Subscribe
Share
Share
Embed
Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.
XDR, EDR, SIEM, SOAR…Snooze: Cybersecurity Marketing Real Talk with Gianna Whitver
Heidi: All right, well, welcome everyone. I'm Heidi Trost. I am the host of Human-Centered Security and I'm joined today by Gianna Whitver. And she is the co-founder and CEO of Cybersecurity Marketing Society.
She's the podcast co-host of Breaking Through in Cybersecurity Marketing podcast and plot twist: She is the founder of LeaseHoney, which is so, so cool. A place for beekeepers to find land and expand their apiaries. Did I say that right?
Gianna: You got it.
Heidi: Alright, Awesome.
Gianna: I do love bees.
Heidi: I think that's what your LinkedIn profile says, right? Like that you love bees.
Gianna: Yes, it actually does. And I like, I think you will pry that LinkedIn phrase out of my cold dead hands. I will love bees till the end for sure.
Heidi: Well, welcome. And what, I mean, let's not talk about cybersecurity. It's so boring. What about bees? Like why did you get into what, like have you always loved bees? Like where did this come from?
Gianna: Yeah, so I used to work in commercial real estate investment and development in Florida and I learned about this thing called the green laws, which are basically, if you put animals on your property, livestock on your property, you can get a tax deduction. 'cause you're a farm at that point. And at the time there was a lot of talk about colony collapse disorder.
The bees are dying. And I thought, Hey, I really love, you know, bees. I think they're neat. Is there an opportunity for beekeepers to place their hives on land and reap that benefit instead?
So I started talking to beekeepers. I was like, Hey, is this a problem? Do you have, do you ever need to find more land? Maybe this is something that you could do with landowners.
Right? And I talked and talked, I talked to 90 beekeepers and I learned that yes, land and beekeeping is very important. I just have to be spaced certain distance apart. So you actually do, if you wanna grow your beekeeping business, you need more land.
And a lot of urban beekeepers have to travel a lot in between all of their hive locations because there's
usually not enough land. They have them in backyards, they have them in little spots that they can basically carve out.
I started LeaseHoney to match beekeepers, landowners, and farmers so that beekeepers could get more land to grow their apiaries in their bee business. Landowners could save a little money on their taxes and could provide places for bees to live. And farmers always need pollination, especially for the most delicious fruits and vegetables, especially their managed bee pollinated. And wow, I am so diving into bees on this cybersecurity podcast, but thank you for letting me talk about it for a minute there.
Heidi: Yeah, I'm not, I'm not gonna let you stop because I, I have to ask some, I was driving up to San Francisco a few weeks ago and I looked out the window and I was like, is that a like massive truck transporting bees? Yeah, it is. Because it is February. Unfortunately, a lot of them were dead. I feel like they did not make it. But like, it was just this huge, it was literally the, the size of a semi and they were transporting these bees and we actually saw, I think we saw two or three of them.
Gianna: Yeah. So right now in California it's February, so it's almond pollination season. So the majority of commercial beekeepers in the US actually will send their beehives to California to pollinate the almonds. Almonds are a very bee heavy pollination required nut. I think they're nut—almonds. Yeah. So that plant needs bees to pollinate and managed beehives drive the majority of pollination in the state of California for all of the almonds, basically almost all of the almond pollination in the state, which provides majority of the almond, majority of the almonds for the US and even around the world.
Heidi: So they transport these bees to and from like the, this…
Gianna: Mm-hmm.
Heidi: Wow. I did not know. That's
Gianna: So, yeah. They are worker bees…
Heidi: Seriously worker like, we need you on the job tomorrow.
Gianna: Yeah. Oh yeah. It's a, it's a whole thing. They, a farmers rent the bees from the beekeepers, beekeepers send them, it's like an annual migration of bees. So in February you'll see lots and lots of bees going on trips.
Heidi: I’m so glad I have you on the podcast to answer that question because I'm, I was so confused. I was like, is this a thing? Oh my gosh, that's so funny. Okay, well welcome to the beekeepers podcast. Just kidding.
So let, let's, let's chat about cybersecurity. Although I really do feel like I could talk about these the next half an hour.
Gianna: Well, thank you. Yeah. Well, the other thing I do is the Cybersecurity Marketing Society. Yeah. So this is my main gig. I co-founded this with my, my co-founder partner in crime, Maria Velazquez. We run a community, basically a member, member based organization for marketers in cybersecurity with the goal of helping marketers be successful in this industry.
Because if marketers can market quality security products and services, then we can get tools into the hands of the defenders so they can defend better and be part of the mission to keep the world a safer place.
Heidi: That's awesome. That's, Uh,
Gianna: Thank you.
Heidi: That's a good, uh, it's a good way to get into our heart cybersecurity hearts, right? Is that we're trying to get the right tools to the right people to help everyone, to help people like you and me, right? To, for us to stay safe.
Gianna: Exactly. Right. It's a, it's a very, you know, cybersecurity itself is super mission driven. And then marketing and cybersecurity, a lot of folks don't realize this is also really mission driven. A lot of marketers though. So I have, uh, plus marketers at about a thousand security products and services companies in our community right now. Majority of the marketers in the industry care greatly about security of the world care greatly about helping and care greatly about helping make the world a safer place and about the mission of their companies. It's a very, very, very mission-driven industry.
Very similar to, you know, pure cybersecurity.
Heidi: Yeah. So some of, I think some of our listeners will perhaps will be cybersecurity marketers. I know that some, some of my listeners have forwarded my podcast to their marketing team, which is awesome.
Gianna: Nice.
Heidi: Um, But they'll also be maybe cybersecurity startups. Right? And they're wearing multiple hats. Hats including marketing. Or, you know, they're working with their marketing team and they're saying, you know, we need to communicate this. And, you know, there's like some sort of collaboration going on.
The, the one thing that I I wanted to kind of focus on at the very beginning here is that you are so good at building communities, right? And I, I have started to see—by I no means am I a cybersecurity marketing expert--but one of the things that I have seen is that some of the successful cybersecurity vendors, you know, products are the ones who build communities. So I'm curious if you've, if you've also seen this happen, and what do you think, I mean, as someone who, you know, builds communities, like what do you think makes that successful?
Gianna: So good community is, is giving, right? Like when we built, we built the, the Society, which is
shorthand for the Cybersecurity Marketing Society. When we built it, we built it because not, not as a business, it's turned into a business. But we didn't build it as a business. We built it. because we, myself and Maria were marketers at security startups. And it was like, wow, what is happening out there? Like, what are you doing? Right?
We were usually on a very small team, maybe a single marketer at a company, right? And we were like, okay, how my budget, how do I spend it? How do I get the most return on what I'm doing? How do I market better? How do I, how do I, how do I know what does a CISO care about?
Right? So we started asking our friends in the industry, Hey, what do you think about my budget here? What do you think about investing in this event? Have you ever done this? Right? And we all started to talk and share the sort of information with each other.
And so in March of 2020, we founded the, the Cybersecurity Marketing Society as just a Slack channel with 10 friends in the industry. And we started sharing intelligence with each other. And we did it for, selfishly for us, but also to help our friends too. Like, know what's going on out there. And it grew and grew and grew simply by word of mouth for like, years.
And now we're at 3,500 people. And I think that's the basis of good community. It's, it's constant never ending, like giving.
So the security companies that you see have really great communities are doing a very similar thing. They are giving, they're helping, they're providing resources, they're providing opportunities. And they are out there helping security professionals in the way that they can. And that's what is the foundation of a great community.
Heidi: It's the mindset, I think is…What you're saying is you have to have the right mindset of helping people and not trying to get something out of it.
Gianna: Right. We exactly. We, we started this society. Because we wanted to like, help ourselves not in a, not, you know, sell a SaaS product or whatever, but we wanted to help, like marketers, honestly, like we're marketers. Our friends were marketers. We're all just like, what is going on? Like, Hey, I have a question, right? It's like creating a peer network, a peer mentor network. And we were like, great, let's invite more people or friends and members, or very early members.
We'd be like, Hey, I know someone who's a field marketer who would love to join. We're like, great. Or I know someone who's in product marketing, or I have a friend who's who, who is also stuck on this problem that, that we all kind of put our minds together around. And that's how, I think that's the basis of, of good community.
