Author: Yana Arad Raduzky
Cybersecurity is a competitive industry, and with 12.4% annual growth (swelling up to $150 billion in worldwide spending in 2021), that competition is only going to heat up.
Marketing in this field is complex and constantly evolving, mostly because the buying personas for cybersecurity products are often sophisticated decision makers who require a high level of trust and credibility from the companies they do business with. As such, it’s essential for cybersecurity companies to implement SEO strategies that build visibility, credibility, and authority in order to reach and convert their target audience.
With 10 years of SEO experience under my belt, I joined a cybersecurity startup in 2020 to establish its SEO department. To my surprise, there was a lot of nuance to learn and relearn in order to succeed! This industry is unique and best practices are not widely discussed online. In this article, I’ll empower others going on a similar journey. With the help of the talented Roey Libfeld, head of marketing at Apono, here are the insights you need to bring search visibility to your cybersecurity firm and build trust with potential customers.
Table of contents:
Why is SEO important for cybersecurity companies?
First, the cybersecurity market is highly competitive, which can make pay-per-click advertising expensive and risky (due to shifts in industry trends and buzzwords, which can translate to volatile ROI). Ranking organically via SEO can help cybersecurity companies reach their goals without breaking the bank.
Additionally, SEO enables remarketing for cybersecurity companies, helping them reach and convert their target audience over time.
Finally (and perhaps most importantly), buyer personas are generally sophisticated, heavily scrutinizing the credibility of the companies they may do business with.
By creating tailored, value-driven content, cybersecurity companies can demonstrate their understanding of their audience’s needs and establish the trust needed to advance the relationship.
What distinguishes cybersecurity SEO from other verticals?
Cybersecurity SEO is unique in that it involves creating content for both hands-on and decision maker personas. Additionally, the industry is heavily affected by trends, such as research from organizations like Gartner and news of attacks and breaches.
Some of the key challenges of cybersecurity SEO include the long buyer’s journey and low conversion rates that are common in the B2B space, the difficulty of attributing success to SEO efforts, ever-growing competition due to new players constantly entering the industry, the need to consider multiple decision makers, and the complex requirements and pain points of hands-on personas.
Additionally, cybersecurity SEO often involves category creation, in which new demand is created through PR efforts and traffic is then attracted through targeted content.
To establish your company as an authority in the industry, you must:
Create trustworthy content for each pain point, at each stage of the funnel
Pursue thought leadership activities (such as publishing on major industry publications and conducting webinars)
Engage in editorial PR (like getting industry publications to write about you and mention your products)
Additionally, you’ll need to stay up-to-date on industry trends so that you can be proactive in addressing your potential customers’ concerns and requirements. This enables you to build trust and credibility that can eventually help audiences feel more confident transacting with your business.
Cybersecurity SEO: Get into the right mindset
Keeping in mind the nuances and idiosyncrasies of the industry (discussed above), the keys to success with cybersecurity SEO are:
01. Prioritizing low volume keywords and long tail keywords in the form of questions (e.g., How does passwordless login work?, etc.)
02. Generating better (higher intent) traffic rather than simply more traffic
03. Considering the point of view of the audience rather than that of the company (i.e., the decision makers and practitioners, although the company’s vertical does contextualize their needs)
04. Be open-minded about where organic traffic may lead (for example, consider the value of sending traffic to discussions on platforms like Quora and Reddit)
The points listed above will contextualize your goals and implementation. Now, let’s take a look at what that strategic implementation may look like.
Start your research with personas
The first step in the research process for cybersecurity SEO is to identify your target personas and map the decision makers. This will likely involve determining whether the personas are business or technical decision makers.
For business personas, it can be helpful to identify industry trends and pains that the company’s product addresses, and to translate this information into terminology that business stakeholders will understand.
For example, one of the personas may be the CISO, managing IT and cyber risks. It is this person’s job to prevent IT security breaches. This may involve managing multiple security technologies and ensuring they work together. Their main concern is adhering to security standards and ensuring compatibility with the existing technology stack. Instead of emphasizing the business value, you should instead create content that underscores that your product meets best practices and standards set by regulatory bodies.
For technical personas, it may be more effective to focus on creating detailed documentation and technical guides that address knowledge gaps and help the audience understand and implement the company’s product.
Topic research
While keyword research mechanics for the cybersecurity sector is similar to what you’d encounter in other industries, there are important distinctions:
Search engines interpret many queries as primarily informational, so it can be a challenge to rank conversion-oriented product pages.
Many relevant queries have low search volume.
SEOs working in cybersecurity must become comfortable with best practices and industry lingo/jargon, as it’s very easy to inadvertently publish inaccurate content. Since expertise and trustworthiness are key staples in this niche, these mistakes could have serious repercussions.
To discover the target audience’s top pains and concerns as well as to identify trends and subjects of discussion within the industry, explore relevant professional online communities and forums (e.g., LinkedIn, Twitter, Reddit, etc). Additionally, talking to customers, target audience members, and customer-facing teams (such as support, customer service, and sales) can provide valuable insights.
Planning your content
It is important to tailor your approach to the needs and concerns of the specific target persona.
Targeting business personas
For business personas, this may involve creating educational content, answering high-level questions from executive stakeholders, and providing honest and unbiased reviews of the company’s product (against those of your competitors). Here are a few examples of content that may be suitable for these decision makers:
01. A wiki and/or glossary for industry terms and concepts
02. FAQs for executive stakeholders
03. Product reviews and comparisons featuring competitor offerings (example)
Targeting technical personas
For technical personas, it may be more effective to focus on technical how-tos and actionable guides that help solve specific issues, as well as emphasizing product features that lower barriers to adoption and make it easier for practitioners to implement solutions. Here are some examples of content that may be valuable for this audience:
01. A developer wiki for technical terms and concepts
02. Technical how-to’s with actionable solutions
03. List of product features that lower barriers to entry (ease of use, deployment time, integrations, etc.)
04. Useful resources and free tools (example)
As you would in any other sector, add internal links pointing to strategic pages from the many PDFs and other downloadables you produce. Oftentimes, white papers, infographics, e-books, and so on are overlooked in this aspect, and that’s a shame since PDFs are crawled and indexed by Google, so those links count.
All of these efforts need to be underpinned by credibility in order for them to move the needle for your business. To establish E-E-A-T (experience, expertise, authoritativeness, and trustworthiness) with Google and prospective customers, publish content written by credible industry professionals (not generalist content writers or AI-generated content). This will help your company establish itself as a helpful industry resource.
Amplify your visibility with off-site SEO
It is important for cybersecurity companies to focus on building backlinks and earning referral traffic. This can be achieved through a variety of tactics, including guest blogging, participating in online communities and forums, and leveraging PR and thought leadership activities such as webinars.
Remember, SEO is about organic visibility and conversions—not just about getting traffic to the company’s website. If a user wants to read reviews or compare similar products, you need to make sure that your product is featured in the leading websites providing reviews and comparison. An additional outcome of this presence will be valuable backlinks.
Opportunities not to miss when doing SEO for B2B (in general, but especially for cybersecurity) companies include:
01. Platforms and marketplaces (such as AWS Marketplace, Azure Marketplace, etc.) will have a page for each company they work with, but not always link to the correct page or to the website in general. All it takes to add a link is to request it politely.
02. Add your company page to review sites like G2, etc.
03. Work with experts and influencers who publish on Medium, Forbes, etc. For example, you can suggest that they use an infographic (that your company created) related to an article they’ve published—if they agree, you can politely request a link to your site.
04. Perform surveys and create infographics and research papers to surface unique information others may find useful. This will help you earn mentions and backlinks.
05. Very often, potential buyers will encounter Wikipedia articles during their research stage. Cybersecurity is a relatively new, rapidly evolving field, so many of the Wikipedia pages around terminology, technical concepts, and methodologies are thin and lacking. This gap provides an interesting opportunity for SEOs to add value and potentially get links.
You can find a vendor with experience contributing to Wikipedia. They can contribute to articles relevant to your audiences, with a link to additional information on your site. If you try to add the edits yourself, the Wiki community will very likely delete the changes.
This can help you build your company’s authority and lead to referral traffic. The vendor can also help you create an official Wiki entry for your company, which will likely appear in knowledge panels for branded queries. Note: While this tactic does not technically violate Wikipedia’s guidelines, it is strongly discouraged by the Wiki community and there is no guarantee that the content will not be deleted by other editors.
You can’t have cybersecurity without trust
Now you have a framework for reaching potential cybersecurity clients or working in-house for a cybersecurity company and influencing both technical and business decision makers. Remember, though, that success in this sector depends on establishing trust with your audience by demonstrating expertise. To do so, you’ll need to consistently stay up-to-date with industry advancements and trends, and updating your content to reflect those new developments.
Yana Raduzky is an SEO expert at Wix, setting up a robust SEO infrastructure and built-in solutions. Previously, she led organic growth for eCommerce, media & tech companies and educated teams on SEO best practices. Yana enjoys long walks, furniture assembly and SEO audits. Twitter | Linkedin