Accelerating Sales Cycles With CISOs

Forget the $32B exit, Wiz’s meteoric rise to $500M+ ARR is a masterclass in enterprise GTM blitzscaling👇 Wiz entered a very crowded Cloud Security market in 2020 after a pivot. Then they flipped conventional wisdom, rewrote the playbook, and built a juggernaut in record time 📈 I dug into the Go-To-Market engine behind Wiz’s rise—here’s what stood out: 👉 Product-market fit is obvious when it hits. In the early days, Wiz spoke to 10-15 customers daily. They heard polite feedback at first, but the game changed when prospects asked for pricing and sent POs. Founders and early leaders closed millions in ARR themselves—leaning on their industry credibility. 👉 Top-down sales, done right, can scale fast. No freemium. No self-serve. Wiz sold directly to CISOs—high stakes, high-touch, and high ACVs. The kind of enterprise motion everyone assumes takes years. Wiz broke that rule. 👉 They avoided the mid-market-first trap. Straight to the Fortune 100—who bought, fast. That’s remarkable in cybersec, known for 12-18 month sales cycles and endless POCs. Their ACVs? Into the seven figures. When the pain is urgent and the product hits right, big fish don’t nibble. They bite. 👉 Time-to-value became their superpower. Agentless. Minutes-to-deploy. Immediate visibility across risks. A rare enterprise product that promised to deliver impact from Day 1. That’s not luck—it’s intentional design. Founders - find a critical, underserved pain point, and deliver value lightning-quick 👉 They blitzscaled—with precision. Once solid PMF was clear, Wiz didn’t tiptoe. They hired CXOs, numerous sellers, sales ops fast—before the revenue caught up. Many GTM hires came from outside the usual playbook—creativity and fresh thinking followed. 👉 They went where the customers buy. Wiz went to cloud marketplaces and resellers and made them allies. 99% of Wiz sellers closed at least one deal through AWS, Azure, or GCP marketplaces. That’s not just channel strategy—it’s budget strategy. By aligning with cloud hyperscalers, they unlocked enterprise dollars already earmarked for cloud. 👉 Great enterprise marketing can manufacture momentum. Wiz proved that in enterprise tech, savvy marketing and PR can create an outsized lead. They masterfully created an aura through ARR announcements, weekly threat research publications, and even quirky CISO meditation apps. Marketing was a strategic weapon that generated FOMO among buyers and competitors alike. 💡 Timing, of course, was perfect. Cloud security turned into a boardroom priority post-2020. Wiz showed up with the right product, right GTM, and right team—at exactly the right moment. $32B is a wild number. But what’s rarer is how they got there: speed, scale, and ruthless focus. Hats off to the Wiz team! For enterprise founders, the message is clear: when a large market’s ready, the only ceiling is how hard you’re willing to lean on the GTM throttle.

Want to sell to a CISO? Start with this. Selling to a CISO is not supposed to be easy. We carry the weight of protecting an entire organization while juggling risk, budgets, and board expectations. What makes a difference is when someone approaches with thoughtfulness. The best partners I have worked with came prepared. They understood the company, the landscape, and what actually mattered. They shared insights instead of a pitch, and they showed value whether or not a deal was on the table. They invested in trust and relationships, not just transactions. And the ones who really stood out built those connections in person, not just with me but with my directs too, who often drive the decision-making. The best salespeople are also good listeners. They talk less and listen more. They do not try to speak knowingly about breaches or risks where it is not their expertise. They respect that credibility is earned by listening, learning, and adding value in the right ways. On the flip side, it is easy to see through shortcuts. Fear-based selling does not work. Generic outreach does not land. Automated cold messages go straight to the ignore pile. If you do not put in the effort, you cannot expect effort from the other side. And if the relationship ends once the contract is signed, it was never a partnership to begin with. One more thing: founders and CEOs who show up personally, instead of leaving it all to their sales team, make an outsized impact. When leadership invests in relationships, it changes the dynamic completely. At the end of the day, CISOs are not just buyers. We are people. If you lead with thoughtfulness, listening, and genuine connection, you will stand out more than any flashy demo ever could. And if you get it right, you do not just win deals, you earn long-term partnerships. #ciso #cybersecurity #infosec #informationsecurity #sales

Head over heels in love with this phrase a newer AE has been using in her disco convos that she shared during one of our Peer Groups last week: "I'm still learning the ins and outs of your job and what your everyday looks like." And apparently, it works every single time. Not "I understand your challenges." Not "I work with companies like yours." Just admitting she doesn't fully get their world yet. The prospects slow down a bit and start explaining things differently. They become teachers instead of prospects. Apparently, one VP of Supply Chain spent 47 minutes mapping out his entire operation after she.…..just said she was still learning about all things supply chain. Weird, right? The funniest thing is that this is probably what a lot of reps are all thinking but don’t say. They sit through these disco calls nodding along while acronyms fly over their heads. They pretend that 3-day onboarding somehow made them experts in their industry. They may even memorize persona cards that say "CFOs care about ROI" and act like we've unlocked some Rosetta Stone shit. Meanwhile, I'd wager most buyers would know that they're faking it. But when you admit you need their help understanding their world? That level of vulnerability works. - They tell you why your competitor won't work (saving you weeks of positioning). - They explain which stakeholders will kill the deal. - They literally draw you a map of how to win. Gong's data backs this up, btw...reps who use phrases like "help me understand" have 23% HIGHER close rates. Probably because it sounds human? Another rep in the group mentioned they tried something similar with a CISO. Eight years of selling experience, knows security cold. But instead of the usual dance, he goes: "I know software, but I don't know your specific environment. Walk me through what breaks." CISO ended up explaining exactly how to position against the incumbent. Even suggested which features to ignore during the demo. So maybe you should stop pretending. Stop nodding when you're lost. Stop using discovery scripts that assume every VP is the same VP. The smartest person in the room is usually the one asking the dumb questions. I'm not saying that expertise is useless or that you shouldn't strive for it. Not at all. What I AM saying is that maybe your buyers don't need someone who pretends to know more than them about THEIR INDUSTRY. Maybe they need someone who cares enough to actually understand their mess before suggesting solutions. Expertise is overrated. Curiosity closes deals.

I've Facilitated 3,000+ Vendor Meetings. Here's What Nobody Tells Founders About Timing January 15th. April 3rd. September 22nd. The only dates that matter for closing enterprise deals. After 3,000 meetings, I discovered enterprise sales has a hidden calendar. Miss it, miss everything. The Q1 Death Zone (January-March) Vendors think "new year, new budget!" They're wrong. January 1-15: CISOs are in planning mode. Zero buying. January 16-31: Budget allocation fights. Still not buying. February: Finally ready to evaluate. But not decide. March 15-31: The golden window. Decisions happen here. One vendor pitched 37 times in January. Zero closes. Same vendor pitched 10 times in late March. 7 closes. The April Acceleration April 1-15: CISOs panic. "We have budget we haven't allocated." This is your moment. I watched a 2-person startup close $1M in 11 days. Why? They were the only vendor ready when the CISO needed to move fast. Luck played a role here! April 16-30: Too late. They've already chosen. The Summer Slowdown Myth Everyone thinks July-August is dead. They're half right. July: Dead for new initiatives. ALIVE for renewals and expansions. August 15-31: CISOs return. They're planning Q4. Get in NOW. A vendor ignored August. Their competitor didn't. Guess who owned Q4? The September Sprint September 1-15: Evaluation frenzy. September 16-30: Decision time. October 1: Too late. Budgets are locked. I've seen more deals close September 22-30 than any other week. Every. Single. Year. The Q4 Reality October: Planning next year. Wrong time to sell this year. November 1-15: Last chance for current year deals. November 16-December 15: Dead zone. Everyone's in 2026 mode. December 16-31: Surprise! Emergency buys happen here. The Patterns Nobody Notices Monday/Friday: Terrible for first meetings. CISOs are in firefighting mode. Tuesday 10am: Golden hour for first calls. Thursday 2pm: Best close rate for final negotiations. The 47-Day Rule: Average enterprise deal takes at least 47 days. Start September 1 to close October 17. Start October 1? You're in next year's budget. The Hidden Calendar Hacks → Track when CISOs change jobs. Month 3-4 in new role = buying time. → Monitor breach announcements. Week 3 post-breach = budget appears. → Watch for new compliance requirements. 90 days before deadline = panic buying. The Brutal Truth Timing beats everything. The best product pitched in January loses to the average product pitched in March. I've watched brilliant startups fail because they pitched in December. I've watched mediocre vendors win because they understood the calendar. Your calendar is either your secret weapon or your silent killer. Which will it be? P.S. At Execweb (A CRA Resource), we track buying patterns across 3,000+ 1:1 intro sales meetings we have facilitated for cybersecurity startups. The calendar doesn't lie. But most vendors never learn it. #EnterpriseSales #B2BSales #SalesTiming #StartupSales #Cybersecurity

Founders keep asking me why their sales cycles are so long. Let me walk you through what's actually happening inside the enterprise while you're waiting for that "yes." Month 1-3: Your champion finally gets budget approval to explore solutions Month 4-6: Security team runs internal assessment and realizes they need to involve compliance Month 7-9: Compliance says legal needs to review because of data handling Month 10-12: Legal marks up your contract and it sits in their queue Month 13-15: Procurement gets involved and wants you to match their preferred vendor terms Month 16-18: CFO asks why they can't just use the tool they already have Then maybe you close. What most founders don't understand: Security budgets aren't sitting there waiting for your innovation. They're allocated annually, often locked into existing vendor relationships. A CISO doesn't just decide to buy your product. They have to justify it to: → Their CFO who wants to cut costs → Their legal team who sees risk in every new vendor → Their compliance team who needs documentation you haven't built yet The startups that close deals faster: They're not waiting until month 10 to find out legal will be involved. They're asking about the approval process in the first meeting. They're not surprised when procurement shows up. They've built relationships with those teams early. This is why product-market fit isn't enough. You need process-market fit too. Understanding how enterprises actually buy is as important as building what they need. Founders, what surprised you most about your first enterprise security deal?

Wiz's $32B acquisition by Google (their largest) is wild. But, it's not the most interesting part. It's their early playbook... and how they got started. The playbook is from Cyberstarts, an Israeli early-stage VC firm that focuses on investing in Israeli founders in the cybersecurity space. They've produced 7 unicorns, 1 decacorn (Wiz). A mind boggling hit rate. If you listen to 20VC, you might have caught the episode with Gili Raanan, GP/Founder of Cyberstarts. This is where I heard about the playbook. 👉 The Sunrise Program & CISO Community. Startups need a few crucial ingredients in the beginning: ✅ Talent & expertise ✅ Rapid customer feedback for iteration to nail PMF ✅ Distribution to get in front of customers ✅ Rapid revenue growth (not always, but depends on your ambitions) The Sunrise Program was designed to fuel all of these and help entrepreneurs at their inception (as described on the Cyberstarts' site). A large component of the program is their CISO Community. CISO (buyers) would invest time to provide product feedback & expertise (as advisors), insights into their hardest challenges, testing of the product, and evangelism. Not only does this help build better products that align to buyers' needs... It also creates a built in fanbase and distribution channel. Naturally, you want to help support & grow what you help build. The playbook works as follows: 1. Bring in your buyers (find the best in the industry so they also act as signals to the market later) 2. Leverage their expertise & guidance on what challenges are hardest for them to tackle 3. Focus on that challenge 4. Build with inputs, feedback, and iterations with your buyers 5. Create early fans and evangelist of your product 6. Convert design partners into early customers, fast path to first $1M 7. Leverage the broad network of buyers who your first buyers know 8. Get introductions to those buyers (early evangelist helped build, so they naturally want to help promote) 9. Word of mouth is the best referral for distribution 10. Revenue closes faster 11. Faster revenue growth attracts more talent, investment, customers It's brilliant. Over the last couple years, I've talked to a few Wiz customers. They all said something similar.... "Wiz is one of the best $%^&ing products we've ever used."

If you sell to enterprise or regulated industries, trust isn’t the last thing you earn - it’s the first thing you prove. Most companies don’t lose deals in negotiations. They lose them in the part of the customer journey they never see. That invisible moment when a buyer’s risk, compliance, or IT team quietly asks: “Can we trust this vendor with our data and reputation?” If the answer isn’t instantly visible, you’re gone. No RFP. No meeting. Just a quiet disqualification. That’s why modern CISOs don’t just protect revenue...they create it. They map not just the attack surface, but the trust surface - where buyers look for reassurance before they buy. 7 Ways CISOs Can Drive Growth 1- Push visibility - publish your compliance frameworks and certifications publicly. 2- Champion a live Trust Center with real-time proof (SOC 2 / ISO, data map, privacy, PDPL/SAMA). 3- Work with Marketing to build campaigns around security maturity...your story builds confidence. 4- Advise Sales on how to answer risk questions earlier (and link your Trust Center in every sequence). 5- Co-create assets: • “Why customers trust us” landing page • Mini-guides on regional compliance (PDPL, NCA) • Customer-facing “security one-pager” for enterprise RFPs 6- Define trust metrics: time-to-security-approval ↓, questionnaire deflection ↑, shortlist inclusion ↑. 7- Offer marketing reviews: ensure messaging about security and data handling is accurate and relatable. Security isn’t just a safeguard — it’s a story. Tell it publicly. Teach your GTM teams how to use it. And watch how many doors start opening that you didn’t even know were closed.

If your cybersecurity  sales team leads with features, look at your founder narrative first. Cybersecurity founders rarely intend to create feature-first sales teams. But most do systematically. Here’s how it happens. Founders explain the product the way they had to fight to build it. Roadmap battles. Architectural tradeoffs. Why this detection method is better than the last. Sales listens carefully, and mirrors it back to the market. Now your reps are explaining: How your engine works Why your tech is “different” What makes your approach novel Meanwhile, the buyer is silently asking a very different question: “What risk does this remove from my life?” This is the disconnect. Security buyers don’t buy features. They buy risk displacement. Not: “What does this do?” But: “What problem stops being mine if I buy this?” “What meeting do I no longer dread?” “What incident won’t be traced back to my decision?” When sales leads with features: CISOs struggle to defend the purchase internally Deals stall after strong demos Champions lose confidence Technical wins die in budget reviews And founders blame: “Sales execution.” “Long cycles.” “Risk-averse buyers.” But the real issue sits upstream. Founders teach sales how to explain the product, not how the product changes the buyer’s risk equation. A strong CMO reframes the narrative: From capabilities → consequences From architecture → insulation From innovation → career safety Because in cybersecurity, the best sale isn’t: “This tool is impressive.” It’s: “This decision won’t come back to haunt me.” If your sales team is feature-heavy, don’t retrain them. Rewire what you taught them matters. That’s where real leverage lives. #CybersecurityFounders #CybersecuritySales #GTMStrategy #B2BSaaS #SecurityLeadership ------------------------------------------------------------ I’m Bhuvanesh , fractional CMO for cybersecurity companies. I help founders shift sales from feature explanations to risk removal narratives that convert. If your pipeline looks busy but conviction is weak, let’s have a conversation.

Most sales reps take 30 days to ramp up. I landed a meeting in 72 hours. Here is exactly how. Day 1: The Research On my first day, I studied old call recordings. I didn't look at product features. I looked for "pain." I found 3 challenges that actually matter to our prospects. Day 2: The Connection I met the CEO of a company in our ICP at an event. Lucky shot. I used the "Ask, don't tell" method. ➡️ What do you do? ➡️ What brought you here? When he asked about me, I told him that I recently joined this company solving the 3 pains from Day 1. He recognized these pains and gave me a direct referral to his CISO. I didn't have to be proficient with our product. I had to understand his world. Day 3: The Outreach I didn't wait. I emailed the CISO in the morning with the CEO in CC. Then I called him at 5:05 PM. The script was simple: "Your CEO and I chatted. He said we should talk. Do you have 2 minutes?" We talked about the pains from Day 1, and I asked if they resonate. They did, so we booked a meeting. Key Takeaways: ➡️ Pain before features ➡️ Referrals are a cheat code. ➡️ Execution beats perfection. Stop overthinking. Start acting. PS: I'm sharing the exact email in the comments. Let me know what you think.

“The way to accelerate deals isn’t to skip calls. It’s to chop the time BETWEEN your calls.” Top reps don’t skip steps in the process, they just compress the gaps between touchpoints. One of my reps said to me today: “It’s mad that a 2‑month deal might only involve 4 hours of actual calls… you could basically close a deal in an afternoon, if those meetings were back to back.” Here’s how elite sellers reduce latency in deals to close faster & have maximum momentum: 1. Double calls or default to tomorrow If momentum’s high, stack calls on the same day, a discovery at 10am and a technical session at 3pm beats waiting a week every single time. And when you can’t double up the same day? Set the next call for tomorrow. Most reps default to 48 hours or worse, which needlessly increases the sales cycle. 2. Pre-Schedule Multiple Calls If you know their diary gets slammed, get 2–3 placeholders in the calendar upfront. Remove scheduling friction before it appears. Alternatively, a weekly cadence of 15 mins chats every Tuesday/Thursday can work wonders. DONT underrate the value of meeting holds as slot to anchor accountability towards, aka. “We need the figures for that business case, let's agree to get it to you by Tuesday am to review in our call.” Remember: people are busy, and a meeting gives them a clear deadline to work towards. 3. Ruthless Deal Selection Deal velocity requires your own calendar availability. Be strict with the deals you entertain so you can be hyper-available for the ones that deserve it. 4. Never Skip Deep Discovery Racing to commercials can feel like you’re creating urgency…until you realise you built a plan with no depth. Don’t rush, simply move decisively in discovery so you can close fast later on. 5. One Purpose Per Call Don’t merge two agendas for speed: Discovery + pricing. Technical + procurement. Champion test + legal. When you cram it, you do neither well, and end up needing more calls. 6. Don’t Wait Until the Next Call to Ask for Something Top reps don’t wait for the next meeting do make progress. If they need numbers for a business case, a contract owner’s name, or clarity on a blocker…they pick up the phone and call. That way, when the next call happens, it actually fulfils its purpose. 7. Urgency fuelling momentum is a deal closing practice in itself Fast follow-ups. Recaps sent within the hour. Assets delivered before they ask. You’re not just selling, you’re managing tempo. 8. Protect Cadence at All Costs When gaps widen, enthusiasm cools, champions get distracted, priorities shift, and deals decay. Your job is to keep the window warm. 9. BAMFAM Isn’t Optional For Qualified Opps Book A Meeting From A Meeting. Every. Single. Time. Even if it’s a placeholder. You don’t need fewer calls. You need less time between call and to get what you need to from each call. If you want faster sales cycles, focus on tempo, not shortcuts.