According to multiple recent studies, industry analysts – and analyst reports – are the channel that has the greatest impact on cybersecurity professionals’ purchasing decisions.
Yet despite this, analyst relations is a frequently neglected part of companies’ communication strategy. Far too often, companies treat analysts as an afterthought, missing out on a valuable opportunity to engage with some of the most influential experts in the space. Compounding the challenge are misconceptions surrounding analyst relations. While some giants push for a significant amount of investment from vendors, the analyst landscape is diverse and populated with a wide range of analyst houses with an even wider range of specialisms, who also wield considerable influence. If companies restrict their analyst relations strategies to focus solely on one or two of the largest firms, they miss out on an opportunity to engage with other players with deep sector specialisms, who may be even more influential in their particular niche area.
Given the intrinsic importance of analyst relations – and ahead of Eskenzi PR’s upcoming IT Security Analyst and CISO Forum, in which ten vendors are scheduled to attend an exclusive two-day event to brief ten of the world’s most influential analysts and security leaders – we sat down with Teresa Cottam, Chief Analyst at Omnisperience, to discuss her areas of focus, crucial tips for cybersecurity companies looking to engage industry analysts, and why AI won’t take the place of industry analysts (just yet!).
With Omnisperience dedicated to helping telecoms firms understand customers’ evolving expectations and keep up-to-date with emerging technology and trends that drive success, our conversation began by discussing the intersection between telecoms and security, and her current areas of focus.
What are your current research interests from a security standpoint?
“Our focus is on the connected world and those who connect that world (fixed, mobile, satellite, fiber, and wholesale service providers), and we see security as an intrinsic part of their strategy. Ultimately what I’m interested in is how technology impacts telecoms providers, businesses, and their customers, rather than simply comparing the offerings of different vendors on a feature basis. I build the market for new technologies and help educate the buyer side on how a technology will impact their commercial results and customer outcomes. When I’m meeting with vendors, I therefore want to understand why something is a big deal and why I should pay attention. What’s new – not in terms of features and functions – but in terms of the impact of this offering and how it helps the target market meet their business goals or solve a business problem.
I often reinvent older technologies for my audience, for example, as industry spin has a tendency to move on and overlook something really important. A good example of that in the telecoms market are the stories around mobile number portability, for example, and broadband porting in the UK. MNP has been around since the ’90s and has largely been forgotten about – there’s just an expectation it will work. The problem is that some countries (such as the UK and Australia) have not updated their process or the technology supporting it for decades and this now presents a massive security risk – being a gateway for hijacking mobile identities. Mobile identity is a huge topic for us currently because it’s both an opportunity for telecoms players and a risk.
“There’s also currently a significant gap between vendors who come from an IT security background and those coming from a telco background. It’s two very different worlds and needs to be far more tightly integrated. In the telco world, the Network Operations Centre and the Security Operations Centre are coming together and we’re starting to see security as another component of service quality. The bottom line is that cybercriminals look for the easiest way to compromise and there’s a big assumption that telcos are intrinsically secure. That might have been the case years ago – mainly through security by obscurity – but as we’ve moved towards open-source infrastructure and as the number of connection points have increased, our risk profile has risen exponentially. Keeping network connections secure, ensuring high quality of service (by tackling issues such as DDoS) and assuring mobile identity are huge challenges for our industry and the customers who depend on us, but they’re also massive opportunities.
With AI dominating the news agenda at the moment, how is it changing your role?
“I think that 2024 will see something of a reset around enterprise AI, as everyone starts to get real about it, because while it has huge potential it does introduce very real risks and concerns for telecoms players and is not a panacea. As an industry, we’re very concerned about how we adopt AI safely and compliantly. Industry bodies such as TM Forum and the GSMA are doing a lot of work here in terms of bringing telcos and vendors together and helping them define ways of confidently rolling out AI-enabled use cases.
“From an analyst point of view, I think it will be a while before we’re replaced by AI! AIs currently can’t really tell you what something means, for example, and they can’t deal with novel situations as they rely on humans for that. But they can do a lot of the heavy lifting in terms of finding information and highlighting patterns in data. I was somewhat relieved to hear my daughter – who is currently studying journalism at university – say that her lecturer had informed her that ICT industry analysts were one of the safer job roles in the media industry!
What makes an analyst want to speak to a company?
“This really varies by analyst firm. Some will have a very prescriptive beat; smaller firms and independent analysts can be more flexible. I go where the interest lies for myself and telecoms service providers. I like looking at long-standing problems or new problems that have emerged in the gaps between systems, processes, or companies. I particularly like to hear where money can be made or lost, where the risk is, and how an issue impacts end customers. For people pitching to me, think about your best story and how it applies to what I do. I’m quite open to hearing new solutions to old problems, or novel solutions that will help mitigate risk or which present a new opportunity for telecoms firms.”
What factors help to make an analyst briefing successful?
“Relevance is key – don’t waste my time by making me sit through something that isn’t relevant. Don’t kill me with PowerPoint, or your message will get lost. I always think that if you can’t summarise what you want to say on one slide then you’re not really ready to pitch. Have a small number of slides and talk around them – a briefing is supposed to be interactive. Spokespeople who get too bogged down in technical detail and aren’t able to articulate what their USP is and why we should care about what they do can be very frustrating for an analyst. That’s why preparing your spokespeople is so important; ensure you go into the briefing knowing what you want to get out of it, so that your key points can be clearly communicated – otherwise, don’t be surprised if I don’t stick to your narrative or if your main points are lost!
“It’s also helpful to have an idea of the analyst’s briefing style. Some analysts will ask a lot of questions, while others barely speak. It’s important to try and find out from your PR or analyst relations team what to expect from the analyst, their personality and preferences so you can get the most out of your briefing. If you have a lot to say, then cover the basics in one session and book another session to hone in on a specific topic. It’s far better to have a focused and shorter session that leaves space for feedback and interaction than to try and shoehorn everything you know into one huge, generalised session.”
What’s the biggest mistake you see companies make when it comes to analyst relations?
“Intermittent contact and not taking the time to get to know analysts. All too frequently we see companies sending a generic mailer to analysts without taking the time to get to know us or our specific beats. What resonates is when someone takes the time to build a relationship with you and keep you up to date with what they think you’ll be interested in. If we know the person handling analyst relations well, we’re far more likely to take the time to listen to the pitch. The sort of personalisation that takes place in PR is often overlooked in AR. Nor have companies adapted to the changing roles of analysts. For example, despite a lot of us writing blogs and articles these days, we don’t always get given press releases at the same time as journalists and don’t get invited to the same events.
“I really do think that ARs need to pick up the phone more. Lots of communications professionals are now hesitant to pick up the phone or text, but it’s really hard – I’d say almost impossible – to build a relationship via email. Ultimately not having that personal relationship with an analyst means you can miss out on incredibly valuable opportunities, as the benefits of working with analysts extend far beyond column inches and appearing in reports. What people don’t see is the influence analysts have behind the scenes – I’m frequently asked by operators for my opinion on vendors or if I know a vendor that can do XYZ, but if I don’t know you from Adam, then I can’t talk about your capabilities or put you into those conversations. It’s one of the reasons I like to come along to Eskenzi’s analyst and CISO Forum, because it’s a great way to kick start relationships with vendors.”
To discuss how Eskenzi can deliver an impactful analyst relations programme for your company – or for more details on our upcoming IT Security Analyst and CISO forum, please get in touch with Katie Finn – email@example.com