# The security buyer ensemble

**Published by:** [Doug Lane](https://paragraph.com/@axalane/)
**Published on:** 2022-03-30
**URL:** https://paragraph.com/@axalane/the-security-buyer-ensemble

## Content

Something hasn’t been sitting right with me about the email I sent about buyer personas the other day. I still believe it. But I think it’s a bit of an oversimplification. So I’m going to take another crack at it over the next couple of days. I still don’t think creating cartoon caricatures of your buyers is a great use of time – especially for startups that need to keep marketing investments tightly focused. But I do think it’s critical to understand the buyer personas involved in the purchase process in detail and have a strategy for each. For today, let’s start by defining the ensemble. In most enterprise security deals, it looks something like this:“The Business Decision-Maker” – Most often, the CISO or related executive-level security or risk title.“The Security Architect” – The person responsible for turning the desired business objectives into reality on the ground.“The Stress Tester” – A sharp security brain who is too pedantic to get projects executed but is great for throwing at security vendors to test their mettle.“The Technical Gatekeepers” – Stakeholders who are not necessarily security-focused but own infrastructure your product touches. For example, network, servers, endpoints, application code, cloud infrastructure, etc.“The Administrative Gatekeepers” – Folks like purchasing and legal that you need alignment with to get into the end zone.Did I miss anyone? -Doug

## Publication Information

- [Doug Lane](https://paragraph.com/@axalane/): Publication homepage
- [All Posts](https://paragraph.com/@axalane/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@axalane): Subscribe to updates