It's very simple, but it's hard for companies. I think it's hard to do.
Heidi: Yeah. I love that. I, and I love the idea of building communities.
Like, just like as one takeaway, you know, before even talking to you, I was like, wow. Like that, that seems to be one of the things that cybersecurity companies can do is really focus on building communities.
So you said through these conversations, like it started off as a Slack channel and, and grew from there. But through these conversations that people were having similar problems.
What sort of, what sort of problems do you see the most? And is it different with other kinds of marketing? Like, is it, are these things unique to cybersecurity?
Gianna: So I think what's unique to cybersecurity marketing is our industry. So super technical, right? There are other technical industries, but cyber is super technical, very fast paced.
It's kind of like cat and mouse-y. It's a little like driven by breaches, driven by emergencies. You close a hole, another one opens, right? There's a lot of PR and a lot of like, what's new in it.
Obviously security professionals are busy, hectic, harried, worried stressed. I think we have, you know, maybe I,...
Heidi: I thought you said "hairy" instead of harried at first. And I was like...
Gianna: oh, did I say "hairy"?
Heidi: No, you didn't. It was just what I heard. And I was like, yeah, "Hairy,” yeah, we're hairy.
Gianna: But you know, like always like on under the gun, like there's stuff happening all the time. You're actually, and, and with a strong, strong mission. So maybe like emergency room doctors is similar or marketing to emergency room doctors is similar. But I think we have a very unique quote unquote buyer or buying team that deserves additional respect and additional consideration and additional help and resources that, that I think other industries, you know, might not need as much when going to market.
Heidi: What sort of things make you... First of all, CISOs will be thrilled to hear you say that. They do,
They do deserve it.
You deserve it, CISOs.
Gianna: No, they do. Oh my God—Thank you all CISOs who are, who are at all companies protecting my data, my credit card, my PII, you know. Seriously.
Heidi; I agree. What sort of things make you cringe when you see cybersecurity marketing? Like what are…Just like, you shouldn't do that. Wish you didn't do that.
Gianna: Yeah. Yeah. There's, there's definitely, you know, stuff that's not very personal targeted stuff that's very like chasing bandwagon stuff that's FUD, which is fear, uncertainty, doubt, you know, a lot when you're selling to the, when you're marketing to enterprise, especially like, FUD is very annoying. And I think not a great use of marketing's abilities.
And then lack of understanding of who we're selling to and who we're marketing to, right? What's it like to be in the mind
of the person you're talking to? Can you walk a mile in their shoes?
I think that is the basis along with pressure. Like, marketing teams also have extreme pressure, not in the same way, but like at the, a lot of the venture capital backed sort of fast-paced startup companies.
It's like, oh, go, go, go, go, go, go, go. Right?
So when marketing teams don't have a chance to do good research, don't have a chance to talk to their audience and don't have, don't have a chance to think and have this strong pressure on them. So I'm not, it can result in, you know, less than stellar messaging that does not resonate and even turns off who we're trying to talk to.
Heidi: Yeah. I mean we, think about like tying this back to the community at the very beginning. So I, I started my career as a UX person and as a UX researcher I talked to lots of cybersecurity people. They're hard to get in front of sometimes, right?
Like, it's difficult to get them to sit down and talk with you for an hour. I love the idea of like this building this community where you can learn from them because they're part of your community. Wondering if you have any tips or tricks for folks who are like, I want to get in front of this audience. They're very difficult to get in front of. Does that question make sense?
Gianna: Yeah, it makes sense. I mean, so in terms of community, there are prebuilt communities that marketers can invest in, attend, you know, become part of. So like WiCys, which is women in cyber or OWASP or ISC squared or ISACA. There's a lot of actual like open communities where folks can physically or virtually join in and learn. There's unlimited learning on the internet. And you know, a lot of security professionals are actually not very quiet about their opinions.
So you could also listen to podcasts or hear, you know, like this one, like even security or other ones. And then another thing is, although some security professionals might be, you know, might be too busy, you know, might not wanna talk to marketing or sales or folks on the business side of cyber, I found a lot of people to be really friendly. Maybe I'm persistent. Maybe I, maybe there's just, maybe I'm just nice or something. I don't know what it is. But I've had plenty of, of security professionals willing to talk to me.
I even had one write a very nasty comment on one of my LinkedIn ads that I was running when I was at my last company. And I reached out and I was like, Hey, I am, I saw your comment. I don't--it wasn't very nasty. It was just a little nasty. It was like, "this doesn't make any sense." And I'm like, okay. I'm like, can you tell me how it doesn't make any sense? Because I would love to learn 'cause I don't wanna waste my money or post annoying things or whatever. And that person talked to me on the phone for like half an hour. And gave their thoughts, gave their guidance. So sometimes it's um, you know, you can obviously go out into the world and find folks to talk to who are willing to talk.
Not everybody will, but that's okay. And then sometimes just asking politely works, too.
Heidi: Yeah. Being humble and being willing to learn and being like, yeah, maybe this wasn't right. Well tell me. Tell me what would be better. That's awesome. That's awesome. Well, speaking of learning, you talk to a lot of cybersecurity marketers, right?
You have podcasts, you have the community. What are sort of, what one thing or top three things have you taken away from these? Just like, you know, being able to just chat with all these people. I mean, what a great way to learn.
Gianna: Yeah. I mean, I love it. They are my peers and I was one of them before I did, started doing this full time.
So, yeah, so there's no silver bullet, there's no silver bullet, you know, there's no quote unquote playbook. A lot of star tech startups, cyber startups get, you know, our are venture backed. They're like, great, here's like the playbook, the playbook's from like 2012.
You know, it's, it's a difficult industry to market in. Marketing right now is very, very hard to sort of navigate. The society is here to help marketers with that.
Heidi: Why is it harder to navigate now versus another time? And why is that?
Gianna: Channel saturation. So we're experiencing right now, I think last year or two, like channel saturation, right? We're doing this, we're doing that, we're doing that. We're doing that stuff isn't working in any of the channels. So a lot of what we do in the society is benchmarking. We'll do industry research. We identify what channels are working, what aren't. We talk to so many marketers every day. We're almost like an analyst firm in a way. We're like, oh yeah, we see directionally that hey, maybe because you are X size company and you sell this type of security product that X might be a good option for you
to put your budget into. Right?
But channel saturation's another one. Third thing. So, uh, I think that we have one of the most friendly and helpful industries in the world, which sounds like a cop out. It sounds too cute to say as my third one, but I really do because I think we've combined the friendliness of marketing with the mission drivenness of cybersecurity.
So the community that I have grown and built and that I, that I rely on and that I help, can, can, that I hope can help too, to the best of my ability is full of amazing, wonderful people who really give a hoot about cybersecurity. Who really, really do and want to help make the world a safer place.
And I think that that's the third thing I've learned, that this is like the best industry in the world. Isn't that cheesy? I'm sorry Heidi.
Heidi: Well, I think cybersecurity is the best industry in the world. So I'm with you.
Gianna: Thank you.
Heidi: My, my beef with the marketing side of it, and I'm, I'm hoping you can help--obviously this isn't your fault--but I'm hoping you can help listeners, is I've definitely seen the channel saturation. Like I'm seeing kind of the same things over and over and over again. Like I am one of the consumers the way I feel like I'm sort of on the outside, but like, I'm also consuming all of these messages and they all kind of seem to say the same thing, right?
Gianna: Oh, it's hard. Yeah. That's, that's one of the biggest challenges is standing out through the noise. 'cause it's like you sell an EDR, like you sell an EDR, you sell an EDR…
Heidi: And like, can I not have another acronym like please, like I don't...
Gianna: So let me push back. So marketing gets its direction there from Gartner, right? So let's all, we can all blame Gartner.
Heidi: We can, oh, it's Gartner's fault…Okay, good.
Gianna: I wanna say that, I wanna make that clear. Gartner comes out with a new acronym like every six months. And then because of how markets are and because of, you know, you know, marketers wanna align to the right jargon, sometimes it becomes too jargon-y, right? There is a lot of buzzwords.
So we really encourage marketers at companies to both understand the product as deeply as possible, which some folks don't get the opportunity to, to do by the way, like, I would always, always, always like require a demo account as a marketer.
Like if I'm selling a solution, I need a demo account. But some marketers don't get that. They don't, they work at a company and it's like you can't have access or whatever, right? So we encourage marketers to under actually understand what their product does and understand the tech around it to talk to their internal dev team, to talk to their SMEs, their sales engineer, solution engineers usually have great, great, great understanding of the actual tech of the product that they're selling.
And then to explain in clear language what you do and what you don't do. Because just like there's no marketing silver bullet, there's no cybersecurity silver bullet. So you're not gonna stop a thousand percent of all attacks. You might get to like 99.999 percent of something in a very specific area. But to be very clear, direct and say what you do and don't do helps break through that noise because it's both direct and also helps whoever's on your website, whoever you're talking to, who is a potential buyer, who's looking for a solution to understand exactly where your solution lies in the stack and what you do and don't do.
Heidi: Yeah, I dunno, you listened to my last podcast, but it was a security expert talking about what they do and do not want from marketing websites. And you, you hit the nail on the head like, tell me what you do, tell me what you don't do. So I know where it fits. Don't over promise. You cannot be the be all end all and nobody can. So don't, when you stay, you know, when you make it seem like that, then I don't trust you, right? So fostering that trust by just being real.
Gianna: It's all trust in this industry. That's the best marketing is when you is doing enough good and doing enough things well that you gain the trust of the audience.
Heidi: Yeah. And I just wanted to add on to your, be really familiar with the product. So a company that I used to work with, everyone at the company was able to get an account and use the product themselves, but even more so like, you know, they weren't security analysts so that they weren't, you know, getting barraged with alerts, like with a demo account, but they were invited to these kind of, they're almost like, like lunch and learns, but you could basically watch an end user use the product.
Gianna: Oh, that's great.
Heidi: Yeah. You would see, you know,
what they're thinking, what they're doing, you know, so that they would narrate along the way, like what was going through their heads. So, you know, it was great for like a UX researcher like me, but it was also great for customer success managers.
It was great for marketing people, great for sales engineers to really just like understand how someone uses this product.
Gianna: That's fabulous. Yeah. I love that. That would like make my day as a marketer and a lot of marketers, it would make their day.
Heidi: Yeah. So I, I mean my advice to marketers would be make sure you get a seat and are part of those, you know, those things that are happening.
Gianna: Mm-hmm. Yeah. Listen to the customer success calls, you know, the setup calls, right? The implementation calls.
You can, especially, a lot of stuff is recorded now and a lot of people are okay with it if the customer's okay with it. You know, they'll record. Listen to that. How do they actually use the product? How does the customer success or the implementation person train, show them the first time they use the product? Like when they have a problem, what does it look like when they log into the dashboard?
If you can't get on like a lunch and learn, like you said, what other resources are at your disposal at your company already, where you, so that you can look at how people are using things.
Heidi: I love it.
Gianna: And a lot of companies eat their own dog food. They'll use the product, see how your company is using it.
Heidi: I wanna talk about startups, you know, or smaller cybersecurity companies that maybe they don't have their market,
their own marketing team. You know, everybody's doing a little bit of everything. And for them, you know, maybe they built the product, maybe they are cybersecurity experts themselves and they're like, this is amazing. I know it's amazing because I built it and I'm an expert and it's solving my problem. Why does some everybody else understand this? Do you, do you see that in smaller organizations and what, what's your advice to them?
Gianna: Oh yeah, absolutely. So CEO/founder, co-founder, CTO/founder, you know, creates something amazing and it's super cool. Innovation, like never seen before, does so, such a cool thing, protects this, stops that, right? Does it in a new way. Nobody's heard of it. Marketing actually matters. And once, once the security professional I think moves and becomes like the founder, they start to see like, okay, this I, I I made this cool thing that how, how the heck are people gonna know about it? Because it is noisy, it is crowded, and you are always trying to break through that noise.
