Cybersecurity Marketing: The Blues Brothers Principle

Explore the 'Blues Brothers Principle' in cybersecurity marketing: Give your potential customers a crystal-clear image of what they're buying.

Avatar of hakluke



Before I worked in cybersecurity and marketing, I did a lot of marketing in the live music scene. I observed a phenomenon that I now refer to as "The Blues Brothers Principle", which applies directly to cybersecurity marketing.

It is far easier to sell tickets to tribute gigs than original music. I promoted some original bands that were truly world class, incredible musicians. The music they played would have delighted almost anyone who came to their gigs. But nobody came to their gigs.

On the other hand, I promoted some tribute bands, including the Blues Brothers tribute band. The people who played in these bands were average musicians, certainly not world class. Despite this, with very little promotion, they could sell out a theatre with thousands of seats.


It's simple: people want to know exactly what they are buying before they buy it. It's difficult to convince someone to spend money, leave their home, and go to a concert for a band they've never heard. It's risky. They might not enjoy themselves, and they might regret skipping Netflix on their couch.

When you buy a ticket to the Blues Brothers tribute band, you already know exactly what you're going to see. You know what songs the band will play, you know what instruments will be in the band, you even know what they'll be wearing! Seeing a Blues Brothers tribute is a safe bet.

How does this apply to cybersecurity marketing?

I work with a lot of cybersecurity organizations to optimize their marketing efforts. I see the same mistake being made constantly. The marketing efforts do not accurately, succinctly explain what the offering is. In other words, they do not follow the Blues Brothers Principle.

Unlike selling most things (hammers, apples, clothes) cybersecurity offerings are very complex. As such, the first step to marketing them is to be able to explain what they do. You need to educate your potential customers. If you don't do this well, potential customers are seeing your marketing efforts, and being left confused and unsure.

How can I follow the Blues Brothers Principle for marketing my cybersecurity product/service?

There are many different ways to improve your marketing materials:

  • Make sure your landing page has a simple, 1-2 sentence description outlining exactly what your offering provides in clear, concrete terms.
  • Make sure that your social media bios contain the same description.
  • Create short explainer videos that describe what the product/service does, and provide screen recordings to demo exactly what that looks like.
  • Create blogs and/or social media posts that describe and demonstrate exactly what the product does.
  • Provide free, no obligation demos of your product/service so that potential customers can really know what they're paying for. Another option is to provide no-questions-asked money-back guarantees.
  • Provide interactive product tours that allow your customers to explore your product/service features in a hands-on environment.

Really, anything that gives the customer a clearer image of exactly what they're buying is good. When you stack this on top of other fundamental marketing concepts like social proof, pricing, positioning, packaging, etc. you've got a winner!

Dispelling customer doubts

The potential customer needs to know the answer to questions such as:

  • What happens after I put in my credit card details?
  • Does this solve my problem? How?
  • What kind of support can I expect after I buy?
  • What does the user dashboard look like?
  • Will this integrate with our existing processes?

As a marketer or a sales person, a huge part of your goal is answering these questions. The earlier you can answer these in the buyer journey, the less potential customers you'll lose.

Some examples

I can't show examples of my clients of course, but here are some fictional ones:


❌ "We help to secure your attack surface"

This is too vague, and doesn't accurately describe what the EASM solution would actually do to help secure the attack surface. This could be replaced with:

✅ "We discover your external assets, scan them for vulnerabilities, and prioritize them"

Another example is this one, which uses too many buzzwords.

❌ "Revolutionize your digital defense frontier with our AI-infused, blockchain-secured External Attack Surface Management tool, fostering unparalleled synergy between real-time threat intelligence and asset discovery seamlessly fortified cybersecurity ecosystem."

This leaves the reader frustrated and clueless. Instead, you could try:

✅ "Discover your external attack surface and prioritize your remediation efforts with {{product name}}."

Purchase workflows

The path that a potential customer needs to take to purchase your cybersecurity product/service is very important. Once again, they're unlikely to purchase your product if they're not 100% crystal clear on exactly what they're purchasing.

You can design your purchase workflow to educate the user as they buy, and reinforce their decision as they progress through the checkout workflow. Some ideas on how to achieve this include:

  • Offer free trials of your product prior to asking for payment information
  • Offer a free-tier version of your product/service that can be used, so that the user has a feel for it before they upgrade to a paid version
  • At the checkout page, provide a list of things that will happen after the customer enters their credit card details (and then deliver on the promise)

Advertising videos

Many cybersecurity products/services are utilizing video ads to market their content. Much like taglines, these videos often don't accurately, succinctly explain what the product/service actually does, or what problem it will solve.

When you create video advertisements, try to structure them like a story:

  1. Hook - have an engaging visual + audio hook at the start that grabs the attention of the viewer
  2. Define the problem (can be combined with the hook)
  3. Expand on the problem (describe some ways to know if you're having the problem, relate to the customer's feelings about the problem, etc.)
  4. Describe how your offering solves the problem (What does it do, exactly? What changes can the user expect to see by using it?)
  5. Call to action (get the user's email, push them to your website, buy now, etc.)

Want help implementing this at your org?

If you'd like some help with marketing your cybersecurity-focused product/service, get in touch!

Want help with your cybersecurity marketing?

Drop us your email, we'll be in touch!