Posted by: Greg Ness | September 11, 2018

The Top 4 B2B Content Marketing Challenges


Marketer’s Corner

Across 30 years of B2B marketing I’ve seen my fair share of changes.  The last ten years have probably been the most disruptive, especially when it comes to content marketing. Here is a list of the top four reasons why content marketing campaigns fail:

  • Weak prospect engagement. The decline of print publishing combined with the rise of marketing automation tools powered with lists provided by unscrupulous list brokers has created a storm of intent and identity confusion destroying the conditions for real dialogue. The result is a top of funnel “nuclear winter” (see my recent interview with Integrate’s Scott Vaughan) that is degrading prospect engagement, especially at top of funnel.
  • Scarce and expensive sales resources. High caliber sales people are expensive and hard to find. With weak engagement (see #1) those resources become even more expensive, because more time is wasted trying to manually resolve prospect identity and intent.
  • Trust and expertise is hard to establish. Attention spans are getting shorter and prospects are getting bombarded with content. Social bookmarking sites are getting flooded with content, and several are moderated by vendors, limiting dialogue. Some sites have even capped views/shares to encourage sponsored content programs.
  • Irrelevance. Some marketers focus on list and/or lead costs over quality, which leads to wasted sales resources and turnover. I remember getting approached at trade shows to swap badge scan lists so a marketing VP could make an incentive target. I refused, explaining that we only wanted to engage with people qualified at the booth, not attendees in general. The VP didn’t have responsibility for conversion and didn’t care.

Why do these factors matter? Because they have a direct impact on sales conversion rates (meetings, opportunities, win/loss).  Many marketers are improperly evaluated based on cost per lead, when conversion rates matter far more to overall sales and marketing success.

Connect on LinkedIn

Cheap lists can be one of your most expensive investments. Lists generated by media engagement will be filled with false positives and negatives, so the costs of qualification are passed onto your sales team and drive up sales costs.

Defining Excellence

If your sales team is converting more than twenty percent of marketing qualified leads to engagement you’re in pretty good shape. I’ve seen conversion rates approaching fifty percent for some types of advanced campaigns. Even better, the high sales costs issue mentioned above gets resolved if sales people are fully engaged and converting meetings to opportunities and closed/won.

Read more: The Toxic Marketing Cloud

Posted by: Greg Ness | August 27, 2018

VMware: Monetizing the Hybrid Cloud

Watching the strategic and near perfect strategic pivot VMware has made since its failed IaaS venture has been nothing short of awe-inspiring.  Very few companies can make such a shift hence the graveyard of once high growth (and now walking dead) tech companies busy managing layoffs and pension expenses to extend their runways.

You’ve probably forgotten my take on the hybrid cloud meme and the entrance of Azure in Microsoft, Azure and the Hybrid Cloud Race from way back in June 2013.  Here is a highlight:

If VMware could get $2k/year for each server (traditional and x86), that would amount to an additional TAM of $60B based on a three year refresh rate. Yet that would represent a major business model shift and limit the amount of lock-in that VMware would have over its customers operating on its private cloud platform. It could face margin erosion for its core lines.

Who knows if those economic projections from the days of AWS hybrid cloud denial will come to fruition. I think thanks to VMware’s “immaculate hybrid cloud execution” we may find out that  hybrid cloud agility is the game changer of game changers.

That’s why today’s news announcing even cozier relationships between AWS and VMware (Amazon deepens its partnership with VMware to go after companies that don’t use the cloud) doesn’t come off as an anomaly or shallow PR proclamation but rather a careful, long game strategy grounded in execution. It is setting a bigger stage for the cloud, beyond, even, the incredible vision of Amazon. Time will tell, but so far VMware is vying for tech leadership on a new scale. Bravo!

Indeed, while its competitors languish in swirling proclamations obfuscating business as usual and various flavors of entrapment, VMware shifts into higher gears and sets in motion the change it first promised with the lofty acquisition of Nicira and the declaration of the hybrid cloud promise.

Bravo VMware!

Posted by: Greg Ness | August 21, 2018

The Toxic Marketing Cloud

The Big Shift

When tech trade publishers stopped printing B2B magazines they shifted their business models from cultivating carefully validated readers (for print ad revenue) to attracting large, less known populations of hyperactive clickers (for online ad revenue). This has fundamentally changed marketing strategies and tactics, often for the worse.

Toxic Mktg Cloud Banner

Many marketers address the relative anonymity problem (of the online reader) with a growing ecosystem of automated tools which “study, condition and validate” interest based solely on content interactions.  Lists of various kinds are bought from an assortment of providers then pounded with content offers, incentives and cold calls to find out who they are and if they are a legitimate prospect.

When Automation Meets Confusion Nobody Wins

The outputs of this approach aren’t marketing qualified leads, but really toxic marketing clouds with very high levels of identity and intent confusion.  With enough marketers at enough companies doing this you create something even worse: a kind of nuclear winter where legitimate prospects run and hide and vendors are forced to pay more to acquire customers. We’re getting there quickly as automation is amped up in a vain attempt to discover leads in the growing toxic cloud.

In a recent interview with Integrate’s Scott Vaughan I explained how this doomed strategy isn’t just “spray and pray” but “spray and pay.” And everyone is paying, not just those offending parties who are reselling bad lists but those who are hammering them with misplaced telephone outreach. Real buyers are avoiding the hassle outright by not engaging, otherwise they become a flood victim. The good news is that there are a host of new vendors emerging to address the problem.

I remember a customer who had insisted I call him to start a project. I had left a dozen calls and emails then a “last message” more than two months after our initial lunch. He called me a couple days after the last message and apologized saying that he had trouble keeping up with the volume of emails and phone messages.  I nodded sympathetically until he walked me to his office and showed me hundreds of unopened vendor emails from that day and played his voicemail attendant advising of more than a hundred unheard messages.

Connect on LinkedIn

The toxic fog was there in his office, blocking him from legitimate and needed vendor interactions. And blocking us from getting business done.

The List is Key and It Always Has Been

When lists are bad they are not cheap, regardless of how little you paid.  They are costly because they lead to wasted outreach, bad data and fatigued, frustrated and angry sales teams. Clicks, opens and time spent on web pages don’t matter if the visitor is not a prospect. But tell this to the CMO compensated on lead counts and email opens.

In a coming blog I’ll share more about how I’m generating client lists for Actium Bay Group. -G

What Happened to the Art and Science of Tech Marketing?

In the 1990s, just as the data networking business took off and created new avenues for information sharing, marketers embraced the notion of knowing their customers and prospects better than ever, thanks to technology. We could use 1 to 1 marketing strategies to get closer to prospects and customers than ever with specific content, video and real nurturing to establish successful relationships via the new Internet.

My how we’ve regressed from the dream.

When the print publishers succumbed we lost a valuable ally in the marketplace.  We lost contact with validated prospects and substituted repetition with authenticity. We need to get back on strategy.

Let’s change it back…  Interested?  Drop me a line and we can talk about advanced demand generation architectures from Actium Bay Group.

Posted by: Greg Ness | May 22, 2018

The All or Nothing Cyber Security Paradox

Money money money money. Money.

A recent report on cyber attacks covered in ComputerWeekly found friendly terrain for hackers within the perimeter of internal banking networks.  In other words, once you’re in you’re really in.

As soon as attackers access the internal network, they find friendly terrain that is secured no better than companies in other industries, according to a report on cyber attacks on banks by Positive Technologies.

The increasingly bleak history of breaches was enough for me.  Companies underUphillA funding their security teams were accepting higher levels of risk for business reasons. I get that.

When reports emerge indicating that even well-funded financial institutions aren’t faring much better when it comes to their internal networks, the problem looks even bleaker.

Maybe the issue isn’t money after all.  Perhaps it’s a bigger issue.

A few weeks ago Vidder CEO Mark Hoover wrote a blog advising CIOS to Retreat to Higher Ground.

The corporate network, once a great enabler of business productivity, is rapidly becoming an obstacle. This is leaving CIOs with no choice but to make a strategic withdrawal away from defending global and integrated corporate networks, towards more secure-able and relevant perimeters.  There is no other way forward.

Security is Commoditizing while Adversaries are Specializing

In a follow-up blog (Security and the “All or Nothing” Paradox) he explains why things are so screwed up, even at firms with ample security budgets and/or a high correlation between breaches and exec career risks. Vendors don’t want to specialize or innovate away from their core competencies, channels and predictable cash models to guide their customers toward vendor-agnostic best practices.

It has been more than 20 years since The Innovator’s Dilemma was published, yet today it is perhaps more relevant to security companies than ever.

Pressures on Leading Public Vendors are Immense… to Predictably Monetize Past Investments

Today organizations buy commoditized approaches to securing everything equally, never mind the growing burden on the security team and the shrinking value of the corporate network as a strategic choke/monitoring point.  Vendors want their customers to buy more stuff and certify more employees in specific solutions.

Many of these vendors are public companies with heavy pressure on quarter to quarter performance. Some are converting from hardware to SaaS models while trying to keep their channels content. Perhaps the pressures on the vendors are so great they simply cannot innovate, and that keeps their customers in a constant state of need and vulnerability despite their security budget.

Adversaries are Getting More Specialized

At the same time adversaries become even more specialized, attacking specific types of vulnerabilities and leveraging tools that lower the skills or knowledge required for success.

So Hoover wraps up with how we have digressed into “all or nothing” vendor strategies:

The stock price of the vendors that shape corporate IT thinking and spending depends a lot on getting customers to continue to upgrade or modernize their networks on a regular basis. It is not in the best interests of large network and network security vendors to have customers reduce the extent or sophistication of their infrastructure.

In the end, the interests of the large security vendors diverge from the interests of their customers. So enterprises get an “all or nothing” paradox where all is still really nothing.


Posted by: Greg Ness | April 16, 2018

The Beginning of the End of the Corporate Network

High CastleIt’s Time to Seize the High Ground

The cloud and IoT are rendering the corporate network obsolete, with or without the rise of advanced threats.  At least that’s the conclusion I reached after reading a remarkable blog post this weekend followed by a gloomy yet impeccably grounded Paul Gillin article in Silicon Angle on the degrading state of enterprise security.  If you haven’t read them, you should.

The CIOs Inevitable Strategic Withdrawal– by Mark Hoover

The Grim State of Cybersecurity– by Paul Gillin

The blog recommended that CIO’s make a strategic withdrawal from the traditional network to establish a new, tighter perimeter around high value applications.  It argued that it’s now too difficult to protect high value applications in the wilds of the increasingly connected corporate network, evoking images from “Naked and Afraid” except this time set in a server room instead of the jungles of Belize*.

I think it is one of the smartest responses to the specter of radical increases in spending and hiring in a vain effort to temporarily stem the tide.

The traditional network is no longer an efficient, complete, or effective environment on which to deliver the availability, agility and security requirements of the modern enterprise. – Mark Hoover, CEO Vidder

Brian Krebs, recently interviewed by Paul Gillin, really explains why a retreat to higher ground isn’t just imperative, but urgent if there is to be any semblance of protection.  See Silicon Angle’s The Grim State of Cybersecurity:

For criminals, he said, “the barriers to entry have never been lower and the low-hanging fruit never more abundant. The chances of success with low to moderate effort are high and there are seldom consequences for criminals. It’s no wonder that cybercrime is such a fast-growing industry.” – Silicon Angle

The problem at the core isn’t just malicious adversaries and advanced tools that can turn the weakest hackers into advanced threat propagators, but rather the breakdown in network security due to exploding connectivity, from personal devices with more software to partner sites and clouds.

Connect on LinkedIn

Sure, the firewall vendors would love more spending on gear, even if in a vain attempt to imitate effective security, as is the case in much of today’s enterprise network. But they should also applaud the notion of a more efficient approach that doesn’t leave their customers in a constant state of apology.

The inescapable fact is, the state of cybersecurity keeps getting worse despite an explosion in the amount of investment and energy plowed into improving it going years back. And it’s only going to get worse, according to the unanimous assessment of 22 security industry chief executives, chief technology officers, security analysts and independent security experts contacted by SiliconANGLE. – Silicon Angle

Today’s enterprise network, built around a plethora of security appliances architected for much simpler missions, cannot be simply upgraded, even with “an explosion in investment” to scale to address the new jungle. This is where the idea of a strategic withdrawal comes in.

The Strategic Withdrawal has Merits

Why not create a high security zone (sometimes called a “zero trust network”) where it is much easier to scale and secure availability and security without having to spend and hire up to protect the vast jungle of users, devices and external resources. See Seizing the High Ground diagram from The CIO’s Inevitable Strategic Withdrawal.

High Ground Trimmed Circles

Hoover advocates business as usual for the outer circle. In other words, let your employees access the internet and other third party networks with minimal fanfare.  Within reason they can protect their own devices and partners can protect their applications. With workflow efficiency applications security is stepped up, with protection from various vectors with your next gen firewalls and identity and access management solutions keeping most adversaries at bay, versus trying to maintain such a level of security across the entire corporate network.

Then inside create your high ground, a zone where the standard for access is much higher and security and availability are of paramount importance. A high level or proven trust is required before any visibility is given into the zone.

To accomplish a trust barrier to these critical applications, Hoover argues that the network will need to evolve in the application layers. From Hoover’s blog:

It does make sense for enterprises to concentrate their money, time, and expertise to ensure the security, availability, and performance of their core applications. This leads to a careful retreat from the ongoing investments in traditional packet-defined architectures into an architecture that defines and controls connectivity at higher layers (L4-L7). – Mark Hoover

Hoover argues that it’s time to revisit the app layers to enforce trusted access across networks and clouds from a more cohesive control plane.  A kind of high ground where the CIO can exercise greater control of who accesses critical assets.  He is spot on:

This model for connectivity defined and controlled independent from the underlying network allows corporations to focus their security talent and spending only on the subset of the infrastructure related to delivering the core applications.  The network becomes a simpler underlying utility. – Mark Hoover

i-shall-return-againIf Hoover is right, we will see the network evolve again this time on a massive, much-needed scale with more security at the core and business as usual in the firewall jungle of LAN by LAN perimeters. Security returns where it matters and can be managed across LANs, clouds, etc from a single point of visibility, enforcement and control. Only then can security return to the network.





*BTW- in January our family explored the Mayan temples in the ATM Caves in western Belize– but we wore bathing suits.


Posted by: Greg Ness | February 23, 2018

VMware Intends to Buy CloudVelox

VMware 3; Cisco 0 <== More on this later.

Another brilliant move by VMware as it shifts away from competing cloud to cloud with the likes of AWS and Azure and focuses on areas where it has strategic advantage.  Well done!

Read the VMware blog post: VMware Announces Intent to Acquire Technology and Team from CloudVelox

Posted by: Greg Ness | February 23, 2018

Secure Enclaves now on AWS Marketplace

It is great to see secure enclaves now listed in the AWS Marketplace. It’s a big step forward for cloud security and early participants are large enterprises creating highly secure cloud environments.

This is important because it allows organizations to render the AWS boundary invisible (all within the excellent AWS shared security model) and only allows authorized access to the enclave.

Interested in high security AWS cloud environments?

Over the last few years there has been significant security improvements in public clouds.  Secure Enclave (1)For example, AWS now offers transparent data encryption, key management and secure compute features. Unfortunately, even with the advances in public cloud computing, organizations like financial institutions have been unable to leverage these services because many analysts work in secure facilities that have no Internet access. Now they can…

Read How to Build a Secure Enclave on AWS.

Posted by: Greg Ness | February 15, 2018

Time for a New Look at Segmentation?

The perimeter protecting the network, once considered impregnable, has been degraded by advanced threats and an explosion in the number of connected devices (and apps running on them) and a new generation of predatory malware attacks.Does segmentation

Since the dawn of the networking era, enterprises built open (flat) networks to offer every user access to (almost) every application. Many of these networks are global, spanning business units and national boundaries with unprecedented connectivity. Amazing. Powerful. Everything and everyone is accessible.

Today that access is now available to adversaries.

Some enterprise networks have become a kind of playground for hackers that offers up everything to everyone with minimal effort, not even the need to wait in line. With a few easily available tools or tactics adversaries can penetrate business critical apps and data. They simply compromise one of a growing population of connected devices.

From a single compromised device, attackers can then access other devices, servers and even printers to establish a robust foothold inside the network. From there they search for privileged users to get privileged access to servers, applications and data. Even with traditional network segmentation this can be a problem. (see diagram)

DC segmentationblog

Because of the difficulty and expense required to protect the entire network from these types of attacks, CISOs are taking steps to segment (or isolate) applications so they cannot be easily reached by adversaries, yet still be reachable by employees.

The problem is too much access, stolen credentials, and the ability for compromised devices to access servers from inside the network.

Connect on LinkedIn

Segmentation is the new perimeter strategy, and it should begin with the protection of applications and servers from attacks from compromised endpoints.  Yet CISOs have been “educated” by PCI compliance to think of server segmentation as a priority, instead of protecting servers from the most common threats.

It’s Time to Think Differently about Segmentation

A recent paper, Segmentation for Security by Silicon Valley veteran Brent Bilger, takes you through the various hops, attack vectors and approaches to effective isolation and access and reviews common approaches for security and business impacts. I highly recommend it if you have an open network and are looking for where to start.

Second Panel on Ukraine’s Cyber War held at GWU

==> UPDATE Feb 15 2018: See HR1997.

===> Feb 15 2018 White House blasts Russia for cyber attack on Ukraine.

====> Feb 16 2018: DefenseOne coverage of Ukraine cyber war.


Last fall we discussed how digital societies are more vulnerable to cyber mayhem and cited the recent Future in Review panel on Ukraine’s cyber war. Last week (Feb 7) a follow-on panel was held at George Washington University: The U.S.-Ukraine Cybersecurity Partnership. It is well worth watching.

Opening remarks from Frank Cilluffo, Director of the Center for Cyber and Homeland Security, and Dr. Leo M. Chalupa, Vice President for Research at George Washington University, highlighted that whatever threats Ukraine faces will eventually be seen globally. 

For additional background you can watch the entire Future in Review 2017 panel here. It covers the cyber conflict in Ukraine and implications for the modern digital society. The GWU Conference takes things a step further with a deeper technological discussion with implications for the future.


Posted by: Greg Ness | November 14, 2017

Secure Enclaves in the Cloud: A Game Changer for AWS

A powerful game-changing idea is now a reality thanks to advances in cloud security capabilities and software defined perimeter technology.

One of the most significant new opportunities for public cloud is the processing and storage of regulated data.  Until recently the idea was deemed heretical, mainly due to regulatory, compliance costs and the difficulty in interlocking physical and virtual security controls.  That has changed due to a recent Vidder secure enclave project for a public financial services firm.

Read more at Building Secure Enclaves on AWS.

Secure Encave Interlocks

Here is a link to Flackbox Guide to Mastering Cisco Networks  and a Udemy $10 course coupon from Neil Anderson, an Archimedius reader.

Older Posts »