So thankfully, and fortunately, founders are great marketers, you know, if they're willing to be, because people love to hear about entrepreneurs and they love to hear founder stories. And that is a way to do, to do the innovation story in a way
that's authentic and unique. You know, like, Hey, I made something. Check it out. Like this is my blood, sweat, tears, check it out. For founders in particular. And CEOs, we also do, we're launching a cyber CEO society for those who are founders, CEOs.
And when you're early stage, you know, unfortunately the CEO founder is the marketer. So I invite them to join us. We talk all about go to market from the, from the perspective of the founder and CEO. And not just like from the, from marketing's perspective, founders have great opportunities for, you know, founder-led social media. Like I said, talking to the press, that sort of stuff. Becoming a thought leader, sharing your thoughts and voice.
But it also can take a toll once you start to need to ramp up. So when you're ready, also for marketing, the Cybersecurity Marketing Society has a list of the best marketers in the industry who are looking for full-time jobs or do it freelance or consult. Agencies to work with and to avoid. And resources that you can use if you have a lean team. And of course, once the founder has hired their marketer, we, we encourage them to join the Marketing society, the, the Cybersecurity Marketing Society where we will continue to support marketers on their journey to doing excellent marketing. I feel like that was long-winded. That's the gist of it.
Heidi: I really like the idea of telling a story and one of the ways that a CEO or founder can break through the noise is
through their personal story of why. They created this, why it's helpful.
You mentioned that there, there might be this transition from when it's founder led marketing. And then eventually they're going to need to hire a team, like as they start to ramp up. In that, that transitional phase, does the founder continue to do the marketing? Like is that still valuable? Is there still, you know what, I, I guess I don't really know what my question is there.
Gianna: Yeah. I get what you're saying. You're like, so does the founder like take a step back? So I hope from the tactical and, and some, depending on who you hire, even the strategic side, you can take a step back.
But founder is always a great story. So actually I love a founder who's willing to either on their own, tell their story or with the support of the marketing team tell their story. And I say that because a company gets bigger, founder has more responsibilities, has to talk to customers all day. Do they have time to like do all this stuff? No.
So now you have a marketer who's there to like, support you and help you, right? And some founders, you know, truly, and this too, some founders are not great at marketing. Even if they are doing founder-led marketing, and hopefully they get enough customers, they get enough things going with the company, they get some funding, and they can even if they're on a very small budget, can hire a consultant or someone to help them sort of shape what they're supposed to be saying or what they're supposed to be doing. And then during that transition they grow, they have a team, they have one person maybe to start, or an agency, a freelance person or something. That person should be leveraging the founder in the marketing. 'cause it's honestly, as a marketer, it's like the easiest thing. It's like, great, you built it, you know, it, people love the founder's story. Like let's keep using your face. Of course.
Does that answer your question?
Heidi: Yeah, no, that's really, I, that does answer my question because I feel like, like you said, the, the founder's story and the the founder's engagement is still really helpful, but they just, you know, they need that assistance and they need the, the strategy piece of it, which is the most difficult, right? Like…
Gianna: Yeah, yeah. The, the, the level of knowledge, you know, you get enough, you know, good, you know enough to be dangerous, but at a certain point it's like, great, let's pass this danger onto someone else, right? So I could focus on my, my pressing emergencies and raising more capital or wooing more enterprise customers, et cetera.
Heidi: Yeah. Do you have any, any like succinct advice on things that you think is a waste of time or you, or is just, well we, I guess we talked about FUD maybe. But just curious if you have any other examples of things that people should avoid and why?
Gianna: Don't do big company strategies for very small companies. Don't copy what Cisco has done or does and apply it to your own company if you're a, a startup, don't.
Uh, and also on LinkedIn, there's a lot of fluffy marketing thought leaders. I'm gonna say,
Heidi: What do you mean by that?
Gianna: There's some value. Sorry, I have a slight cold. So not as, maybe it's not necessarily fluffy. So a lot of marketing on LinkedIn is actually not geared toward founders of cyber companies or cyber marketing companies. It's geared towards marketers because a lot of thought leaders in marketing are selling marketing products to marketers.
So another word of caution or thing to say away from, like you said Heidi, is be careful of where you get your advice. A lot of stuff out there is, is is applicable to cyber, but a lot of it is not. And and copying and pasting from LinkedIn thought leaders is another thing I'd be worried about.
