A few months back, I had the pleasure of joining Bill Kirschbaum on his podcast, "The Cyber Biz Speakeasy," for a chat about marketing tactics in the wake of major headlines. If you haven’t caught it yet, Bill’s a marvelous host and the speakeasy vibe (not to mention my tequila and soda!) made for a friendly and frank conversation. The general theme? “Ambulance chasing: not even once.”
When the CrowdStrike outage hit last year, I watched a familiar pattern unfold. Within hours (literally!) of the the first reports of an outage, my social feeds filled with two distinct types of content:
First came the memes and jokes from security practitioners in the trenches. These were the folks who were missing sleep, fielding panicked calls from executives, and scrambling to restore systems in the chaotic atmosphere of an active incident response. Dark humor is how many of us cope with crises, and these practitioners had earned the right to that gallows humor through their sweat and labor. This is fine, no objections there.
But almost simultaneously, I started seeing vendors and official accounts jumping into the conversation. Some were sharing those same memes, which just hit a little different when it wasn’t their workdays disrupted or sleep lost. Even more concerningly, others were posting thinly-veiled messages that essentially said, "This wouldn't happen with our solution."
And finally the third wave, back to the practitioners themselves, now venting: "I can't believe I'm getting sales calls while I'm trying to fix this mess."
This is what I mean when I talk about ambulance chasing in cybersecurity: rushing to capitalize on someone else's misfortune while they're still in the midst of dealing with it.
You've probably seen social media accounts for fast food chains playfully roasting each other on Twitter: Wendy's takes a jab at McDonald's. McDonald’s takes it out on Burger King. Burger King brings it back around and reminds people that Arby’s still exists. It's all in good fun because, let's face it, the stakes are low. Nobody's life depends on which place makes a better burger.
But security isn't fast food, and the stakes are much more substantive than a poorly-chosen value meal. When our solutions fail, the consequences can be much more severe: data could be exposed or stolen, critical infrastructure could get knocked offline — livelihoods (and lives!) could genuinely be at risk.
It seems clear to me that this fundamental difference in stakes demands a different approach to how we market our solutions. What works for selling burgers doesn't (and probably shouldn’t) work for selling security. In these high-stress moments, we need to put things in perspective, put away the sales pitch and lead with genuine help. Not gesturing at helping as a business strategy but actually helping as human beings who understand what it's like to be in that war room.
The odds are pretty good that a day spent trying to wade through a business-interrupting incident might be the worst workday of that pro’s week. Or month. Possibly year? Think about it: they’re already fielding calls from leadership asking "Why did this happen?" They're already questioning their decisions and wondering if they'll be blamed. They're exhausted, stressed, and focused entirely on getting back to “all systems normal” status.
In that moment, a vendor call that basically says "if you had us, you wouldn't be in this situation" (even if that's not the explicit message) feels like the opposite of helpful advice, more like pressing on a fresh bruise. In the vendor’s mind, they might think they’re highlighting a “unique value proposition” and “addressing pain points” — Marketing 101 stuff. But the prospect isn't experiencing it as helpful problem-solving; they're experiencing it as salt in the wound.
Remember this: there are no trust-neutral interactions in business. Every interaction with an audience either incrementally builds trust or erodes it. The tricky part is, trust accumulates slowly over time — but can vanish in an instant if undermined.
So to my sales and marketing friends bringing their solutions to market, my advice: when you reach out during a crisis with a thinly-disguised sales pitch, you might think you're making the most of an opportune moment. What it may ultimately end up doing, though, is making a large withdrawal from your trust account. And the worst part? You probably won't even know it happened! The prospect won't tell you they've lost respect for your company. They'll just quietly remove you from consideration for future projects.
In security, where evaluation and purchasing cycles are often long and relationships are everything, burning trust is tantamount to burning your own future prospects. By choosing short-term opportunity over long-term relationship building, you may be sacrificing tomorrow's success for today's possible quick win.
As the first start-up I joined matured from a scrappy newcomer to an established player, we did some grown-up business things like drafting formal company values. There were only a few, all of them short and to the point, and one of which was "Be kinder than necessary." At first I wasn’t a fan — to be bluntly honest, I thought it sounded like a greeting card version of what we’d already been doing! Over time, I recognized it as perhaps the most powerful business principle I've encountered, and I saw how rare it was that almost half of the language used to capture what our company stood for was focused on being a decent person. Kindness isn't about being nice for the sake of it, or to curry favor for some underlying motive. It's about taking a moment to ask, "What can I do to help here?” rather than "How can we capitalize on this situation?" Not only is this the decent, human thing to do — it’s also the best way to build enduring relationships and trust that lasts.
Marketing loves to claim empathy: "We understand your challenges." But in high-stress situations, claimed empathy falls flat. You need to demonstrate empathy through actions.
This is where having people with practitioner experience on your go-to-market team becomes invaluable. They understand the minute-by-minute reality of incident response: the war room calls, the phone calls and emails demanding updates every hour, the missed meals and family events. If you don't have that experience yourself, I’m willing to bet someone in your business does. Go talk to your IT and security teams! Ask them: "If you were in the middle of responding to an outage and got this message from a vendor, how would it land?" Their insights will be worth their weight in gold and more informative than a dozen thinkpieces (including this one!).
Enough of what not to do. What should cybersecurity companies do when a major incident hits the headlines? Here are some practical approaches I've seen work:
Look, I’m not suggesting we abandon competitive marketing or stop highlighting our differentiators altogether. But there's a world of difference between building authentic relationships based on genuine value and exploiting moments of vulnerability to make a quick sale. As security professionals, we know that building a successful security program takes time, care, and continuous improvement. Building business relationships requires the same approach.
This is where I believe our industry's diversity of backgrounds becomes our superpower. In the podcast, I mentioned how my own unconventional path into the industry has shaped my perspective — everything from technical sales roles to DJing has been part of that process: working in sales showed me the difference between transactions and relationships, while my time behind the turntables taught me to read a room and understand when people need energy versus when they need space.
These seemingly unrelated experiences give us unique lenses that help us empathize with customers in crisis. Someone with a healthcare background might have a deeper understanding of what "high stakes" truly means. A military veteran brings a structured crisis management perspective that's invaluable when crafting crisis response protocols. As you develop your own approach to ethical marketing, don't discount those seemingly random chapters of your professional story. Those eccentricities and diverse experiences are often what enable you to build trust when others might accidentally erode it. What unique lens do you bring to your work?
Listen to my full conversation with Bill Kirschbaum onThe Cyber Biz Speakeasy podcast