Gartner is practically as ubiquitous in tech as the usage of the word “transformative,” and cyber companies pointing to its iconic Hype Cycle to brag about market size and potential is commonplace. Yet, for all of Gartner’s brand recognition, there are still decision-makers who aren’t familiar with why they should even consider engaging with the analyst firm, and many others who inherit contracts with little idea of how to make the most of their significant expenditure.
That’s why we caught up with Nancy Shapira-Aronovic, of Gartner, who has worked at the company for more than 11 years and currently serves as Senior Business Development Director. She’s based in Israel and is primarily focused on working with the country’s cybersecurity companies which make up one of the world’s largest cyber ecosystems.
Cyber Intelligence: Can you explain why good analyst relations are important for cyber companies?
Nancy Shapira: I originally worked for a company called Formula which had a Gartner and Forrester subscription. Initially, I did not know how to work with analysts at all, so I really learned from the bottom up. I soon understood that effective analyst relations are a very sophisticated tool for marketing. Sadly, most marketing people don’t have the knowledge or the time to use it effectively.
CI: Tell me, how should companies approach analysts?
Shapira: It does depend on which industry they are in. There are hundreds and hundreds of analyst groups, and some of them are very focused and very niche, only covering a specific industry. Gartner is by far the largest and is now a $5.5B company, following acquisitions of other groups and analyst companies over the years. Forrester is probably the second biggest firm of analysts, and we are a little less vendor focused than our competitors and more focused on the IT and business buyers. Gartner’s focus is firmly fixed on the IT industry.
CI: I would imagine you are up against the really big players.
Shapira: Gartner is by far the largest player among analyst groups; however, some other analyst groups do a lot of things that Gartner doesn’t, such as writing paid content on behalf of the vendor. If your goal is to have something written about you that says how great you are, then there are plenty of analyst groups that will do that. Gartner will not write a report for anyone, not even for our biggest customers, in order to protect our objectivity
CI: A typical marketing executive has limited time and a limited budget. What are the benefits of working with a Gartner analyst?
Shapira: The first question they should ask is, what are their goals as a marketing executive? I would say, in general, the companies that are working in a specific industry in the technology world, such as cybersecurity, do have to take industry analysts into consideration in their marketing plan. And there are ways to work with the different analyst groups without becoming members. You could, for example, give a vendor briefing. That is true for any analyst group, including Gartner. You can ask for a vendor briefing with an analyst when you are pitching your story. You have between 30 minutes and 60 minutes. It is not under NDA, so anything you say is considered public knowledge. It’s not always considered a two-way conversation. The analyst can ask questions, but they typically do not give any feedback on the call. However, working with any analyst firm effectively means making it part of your strategy and actually creating an ongoing relationship with analysts, which is not usually achievable by vendor briefings alone.
CI: How can you know what would resonate with a particular analyst?
Shapira: When you’re talking to an analyst, you have to understand that you are basically talking to a person who constantly monitors the industry and who is also in contact with your competitors, your partners, your VCs, and who also knows what the entire industry looks like. The analyst is trying to put you as a vendor into a specific slot. The real importance of the analysts is that whatever they get out of that vendor briefing is what they are going to tell your potential clients, your potential investors, and your potential partners. It is your job as a vendor to make sure they really understand what you are doing.
CI: What made you choose to specialize in dealing with cybersecurity companies?
Shapira: I decided to focus on cyber in Israel because cyber is the perfect storm. It’s an ongoing battle between cybercriminals and cybersecurity professionals. But the people who buy cybersecurity are usually the CISOs (Chiefs security information security officers). They have a liability in that if they do get hacked, it might cost them their job.
CI: What has driven Gartner’s growth when it comes to cyber?
Shapira: It is not just that the growth of cybercrime into a global industry is a big problem; there are also a great many cyber companies to monitor. Gartner, therefore, has hired more cybersecurity analysts than any rival analyst group. We have over 100, and I learned early on that our cyber analysts were actually able to very much help the cyber companies. And, of course, Israel has been a key driver for Gartner’s emerging cyber-tech research. We started out with four cyber clients in Israel in 2012, and now we have well over 50 or 60. Considering that an estimated 60 percent of the global cyber spending is made in Israel, it makes it a very good place to be. Gartner is also involved in the sales cycle for cyber companies, especially in the US market, because the chief security officers have so much to choose from, and there’s so much hype about surrounding new vendors; they really do use Gartner and the other analyst groups to validate their choices. Our clients frequently use Gartner as a kind of decision-making tool. For example, the CISOs might ask should I use an emerging tech vendor? Which one should I use? Which one will solve my problem?
CI: Do you feel like many of the review platforms out there are easily manipulated?
Shapira: There are many review sites-again it depends on what your goal is in using them. Gartner has its own customer review site, also called Peer Reviews. It started after G2. However, it’s very hard to get a review approved. Gartner does a lot of vetting, which can be frustrating for the vendor, but they have to understand that that’s the way you get a real view and not get manipulation of those reviews. Gartner really does double-check the reviews and talk to the client to validate the reviews
CI: And how should the client talk to Gartner?
Shapira: I can talk about some of the best practices – I would say the one that is most frequently overlooked is to do some preliminary research on the analyst. Your PR company, if you work with one, can help you with that. You have to know what they are interested in and what they writing about.
CI: Is there anything else a cybersecurity company should do to prepare for an analyst call?
Shapira: Prepare your speakers. You have to decide who’s going to be on that call. Is it going to be the CEO? Is it going to be the marketing person? And they have to be prepared to deliver. As you know, I’m a marketing person myself. But I will tell you that a lot of analysts, including Gartner analysts, do not want to hear just the marketing pitch. So it is very rare that we would recommend just the marketing person be on the call unless it’s a maintenance call. If this is your first call with the analyst, we recommend that you get a C-level person on that call, if possible the CEO and, if possible, another more technical person like the CTO or the product person. The CEO has to talk about the business. The analysts are not merely interested in the technology, they want to know where you’re at. Do you have money, and do you have clients? What are your use cases, and does the CEO have a believable vision for the company?
CI: What kind of information should a company be prepared to offer Gartner?
Shapira: What they want to know is, what are you doing that’s different? How are you doing it? And you do need to explain to them as much as you can without revealing your secrets. You need to explain to them how you are doing this, and if they’re technical, they will ask questions. My recommendation is never to say no to an analyst. Don’t close the door on an analyst if they ask a question about the technology or the business. If it’s something you’re not sure you can reveal, then you can put it off, but you need to leave the door open for them because they need that information. They need to know how you’re doing it, and they need to know what your business is. You don’t necessarily have to give the names of clients. If you’re at a stage where your company doesn’t want to give out the names, that’s fine. But without names, you do need to give customer use cases.
CI: Do clients sometimes exaggerate?
Shapira: Look, sometimes the analysts know things about your operation even if you don’t tell them because your client might also be talking to them, so you have to keep in mind that the analysts know more than you do, and they may have heard much about you – both good and bad. You have to understand before you get on the call what your company’s policy is as far as revealing customer names. If you are at the right stage, at least try to give one customer name.
CI: Is there anything else you should bear in mind on an analyst call?
Shapira: The other thing that’s also a bit overlooked sometimes is that whoever is speaking, especially if it’s the CEO, needs to show their passion about the solution. You may think that’s obvious, but I’ve been on hundreds and hundreds of these calls, and sometimes the people sound bored, and they’re not expressing their passion about the solution, and that does make a difference. You have to be excited about your own product for the analysts to be interested.
CI: When should a company release confidential information to an analyst?
Shapira: This should be only done under NDA, which is available in a client call-not the vendor briefings An analyst does not want to get the Press Release. You know, they want to know before the PR, which is a little tricky if you’re under an NDA. The Gartner analyst wants to know before your PR goes out. You have to put the analyst first because, in their minds, they’re not your conduit for content, which I know is not what most marketers want to hear.
