Neuromarketing for Cybersecurity Vendors

Getting heard in cybersecurity marketing has gotten exponentially harder as the “word cloud” of acronyms in cyber marketing has inundated the marketplace.

Researchers suggest that the number of ads alone is up tenfold in the last 30 years from 1,600 to more than 10,000 ads per day! That means people are bombarded with unsolicited messages, spam and ads generated from user behavior on the web and customer buying patterns.

New strategies are needed to stand out from the crowd to capture the dwindling attention span of today’s tech savvy corporate buyer of cyber solutions. Increasingly, marketing executives have realized the importance of influence strategies in marketing to gain name and brand recognition. While data analytics has gotten all the attention the purpose of gathering data is to formulate a marketing plan to influence behaviors in ways that buyers seldom understand.

Enter the emerging science of neuro-marketing!

What is Neuromarketing?

According to the Harvard Business Review, “the field of neuromarketing, sometimes known as consumer neuroscience, studies the brain to predict and potentially even manipulate consumer behavior and decision making. Over the past five years, several groundbreaking studies have demonstrated its potential to create value for marketers. But those interested in using its tools must still determine whether that’s worth the investment and how to do it well.

“Neuromarketing” loosely refers to the measurement of physiological and neural signals to gain insight into customers’ motivations, preferences and decisions.” However, this is not about brain scans which are inconclusive at best!

While this may sound like some new gimmick, neuromarketing is simply a refinement of marketing analysis to understand why people buy what they buy. In one example, a restaurant mistakenly switched a $2,000 bottle of wine with an $18 bottle and sent the “cheap” wine to the table that ordered the $2,000 bottle, and the $2,000 bottle to the table that ordered the $18 bottle. “When people don’t know the price, they like cheap wine just as much as expensive wine.”

When the mistake was finally detected by the restaurant, the manager informed each table of the error but neither party believed they had the wrong wine?! None of the diners could tell the difference. This one-off mistake has been replicated in several studies confirming that our perception of wine has more to do with how we experience the $2,000 bottle versus the $18 bottle of wine. It turns out that we are less capable of discerning the nuance in complexity than we think and the same is true with choosing cybersecurity solutions.

Cybersecurity solution provider Substack, posted in a blog the two ways in which cyber products are purchased. The two approaches are described as “selling to hearts” and “selling to minds.” If the buyer profile is a business leader, the “pitch” is tailored to appeal to the psychological biases of the buyer. If the buyer is a technical leader, the “pitch” is tailored to demonstrate technical superiority. Emotional and technical pitches are refined strategies to understand the customer and the triggers that achieve the right response.


No actually, manipulation is lying and neuromarketing is a process of discovering the buyer’s response to their needs and expectations in the buying process. Influence is a better description of the process since it leads the buyer to the solution they are seeking. People often buy the wrong product for the wrong reasons and seldom understand why. Technology is a complex product to understand for novice buyers, let alone technical buyers, who have preconceived notions of known solutions that bias the decision process early in the discovery phase.

Findings in neuromarketing challenge the notion that buying decisions are based on logic, reason and facts versus unconscious decisions based on emotions, feelings and intuition. This phenomenon became clear during the soft drink battles between Coke and Pepsi. Pepsi came up with an innovative new commercial that declared in blind taste tastes consumers chose Pepsi over Coke.

Pepsi made inroads in market share from these commercials. In response, Coke changed its formula and developed New Coke. The result was that long-term Coke customers rebelled against New Coke, even though side-by-side taste tests between Coke and Pepsi consumers preferred regular Coke over Pepsi. New Coke was dropped because of the uproar over the perceived change in the Coca-Cola recipe! The Coke debacle demonstrates the complexity of perceptions and bias in branding.

Coke spent decades investing in the feel good themes that resonated over one or more generations! In today’s instant gratification era, the importance of investing in good brand awareness tied to emotional responses still has resonance for marketing brands for long-term results.

Developing Emotional Connections Are Sticky

These findings may suggest why cybersecurity marketing based on fear and loss are less effective than campaigns that are based on positive emotions and the perceptions that appeal to specific buyers of security solutions. Now you might ask yourselves if you need a neuroscientist to achieve better results. The short answer is no! But you do need to think about the questions you ask your customers or potential customers to understand the triggers of neuromarketing.

Asking open-ended probing questions about how customers feel about their existing security programs and the gaps that exist must be followed up with why they feel this way. Every CISO sees their programs as unique, but each CISO knows there are opportunities for improvement if given the chance to discuss them in non-threatening ways. If possible, it is critical to get a cross-sectional view of perceptions of security in order to map the different views and have a deeper discussion about the similarities and differences in views of security.

The process of finding common ground is critical to develop contingencies for unresolved conflicts in the perceptions of security and to build a foundation to build on for the long-term as security posture and technology evolve.

Read more: