Venafi
The machine identity crisis: Validating the market opportunity and creating a sense of urgency around a new category
Taking the lead on global thought leadership, we helped Venafi to illuminate a previously hidden issue and create a new category for Machine Identity Management. Using a variety of tools – from academic and dark web research to economic modelling, threat research and industry surveys – we created proof points to demonstrate the urgent need for machine identity management and security. By driving a consistent narrative, we positioned Venafi as the pioneer and leader of the category. The data developed through these campaigns helped Venafi to secure $100 million in funding, and contributed to the company being acquired for $1.5bn.
Objective
Establish machine identity management as a category in its own right and position Venafi as the leader and pioneer of that category.
Educate the market on what machine identities are and the need to protect them, to create a sense of urgency for buyers.
Elevate the story to a C-Suite audience to drive top tier trade and business coverage.
Story
Back in 2015, Venafi faced an uphill communications battle: it had a very niche and technical message, and the challenges it solved were not immediately clear to a wide audience. Venafi then created the concept of ‘machine identities’, with a view to building a distinct category around machine identity management. Yet it was ahead of the market, using new terminology, with few other competitors around to evangelise about the problem.
One of the big challenges was that many breaches that involved machine identity theft and abuse were not reported on in that way. It was therefore difficult to demonstrate the real-world impact that such incidents can have or to build a sense of urgency that the problem must be fixed. We therefore partnered with several third parties to uncover unique data points to provide that proof and drive urgent buyer action:
The Cyber Security Research Institute (CSRI) conducted a six-month investigation into the sale of machine identities on the dark web. Here, we found digital code-signing machine identities for sale for $1200 and comparing this cost to other items for sale on the dark web – e.g. guns, passports, and other nefarious items.
Georgia State University and the University of Surrey investigated underground marketplaces for TLS certificates, showing that they were being sold and packaged with crimeware to support phishing campaigns.
AIR Worldwide, an extreme event modelling firm, showed that between $51-72 billion of losses to the worldwide economy could be eliminated through the proper management and protection of machine identities.
Forensic Pathways, a criminal intelligence provider, conducted a 3-month investigation into marketplaces and forums uncovering the prevalence of macro-enabled ransomware for sale on the dark web.
We also worked closely with Venafi’s internal threat researcher, product and marketing teams to create data-led campaigns. For instance, analysing major data breaches that involved machine identities to show the real-world impact and make machine identities more relatable to a wider audience. Scanning websites to show how many were using out-dated and insecure certificates, such as SHA-1, to educate on the issues this can cause. Working with Venafi’s threat team, we also showed how nation state threat actors were using machine identities within their campaigns, doing a deep dive on groups in North Korea and China. This helped us to drive mainstream business coverage in the likes of the Financial Times.
Beyond this, we created numerous surveys to help drive thought leadership and ensure that Venafi stayed ahead of the market on issues such as AI, quantum computing and changes to certificate lifecycles. The Spark press room also worked hard to identify trending stories through features, thought leadership bylines, news hi-jacking and proactively pitching for interviews. As a result, we were able to get to a place where we had journalists coming to us when stories break that have a machine identity element.
Results
Data from Spark-driven research campaigns was used within investor decks, which helped Venafi secure $100 million in funding, and contributed to Venafi’s recent $1.54 billion acquisition. Spark also helped to make Machine Identity a more recognised term – with Gartner including machine identity management in its 2020 “Hype Cycle for Identity and Access Management Technologies”.
From a media perspective, Spark achieved an average of 20 pieces of unique, quality coverage per month across 9+ years – including, on average, 2 pieces of business press coverage a quarter, including the likes of the Financial Times, BBC, Forbes, International Business Times, CNBC, Telegraph, Sky, and many more. Venafi has taken part in almost a hundred briefings, including 23 with business-level media – including The Economist and CNN Live. And in 2022, Venafi achieved a 68% Share of Voice against its five key competitors.
- Data-driven campaigns helped Venafi to secure $100 million in funding and to get acquired for $1.54billion
- Spark averaged 20 pieces of unique, quality coverage per month across 9+ years
- Spark averaged two pieces of business-level coverage per quarter, including Financial Times, CNN Live, Sky News, BBC, and Forbes
