# Breaking into cybersecurity marketing By [Doug Lane](https://paragraph.com/@axalane) · 2022-03-30 --- A fellow freelance marketer in a Slack group I’m in asked me for some advice about breaking into the cybersecurity niche. I thought I would share my suggestions here in case they are helpful to any of you. Build your general industry knowledge a little each day ------------------------------------------------------- One of the problems with the cybersecurity space is that there is a lot of noise. It can be a bit overwhelming. But I do think it’s important to build some general knowledge about what is happening in the industry. [KrebsOnSecurity](https://krebsonsecurity.com/) is one of the go-to sources. If you prefer podcast form, [CyberWire Daily](https://thecyberwire.com/podcasts/daily-podcast) is another source of general industry happenings. Learn the sub-niches -------------------- There are quite a few sub-niches within the broader cybersecurity space. Examples include endpoint security, cloud security, identity and access management, and so on. [This chart](https://www.optiv.com/sites/default/files/images/Cybersecurity-Technology-Map-Web-min.png) will give you a feel for the breadth of the industry. It’s…a lot. While it’s important to know what all of the sub-niches are at a high level, no one can be an expert on all of them. So pick a couple that interest you to dig deeper into. If you’d like suggestions, a few that I’m really interested in right now are API security, Zero Trust Architecture, and security orchestration and response (SOAR). Read up on your sub-niches -------------------------- Once you pick some sub-niches, a good place to start is to look for research from analysts like Gartner and Forrester Research. These reports are expensive, but you can usually find free reprints on security vendor sites. For example, if you are interested in API security, you can [grab this report](https://www.imperva.com/resources/resource-library/reports/magic-quadrant-for-web-application-api-protection-waap/) and check out [this free webinar](https://www.gartner.com/en/webinars/4002323/api-security-protect-your-apis-from-attacks-and-data-breaches). Similar resources will exist for most other sub-niches. Read up on large-scale security incidents ----------------------------------------- Once or twice per year, there is a major cybersecurity incident of some kind that drives industry discussion for months. These can be very instructive about some of the critical issues the industry is facing, and security vendors are often eager to explain how they can help prevent something similar from affecting their customers. For example, if you Google “Log4j” or “Log4Shell,” you will find an endless sea of recent security vendor content. The [SolarWinds incident](https://www.wired.com/story/solarwinds-hack-supply-chain-threats-improvements/) is another great example. Build relationships with agencies that use sub-contractors ---------------------------------------------------------- I am more than happy to [jump on a Zoom call](https://calendly.com/axalane/30min) any time if you would like to talk a bit more about the areas that interest you. (This offer applies to daily email subscribers as well!) I frequently receive inbound requests that I don’t have the capacity to fulfill. Saying no is easier if I can refer the person to someone else who may be able to help. I do also occasionally bring subcontractors in on bigger projects. There are also some content marketing agencies that use subcontractors as their primary model. Two examples are [AimPoint Group](https://aimpointgroup.com/) and [CyberEdge](https://cyber-edge.com/). I hope this helps! \-Doug --- *Originally published on [Doug Lane](https://paragraph.com/@axalane/breaking-into-cybersecurity-marketing)*