Florie Lhuillier, CCGroup: “we will no doubt see a consolidation of the market”


Cybersecurity is a dynamic and vital field that continuously evolves to counter increasingly sophisticated threats.

As digitalization advances, safeguarding sensitive information with robust security tools like VPNs or antiviruses, and infrastructure from cyberattacks becomes ever more crucial. Professionals in cybersecurity must remain ahead of the curve by constantly updating their knowledge, attending industry events, and keeping up with key publications.

A great example - Florie Lhuillier and her transition from the music industry to her current role as Head of Cybersecurity at CCGroup highlights the diverse pathways into this essential sector. Her insights emphasize the importance of adaptability, strategic thinking, and staying informed to excel in the cybersecurity landscape.

It has been quite a journey transitioning from working in the music industry to Head of Cybersecurity at CCGroup! Could you embellish further on your experiences and shed light on any hardships you encountered during those years?

When I think back at where I started my career, it does feel like quite the journey.

I knew I wanted to work in comms since I was 15. I was subscribing to Rock Magazine at the time (it doesn’t exist anymore) where a few artists interviewed talked about their press officers and how they couldn’t have made it without them. I knew instantly this is what I wanted to do so I moved to Paris when I was 17 to study at the comms school EFAP.

I had this dream of becoming the press officer of my favorite artist, Damien Saez, and helping others become famous. I had the chance to work for various record labels as an intern for four years while studying. I got to meet and promote artists like Ben Howard, Patrick Watson, or Yael Naim and go to gigs three times a week. It was tough but I enjoyed it a lot.

I then moved to London to finish my master’s degree, thinking it was the place to be to work in the music industry. I was wrong. It was really hard to get a full-time job in this industry, and with the salaries music companies were offering at the time, it was impossible to live in London. I worked as a bartender at the O2 Academy Brixton and O2 Sheperd’s Bush to see live music for free, improve my English, and pay my bills while waiting to find the right opportunity.

It never came. I, therefore, decided it was time to change industry and keep music as a passion. I worked for a lifestyle and sports sponsorship agency for a few months and then became an ambassador for a tech startup one of my friends in France started. This is what got me hooked into technology.

I realized then that there were a lot of job opportunities in B2B tech PR and decided to go for it. I wanted a job that was both challenging and rewarding and this seemed like the perfect fit. I got one in an agency based in West London where I worked for enterprises and cybersecurity companies. I left after 3.5 years and then joined CCGroup where I lead the cybersecurity practice today.

Given the dynamic nature of cyber threats, how do you stay up-to-date with the latest developments in cybersecurity, and what measures do you take to continuously improve your skills and knowledge in this field?

To keep up to date with the latest threats and make sure I keep improving my skills and knowledge I do a few things including:

  • I read key cybersecurity, IT and business publications every day.
  • I subscribe to newsletters from small and big vendors as well as cybersecurity publications. The ones sent through LinkedIn are particularly very good.
  • I attend sessions at small and major cybersecurity events such as UK Cyber Week, Cloud & Cyber Security Expo, Infosecurity Europe, and RSA.
  • I also sometimes read books on cybersecurity, or technology more broadly, in my spare time. I recently read Fake Accounts by Lauren Oyler, it was very insightful.

In light of your research results, how can cybersecurity vendors adapt their approach to generating new business, considering the importance of channels, content types, and vendor attributes in influencing buyer awareness and purchasing decisions?

Cybersecurity vendors need to implement a specific strategy depending on where they are on their journey. In our report we have outlined three broad launchpad strategies for cybersecurity vendors dependent on their size and budget.

Take, for example, scaling vendors looking to improve the conversion rate of RFPs at the selection stage. From a channel strategy perspective, their priorities should be to:

  • Research the top business technology publications and develop messaging and content that will resonate with them and their readers. Thought-provoking content and independent research on industry trends is particularly effective in generating pick-up.
  • Create quality, authoritative content and update it regularly to improve SEO. Also, identify and target a specific keyword phrase for each authoritative content page on their website and include relevant links to well-read sources.
  • Organise webinars to promote their business as a credible source of information within the industry and educate their audience about the needs and capabilities of their products and services.

For the content strategy, their priorities should be to:

  • Regularly publish blogs and case studies on their website and promote these through social media channels and other digital marketing activities, demonstrating to their buying audience their problem-solving abilities, their understanding of their businesses, the value of their products and services, and their industry knowledge.
  • Invest in an effective and strategic analyst relations program, managed by a dedicated team, to become top of mind for key analysts, shift their perception, and give them the best chance of featuring in analyst reports.

How has the current economic climate impacted the cybersecurity buying landscape, and what trends have emerged in terms of vendor selection among enterprises?

The current economic climate has impacted the cybersecurity buying landscape in several ways:

First, budgets. 78% of enterprises in the US have increased their investments in the last year while only 58% in the UK boosted their spend.

Those that have decreased their investment stated talent shortages as the main reason. Inflation also had a significant impact on organisations’ investment but more so in the US. 71% of respondents in this market mentioned inflation as a main concern.

Looking ahead, despite seeing an increase in cybersecurity investments last year, 37% of US enterprises expect to see a cut in the next 12 months. Similarly, a quarter of UK enterprises (24%) are set to reduce their spending.

Then there are the type of investments. Projections for the next 12 months indicate that endpoint security will continue to be the most popular solution among US and UK enterprises (51% and 56% respectively). Application security is also anticipated to be an important investment (43% and 53%), followed by fraud prevention (36% and 52%).

Finally, there are obstacles to getting a purchase over the line. Given the current economic conditions, closing a deal is harder. Enterprises stated that cost, a lack of performance data and evidence from the supplier, and due diligence as the biggest obstacles.

What are the key findings from the research regarding cybersecurity vendors' marketing strategies to influence purchasing behavior, particularly during challenging economic times?

Our research shows that every channel and every content type has a role to play in a cybersecurity vendor’s overall marketing and external communications strategy—and buyers’ needs should be at the centre of this strategy.

Cybersecurity vendors need to make sure that all the activities they do, from the top of the funnel (such as PR and AR) to the bottom of the funnel (such as email retargeting of webinar attendees or PPC), highlight how they can solve buyers’ problems and meet their needs.

However, because of the tough economic climate, many businesses have been rethinking their approach to budget allocation. More often than not the first department to suffer from budget cuts is the marketing department. And that’s completely the wrong approach.

A business’ marketing team is key in understanding their consumers, how they feel, how they behave and how they are going to behave in the future. They are the first touch point. And because of that they are also the ones delivering leads to the sales team—crucial in tough times a lot of businesses are facing right now.

Cybersecurity vendors should give marketing teams more budget to allow them to create more content, be more regularly in touch with customers, partners and prospects, and support the sales team with lead generation as much as possible.

Can you share some examples of successful initiatives or campaigns that have helped cybersecurity companies establish credibility and gain recognition? Have you had any input into the process?

Sure. One good example is the work we have done for the bot management provider Netacea during the COVID-19 crisis. Just before Christmas, there was a PS5 shortage--customers were angry because there were going to be disappointed kids on Christmas Day. That’s the only thing the media was reported on, how bad it was and how angry people were.

We saw an opportunity here to talk about the “why”: Sony had produced enough stock, but they were being snapped up by bots and unavailable to the average consumer. We put together data from the threat research team with some proactive comment off we went. This generated a lot of coverage in national, business and trade media—and leads for Netacea.

Another is the work we’ve done recently with threat intelligence provider CYJAX. When we started working together in November 2023, the company had the lowest share of voice in the media among its competitors, despite its work with recognised global brands.

To raise awareness quickly and demonstrate the company’s expertise, we developed a series of compelling article synopses, comments and opinions on the issues CYJAX’s audiences are facing, created an open line of communication with the threat research team to develop media alerts based on their research into threat actors, and responded to editorial calendars and hijacking opportunities to make CYJAX part of global conversations.

These included Log4shell, the UK’s proposed ransomware payment ban, Chinese cyber espionage, crypto price rises, and Apple’s spyware issue. This helped us generate 71 pieces of coverage in 7 months and a 400% increase in tier 1 share of voice compared to the same period in the previous year and leapfrogging a competitor ten times bigger.

What emerging threats or trends do you think are driving the need for organizations to purchase new cybersecurity technology?

Our research shows that the factors driving the need for cybersecurity technology purchases are advances in technology, followed by keeping up with increasingly sophisticated threats. While these top priorities were the most common, differences also exist: demands from clients were reported by 28% of US respondents while keeping up with competitors is more of a driver in the UK (28%).

In terms of specific threats, the organizations we surveyed reported data breaches as the primary concern followed by spyware for the US and malware for the UK.

I also think we are going to see more enterprises in the next few months look for solutions that can help them prevent generative AI threats.

What role does thought leadership play in building awareness and credibility for cybersecurity companies, and how can they effectively leverage it?

As the cybersecurity industry gets more and more competitive every year, thought leadership plays an increasingly important role in building awareness and credibility. To be successful, cybersecurity vendors need to stand out. To do so, they need to have opinions on market trends and a strong vision for the future. This can be communicated in many ways including:

  • Opinion articles. Strong and bold opinions are must for media cut-through and particularly on issues that are not being discussed by the competition.
  • Comments. Responding proactively to feature and last-minute editorial opportunities on trends and market news—even better if you can do that using your data.
  • Interviews. Series of media briefings centered on key industry topics and the company’s story and growth.
  • Conferences. Major events provide an opportunity to meet with influencers and share thought leadership. However, I understand that during tough economic times, the budget for sponsoring events is often limited.
  • Finally, data. The majority of cybersecurity vendors have a lot of data available through their products and threat research teams. By mining this data, they can create news releases and other content that gives figures and stats on cyberattack trends for example. This is one of the best ways to showcase the value of solutions to potential buyers.

According to our research, cybersecurity buyers seek content that demonstrates vendors can solve their problems, understand their business, prove the value of their solutions and act as a trusted source of industry knowledge. 92% of respondents seek out blogs, for example, and 84% look for news articles featuring the vendor.

How do you see the cybersecurity landscape evolving in the next few years, and what implications do these changes have for cybersecurity buyers and vendors alike?

We will no doubt see a consolidation of the market. With more than 3,500 cybersecurity vendors around the world, it’s becoming increasingly competitive. This consolidation has started already. Just last month we’ve seen CyberArk agreeing to buy Venafi from Thoma Bravo, LogRhythm, and Exabeam announcing their plan to merge and Akamai agreeing to buy API security firm Noname. This consolidation means cybersecurity buyers are going to have less to choose from.

I also expect to see more cybersecurity vendors bundle their products to be more cost-effective for organisations, with of course an AI-based product included. Every vendor is jumping on the AI bandwagon at the moment!

From your perspective, considering the current landscape, what proactive steps do you believe everyday internet users can take to enhance their personal security? What specific tools or practices would you recommend for securing our devices in this day and age?

The proactive steps mentioned by the National Cyber Security Centre here are pretty spot on. Having a password management tool, enabling multi-factor authentication wherever possible, backing up your data, and keeping software up to date are the key things you should be doing right away. In addition to that, internet users should:

  • Be wary of public Wi-Fi: we’ve all hopped onto the public Wi-Fi network of a train station or airport when traveling, particularly abroad. However, while this may be convenient at the moment, it can put us at risk and make us vulnerable to cyber criminals. Why? Because public Wi-Fi networks are usually unsecured as they need to be accessible to everyone. Cybercriminals take advantage of it to steal sensitive information from unsuspecting users by either creating fake Wi-Fi hotspots or hacking into the network.
  • Look out for phishing emails: phishing is a form of social engineering that tricks users into providing their own personally identifiable information or sensitive information. In phishing scams, emails or text messages appear to be from a legitimate sender asking for sensitive information, such as credit card details or login information. There are a couple of ways to figure out if an email or text message is a phishing one:
  • The email address—usually it won’t exactly match who the sender is supposed to be. For example, the address may contain extra characters in the domain name, or the name of the sender might be spelled wrong.
  • The tone of the email—it will likely be a short email which has a sense of urgency, prompting you to act quickly. The email will also contain a link or an attachment for you to open. These links contain malware or ransomware that can infect your computer or network and steal your information so never click on or open them.

If you spot you’ve received a phishing email, delete it, both from your inbox and your trash folder so you don’t click on it later. Also, if the phishing emails claim to be from your bank or mobile provider, for example, you can report it to their customer support team for investigation.