstanding well. They sent him a frisbee, which became a bonding activity with his son. He emphasizes the impact of small gestures in building positive relationships.
Justin's insights highlight the need for accessibility in cybersecurity and the importance of inclusion. He calls for global collaboration and opportunities for talent from overlooked regions like Africa.
Such critical insights unraveled in less than 38 minutes.
Join Audience 1st Newsletter Today
Join 1400+ cybersecurity marketers and sellers mastering security buyer research to better understand their audience and turn them into loyal customers: https://www.audience1st.fm/newsletter