Security Awareness for SMBs with Rodrigo Leme

Rodrigo Leme, Marketing Director at Right-Hand Security, joins us this week to cover the often ignored topic in cybersecurity of marketing to small and medium-sized businesses, or SMBs. Covering the concepts of business use cases, security awareness training, and post-sales support, Rodrigo explains the ins and outs, the good and the bad, the tips and the tricks of cyber marketing in the SMB world and when we should consider the bottom line (hint: it’s probably more than you think).

 

Timecoded Guide:

[03:14] Talking to non-technical customers in SMBs about cybersecurity and security awareness training and getting to the root of their problems and pain points

[08:30] Seeing past the term of SMB to understand the people you’re marketing to and what a good culture of cybersecurity can bring to them

[23:39] Advocating against fear, uncertainty, and doubt when marketing to SMBs and the importance of focusing on what’s good for your people, not what’s scariest

[29:09] Understanding the importance of post-sales support, engaging with customer feedback, and recognizing what customers want to see from your services

[35:39] Exploring strange and unusual business use cases and seeing the commonality of empathy for pain points in marketing 

 

Rodrigo, can you tell us about marketing to the SMB customer?

We don’t always get a chance to dive into SMB marketing with such a knowledgeable source, but Rodrigo invites us to consider the differences between an SMB and a large company customer throughout this episode. First, consider the size of a team you may be working with. Instead of having a CISO or a head of security, a business owner may be working on security themselves, hoping to find guidance from you on how to move forward in a small team. Additionally, Rodrigo warns that many SMB clients may not see the security opportunities beyond their tech goals, such as a restauranter seeking to add WI-FI to their offerings and missing additional security awareness strategies that need to be pointed out to them.

“The SMB customer has problems on the surface that he knows he has, like, ‘I want Wi-Fi in my restaurant for my guests.’ And he has issues that he's not aware of, or he has opportunities he's not aware of, like he may have security issues behind that Wi-Fi access that he doesn't know about.”

 

Can you tell us how Walmart used cybersecurity for PR?

According to Rodrigo, good cybersecurity is even better for PR. This idea could be held up with a myriad of examples, but one Rodrigo is particularly enamored with is Walmart’s prevention of gift card scams. With the ability to prevent scams and return funds before customers lose their money, Walmart has saved their customers over a million dollars and have been praised for this initiative by major news outlets. Although this is a drop in the bucket within an ocean of an issue, Rodrigo points out that saving any customer any amount of money and preventing them from being scammed in any way leads to massive PR benefits, especially when you can show off how well you understand your customer’s pain points. 

“Let's say that you're protecting those customers from getting into scams that make those people lose their mortgage money, or whatever. You're saving them a million, even if it's only a million, that's good PR. That only happens if you understand the end customer pain points, not the immediate pain points of the organization.”

 

What are your thoughts on FUD (fear, uncertainty, and doubt) in marketing to these SMBs and in these business use cases? 

We’ve discussed the idea of FUD before on the podcast, and how it’s never a good cyber marketing tactic to exploit someone’s fear, uncertainty, or doubt. Although our examples have ranged from large corporations to individual consumers, we wanted to talk with Rodrigo about his perspective on marketing for SMBs and the danger of FUD. Rodrigo, considering himself a positive person with a lighthearted demeanor, finds using FUD in marketing to SMBs to be manipulative and redundant. Rodrigo argues that not only do small business owners fear for their security, they also come to Right-Hand with a desire to enhance their security already in mind. They don’t need to be scared further if a positive approach could be just as influential.

“I do not like fear, uncertainty, and doubt. I do believe that, since we're in the education business, I do like educating. We do believe in empathy. We listen to our customers, we do ask the ‘why,’ to understand the pain points of the customers.”

 

What are some best practices around supporting the post-sales process, after you've sold a product? 

Marketing so often focuses on the beginning of the sales cycle. We love to reach out to new customers and encourage those doing their research to check out our products, but we don’t always talk about what happens after a sale takes place. For Rodrigo and his team at Right-Hand, the post-sales process requires its own understanding of your customer and their security goals beyond what they might see for themselves. Following up with customers post-sale not only leads to high-quality feedback for Rodrigo and his team, it also allows for them to see where support is still needed for their customer, including analyzing the results of their security awareness training and setting up further opportunities to reduce human risk.

“Are we really reducing human risk? If we're not: How can we help them? Can we help them leverage the services? Can we sit down with them and help build stronger content training content? Are they having problems creating content for the training?”

----------

Links:

Spend some time with our guest Rodrigo Leme on his website and LinkedIn

Learn more about Right-Hand Cybersecurity on LinkedIn and their website

Follow Gianna on LinkedIn

Catch up with Maria on LinkedIn

Join the Cybersecurity Marketing Society on our website, and keep up with us on Twitter

Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter