Here is a transcript generated by otter.ai of The Content Mix podcast interview with Michael Heering, marketing director at SANS Institute, a global cybersecurity company:

Carlota Pico 0:15
Hi, everyone, I’m Carlota Pico from The Content Mix. And I’m excited to be here today with Michael Heering, who is SANS Institute marketing director for the EMEA region and also APAC and has over 11 years of experience in marketing and communications. Welcome, Michael. And thank you so much for joining us today on The Content Mix.

Michael Heering 0:36
Thanks, Carlota. Glad to be here.

Carlota Pico 0:39
Awesome. Well, it’s a pleasure to have you so let’s jump straight into the interview. Could you tell me a little bit about your background and how you got to where you are today?

Michael Heering 0:49
Sure, happy to. Well, I started off 11 years ago, coming out of Brussels University after doing a study in marketing communications. I worked in The Dutch tourism branch first where I had to convince Dutch people to—well sorry, Belgian people—to start visiting the Netherlands, which was very convenient for myself being born in Belgium, raised by Dutch people, my Dutch parents and then moving to Holland myself. And, eventually I got to the Netherlands after about two or three years where I started work at a marketing automation startup, Copernica Marketing Software. But that taught me a lot in the in the realms of marketing automation and email marketing. And from there, I got introduced to Sophos, so the world of cybersecurity and when I entered that world, got a bit paranoid at first when I discovered what happens on the internet, but it was an amazing, amazing chance, you know, to develop myself but also to introduce Sophos into the Benelux market. And then after having spent three years there, I got an opportunity at the SANS Institute, and that’s where I’ve been for for almost three years now.

Carlota Pico 2:16
Okay, well, I will be picking your brain in terms of what should we watch out for when it comes to cyber security! Which leads me to my next question, because of course, it affects everybody right now, especially since all companies have been forced to work remotely, which is obviously a result of the health crisis right now, COVID-19. But anyways, speaking first about COVID-19 and also cyber security. There’s been loads of different phishing emails and business emails that have been compromised lately in 2018, even before COVID-19, and this cost companies $1.2 billion, according to the FBI, so I would love to learn how companies can protect their information and what is SANS Institute doing to support its community?

Michael Heering 3:11
Sure. Well, there’s a whole wide variety of things that you can do. But I think that the main, the main factor and the main thing to mind and that’s what we always try and inform our customers about. But that’s probably the same other security vendors will tell their customers as well. It all starts with people. So it’s educates educating your people to be more more aware of things that are going on, especially around phishing emails. It’s it’s these very simple tricks that you have, well you have to know about but if you know about them, you’ll spot them more easily. Things like your bank will never send you an email. If there’s a sense of urgency in an email always have second guesses and second, doubts That’s adding urgency to an email as us market tiers will know helps, yeah… hybrid and cyber criminals in a way or marketeers themselves as well…they know how to sell, they know how to push your button and get you to push that button by adding that sense of urgency by making you feel uncomfortable and think you should act on this email. And that’s things if you know about that, you’ll quite quickly pick up on that. And then that helps prevent phishing attacks quite easily. If your CFO sends you an email in the middle of the weekend to say, “Hey, I need you to do this for me,” probably best to just pick up the phone and give him a call to say “Does this really need to happen over the weekend?” Nine times out of 10 you’ll find out it’s just a phishing email.

Carlota Pico 4:50
Wow. That’s extremely scary, Michael. Oh, well. Luckily, I haven’t been a victim of cyber security, but it’s awesome that if I ever were to have any doubts, I can hopefully give you a call and say, “Hey Michael, what’s going on here? Am I being a victim?” So anyway for those people that don’t have the opportunity to reach out to you directly what is SANS Institute doing to support his community? How is SANS Institute educating its audience?

Michael Heering 5:21
um, several things we, at the moment we’ve, we’ve launched several free conferences. That is new to us as well, we’ve, we’ve never really done these big online virtual events. But that’s, that’s been a new challenge for us. It’s been very interesting journey for us as well. We tend to have about 300 to 500 people attending some of our larger summits. But by opening up this, the summit’s to the online world and also to make them free for all we’ve attracted crowds of over 9000 to 10,000 people at our summit. So that’s a way to educate people. But next to that we—SANS—actually has different subsidiaries, you’ve got SANS Institute itself as the training institute that trains professionals like the CISOs and the IT managers and security manage security analyst, we all train those. But next to that, we also have our security awareness side where we offer companies, you know, solutions to train staff on security awareness. And when COVID-19 hit, we, we kind of felt it was part of our mission to to provide all these companies that have that all of a sudden we’re faced with work from home situations and with a remote workforce, a lot of them not being used to having all their staff work from home. We thought we kind of need to help out so that’s why we released our secure for our secure work from home kit, deployment kit for free, which was a load of content that usually you’d have to pay for. But given the situation, we want to offer that up for free. And then what was also, you know, special and needed to the community was that it was released in English first, but obviously because we are a global facing company and we’re you know, there’s, there’s a lot of organizations that need localized content. We also translated that content to make it available to organizations worldwide.

Carlota Pico 7:36
That extremely generous of SANS Institute to be offering all that content for free. From a marketing point of view, why is that budget and resources well spent?

Michael Heering 7:49
Well, mostly it’s because whilst we are, whilst we are well known amongst the cybersecurity industry, it is still, it is still for us to challenge to be more well known amongst other organizations and other industries. And that’s that’s obviously what I’m here for, for me and APAC, and what my colleagues in the US are for for the rest of America. But what it enables us to do is to reach out to a larger audience, it’s to build on our, you know, build on word of mouth to enable folks that are used to going to SANS who know the quality of our content, and to spread that word and reach out to their friends and their colleagues and say, “Hey, this, I’ve been going to this sense digital forensics summit for years. And it’s always been an amazing summit. Guess what, it’s online now, and it’s free, so you guys should really jump in!” And that’s, you know, we’ve kind of seen that over the last 24 hours because the digital forensics summit that we’re running in July, was not free until 24 hours ago when we opened it up to the whole wide world, we went from about 300 registrations to we’re up to 9000. Now, so 24 hours later, word spread fast.

Carlota Pico 9:11
Yeah, definitely, definitely. I do want to talk about remote work a little bit more. Some companies like Twitter have announced that remote work will be available to their staff indefinitely. What are your thoughts on that when it comes to cybersecurity? Not when it comes to remote work, of course, but when it comes to cybersecurity and what can companies do to protect their platforms or emails or technologies?

Michael Heering 9:39
Well, I’m not the technical expert myself, but it comes it comes back to what I mentioned before it’s educating your staff in terms of what to do and what not to do when you’re working on your laptop, your work laptop from home. Obviously, it’s ensuring that you you’ve got a strong VPN connection and a secure connection when you’re working on your your company servers. But and the rest it’s it’s honestly it’s most of the time. It’s just common sense. It’s don’t open dodgy emails on your company laptop, don’t visit dodgy websites on your company laptop. And you should be fine.

Carlota Pico 10:23
Okay, and if anybody does want to learn more, of course, you can rely on the resources that SANS Institute offers to its public.

Michael Heering 10:32
Absolutely.

Carlota Pico 10:33
Okay, well, I do want to talk about your blog. I’ve taken a look at your landing pages, and it looks like you’re feeding your blog almost every day, several times, sometimes even. So, why and how, why in terms of strategy, and would it be possible to disclose some of the results of pushing content out to your audience almost every day, and how in terms of how do you do this? I mean, to write so much content on a daily basis is a challenge for anyone and for any company.

Michael Heering 11:08
Sure, I mean that, like I said, we’ve…SANS is different subsidiaries and next to the security, we’re an aside we also have what we call the SANS Technology Institute. The Technology Institute is actually kind of a university where people can take an academic study in cybersecurity. Part of that study is also to write papers. And those analysts those papers will tie into our reading room. So that allows us to feed new content and every day, it also provides a platform for these students to showcase their knowledge and their capabilities to the world. And our biggest benefactor, if you will, of the, of our blog and to SANS’s status and popularity is our instructors. We have a, we have an immense, I wouldn’t well…immense… we’ve got a fabulous faculty of the world’s leading practitioners in different areas of cybersecurity. It’s about… it’s over 100 100 certified instructors and bear in mind it takes about a good two years for somebody to actually go through the educational cycle to actually become a certified instructor, SANS instructor, not necessarily certified instructor. And because these instructors are the best at what they do, we also look to them to create new content for us to ensure that they share their knowledge with the world and with our community. Obviously, that happens in class when they teach everything they know. They bring all their real life examples back to class but at the same time, because we want to provide that knowledge to those who don’t want to come to training class necessarily, we also use their knowledge and expertise to host webcasts to write white papers to write those blog articles. And to continuously feed into that community new knowledge for them to use and to consume. And it’s, it’s to be fair, it’s always a two way street as well. We see that in our classroom. But we also see that on on blogs and reactions on social media that we get when we push out content. Our instructors learn just as well from our students. So that interaction between community and instructors and SANS is always very important. So that’s, hopefully that kind of answers the strategy question. So and that helps us build that blog. And what we’ve seen as results is th at our community grows on a daily basis. We’ve got several newsletters that are linked to the different curriculum that we have. And those numbers, the lists and the subscriber numbers to those lists grow every day as well. We’ll always have that steady flow of subscribers, obviously, because the more content that we publish, especially over the last couple of weeks, when we pushed out a lot of new initiatives, we did see people unsubscribe as well, because it’s just too much content, which is fine and completely understandable. But it also, you know, by doing that free content and continuing continuing to publish new content, we just see our follower base grow as well.

Carlota Pico 14:28
Can you talk to me about some of those new initiatives that you’ve led during COVID-19 that you just mentioned now?

Michael Heering 14:35
Sure. So well, I already mentioned the free conferences. That’s one. Another one that we kicked off from by SANS itself was what we what we call the “Ask An Instructor.” Coming back to fact those instructors are top of their game. We felt another thing that we could do for these organizations that are in a status of ‘We’re all working from home, we don’t know what we’re going through. We don’t know what to do when we come back out of this in terms of cybersecurity.’ So we reached out to these organizations and said, “Hey, you know, if you want to, we have this, we have our faculty, we can set up a one to one session.” And what that allowed us to do as well, is at the same time showcase our new live online training platform that we, we launched. Because when COVID hit, we obviously went from a 10…well, I would say 70% in person training company, and classroom based training… to 100% online training company. Now we were fortunate enough a SANS to have had our on demand training platform, which had actually launched in 2003, following the SARS pandemic. So we had that but then we felt we want to replicate this classroom feel which brought in live online and doing these “Ask An Instructor” sessions with customers then shows that shows them that, you know, doing this virtual and live stream with the ability to interact over Slack or or through the GoToWebinar platform itself still provides some sort of a classroom feel. So that is one initiative, and the other initiative that we also did was we started to offer the ability to play Capture The Flags (CTF), so organizations to not not just challenge teams amongst themselves but also challenge teams of a competitor or challenge team, a friend of that company or just to ensure that they’ve got something to keep themselves busy during during these work from home months and then upcoming summer months.

Carlota Pico 16:55
Right. So what you’re doing is looking for different ways to create value for your community. Not only for your students but also to for those people that are going back to your website into your different channels looking for ways of protecting their content information, their technology. Excellent. So for you, it’s all about value and authenticity, right? When it comes down to marketing.

Michael Heering 17:18
Absolutely, yeah. So it all ties back into our our why as well. So the mission for SANS and that, that mission being, you know, we we are here to make the world a digitally safer place and to train the next generation of cyber security practitioners. So that all ties into that mission to ensure that we provide the community with the knowledge they need to do just that.

Carlota Pico 17:47
Okay, wonderful. Well, we are going to be moving into the set of rapid fire questions. But before we move into those recommendations, I do want to pick your brain on the challenges of working in Europe because you’re also leading SANS strategy in the APAC region. So what are the cultural differences? How do you approach marketing when it comes to doing it for the EMEA region versus doing it for the APAC region? What are the obstacles and yeah, tell me more about that please? Loaded question right!?

Michael Heering 18:20
Yeah, yeah. The the extra challenge for me and the team there comes that the the EMEA region is a bit further developed in terms of cybersecurity than APAC region. So that that immediately applies to the way you approach the the market there. There’s and there’s also difference in preference of what cybersecurity topics you know, are interesting to people in the Middle East, as opposed to what topics are very interesting to the people in Japan or in are in Singapore, in our, or in Australia, they all differ. So for us, it’s a constant challenge of testing and finding out what message resonates best per region and per country. I mean, being having lived and worked in Belgium for years, and then moving to the Netherlands, even that, those two countries are so different in approach, and in a way you can market to them. And that applies to all different countries. So the way we go about doing that and finding out what works, it’s just continuous AB testing, and trying out new things. Just see if something works. If it doesn’t work shelve it, try it at a different country, if it hasn’t worked in Germany, doesn’t mean that it won’t work in Saudi Arabia. And that’s a constant, you know, development. It’s constant testing.

Carlota Pico 19:57
Right. It’s about being as agile as possible, when it comes down to as quick, as agile and just testings out, if they don’t work move on, but not necessarily assume that it’s not going to work period ever around the world.

Michael Heering 20:13
No, that’s I mean, that’s one thing I learned from my, my, my superior here is, is just that what you just said is doesn’t mean that if it doesn’t work now that it won’t work in in six months, or that it won’t work in a different region, especially if you know that something worked in Europe a year ago, doesn’t work anymore now, but APACS, a little bit further behind than Europe when it comes to cyber security. So that strategy did a year ago in Europe might work in APAC now. So that’s, you know, again, it’s being agile and then taking that trying it out. And then the Find the opportunity to have all these different countries and smaller regions to your availability allows you to, you know, if you come up with something new, you don’t necessarily need to roll it out across the whole of EMEA, you can just select the country and then try it out there just on a very small scale, see if it works. If it does roll it out to the next, then works still works, you can start expanding the region and the region that you apply to campaign too. It’s it’s a lot of fun.

Carlota Pico 21:21
Yeah, marketing is always a lot of fun. A lot of changes and everything moves so fast. Always. So which can work exciting? Definitely.

Michael Heering 21:32
Especially now.

Carlota Pico 21:33
Yeah, especially now, especially now. I mean, as if we didn’t have enough excitement with COVID, we’d write excitement in quotation marks because I don’t think any of us are very happy about facing a pandemic.

Michael Heering 21:44
No.

Carlota Pico 21:45
This does lead me into one more question, I promise. Before we get to the rapid fire questions. I want to learn a little bit about your social media networks. Are they also focused per region, or do you have global channels that address just your globeal audience?

Michael Heering 22:02
We have a we have a global audience. We have a global chat. We have global channels. So for Twitter, Facebook and LinkedIn, we do have three global channels. When when I joined SANS, there were, there was an EMEA Facebook page, and a APAC LinkedIn page, I believe in an APEC page on Facebook. But again, what we found there was the global channel serves the bigger community. But there was also the requirement to serve the more local community, which in the EMEA channel is allowed to do for that region, and then the APAC channel is allowed to do for that region. And what our position in EMEA has allowed us to do is to start experimenting, again, it’s just looking to see what works and what doesn’t apply that to our channels. And then take the learnings that we applied and got from our local channels and provide that to our colleagues in America who ran the global accounts. And that’s you know, as every time a new feature was released, like recently the LinkedIn poll feature we were the first ones to try it out and see, is it something that we might want to use and apply to, to the rest of SANS and it definitely was. Not sure if we’ll be the first ones to try out Tick Tock but you never know. There’s always a first for that! We were the, we were the first as well to try out Instagram and and trying out new things there as well every day.

Carlota Pico 23:41
Okay, excellent. Well, now we will be moving into the rapid fire questions. It’s basically your recommendations to our audience. The first question will be an app or tool that you can’t live without or like you can’t work without?

Michael Heering 23:57
There’s there’s two, with Slack and Notion. Slack because it allows to communicate internally in these times. So you still have that “I’m around the office” feel. Notion because I’m a big advocate for very good internal communications as well. We as marketers tend to forget that internal communications is also still a very big part of your role and very important in organization, especially in these times. So, Notion is a very great app to actually do that.

Carlota Pico 24:28
Okay, excellent. Thank you. What about a marketing influencer that you follow, that you admire, that inspires you?

Michael Heering 24:37
And that’s that be Gary Vee—Gary Vaynerchuk. He’s…I know he’s based in the US but he’s a great content marketeer. And I’d recommend anybody who’s working with content, go and follow him because he’s got great insights in terms of how you apply content marketing within your organization.

Carlota Pico 24:55
Okay, it’s not a problem and he’s based in the US I follow Guy Kawasaki, as well as basically In the US, and I absolutely love his content when it comes to marketing insights. He’s behind the Canva platform. And last but not least, what about a valuable European group or event that might be online now because of the health crisis, but that has traditionally been in person.

Michael Heering 25:22
I’d say The Next Web. I’ve never had the opportunity to actually visit The Next Web conference. But they recently ran their rebrand conference completely, virtual that was a great conference, and I’m looking forward to attend to attend several others to the, in the near future. And we’re definitely stealing some learnings from how they did that for our summits and our events.

Awesome. Good! And what made that event so special?

I think it was same as with our summits now, really, it’s the the access to amazing content. And value added content at your home, and then also to be able to see that you’re not the only one out there. There’s a very big community, I think they also had about three or 4000, or even five or more thousand visitors. So that’s… I find that great. And again, it’s very important to then have great content, good moderators, and to have great takeaways from conference, which I definitely did… so.

Carlota Pico 26:31
Excellent. Well, Michael, those are great tips. Thank you so much for joining us on TheContentMix.com today. It’s been a pleasure to talk with you.

Michael Heering 26:42
It’s been great being here, thank you.

Carlota Pico 26:43
Thank you! And to everybody listening in thank you so much for joining us on TheContentMix.com. For more perspectives on the content marketing industry in Europe. Check out TheContentMix.com. We’ll be releasing interviews just like this one every day so keep on tuning in! Until next time, stay well and safe. Bye!

Transcribed by https://otter.ai