Heidi: When you said fluffy, I was hoping you meant like the use of animals like cats and dogs, because did you see that Wiz had this video series where they're playing with puppies and I was like, I'm in, where do I get... To be their marketing team?
Gianna: Oh my god, Wiz is the best stuff. See they do they get it. I think they get it. It's like high production.
They have, they have a lot of resources, right? Of course they have big marketing team, lots of budget stuff they could do.
They could do fun stuff. Because they have that leeway, right? When you're very small and you have very limited, it's like you could do certain things, but you know, to do their instruction. It was like the, it was like the how to guide, right? And they just did it with puppies and it was like, that's so clever, so funny. And, and it's endearing. It's fun.
This industry is very stressful, right? You're preventing breaches, incidents, you know, preventing, preventing threat actors, like everything is, is stressful or it can be stressful. A lot of it's stressful. It's fun to see security companies add a little bit of levity to what they're doing.
Heidi: I totally agree. I loved it. And I, I, I mean I am pretty partial to Wiz because like you said, they just seem to get it.
Yeah. And that's pretty refreshing.
All right, my last question is, I like to ask guests to give an example of like building safer systems, which is kind of a, a theme for the show, like human-centered security. Like let's build safer systems, let's help keep people safe and not put too much of the onus on them. So I'm curious if you've seen examples of building safer systems in the wild, maybe in a movie or in a book. Maybe it was something that went terribly wrong or it was something that you were like, oh, that's,
that's actually very cool.
Gianna: So yeah, not to put you on the spot, but Sure. Well all 2FA I have on everything, does that count?
So I'll say, so we're a very, very small company. So we don't have a big security training budget, but what we do have is, is a Slack that we have started crowdsourcing threats that we're getting in the wild. And I'm, I'm talking not like in the Society Slack, but on the internal side.
So every day at eight in the morning, I get an email that has a phishing attack in it, and I post that into our Slack channel. And I just make it like a habit of like, here's my daily attempt at hacking or phishing or, or social engineering me. And it's gotten a lot of feedback from, you know, the very small team. But it, it's great. It's a, I don't know if it's exactly what you're going for Heidi, but as a system, but me just doing that, whenever I get something fishy in on a text message in an email, I just like, boop, pop it in there. I'm like, here's another one. And I feel like I am showing the rest of the company like what to look out for. So I do it now systemically, like as a habit.
And other people have started sharing their own stuff as well. So I feel like it's this, it's a quote unquote systemized way of, of doing a little tiny, tiny, tiny little piece of security training. Like showing that, hey, this happens to me too, and like, this is what you can look out for. I don't know, I don't know if that's a good example, but that is one I can think of.
Heidi: That's a great example. I love that.
Well, you know, 'cause we all get so many variations of, you know, different things like in California, I'm sure everybody else in the United States has gotten it too, but they have these very like targeted text, like a text message campaign that's like, you didn't pay your toll.
Gianna: And I get those.
Heidi: Okay. Yeah. And like, you know, it's a,
Gianna: But like for my area.
Heidi: And so it's, it's, it's customized for like the toll company or you know, wherever it is you go pay your tolls here
and it's very, very convincing. But you know, it would be just one of those things be like, Hey, like I got this. You probably got it too. You know, be on the lookout for it. So I'd love that. Just, you know…
Gianna: thank you.
Heidi: We're all kind of getting, you know, scammed the same way. Yeah. So let's learn from each other.
Gianna: Exactly. Let's, let's crowdsource this.
Heidi: Yes, I Love it. I love it. Uh, that's awesome. Any, any parting words for listeners?
Gianna: Yeah, so if you happen to be a marketer in-house, full-time marketer at a security product or services company, join the Cybersecurity Marketing Society.
We also have a conference. It'll be December 7th through 10th, 2025 in Austin, Texas. Cyber Marketing Con four days of all about go to market in cybersecurity.
Those are my three advertisements at the end there.
Heidi: So fun. We're, we're so glad you're doing what you're doing and helping the community. So thank you so much for being on the show, Gianna.
Gianna: Thank you for having me, Heidi. Really appreciate it.