Cybersecurity Stopped Selling Growth and Started Naming Attacks.
May's Cybersecurity data is in, and two big shifts moved the conversation since the prior period. We score every leadership interview on seven behavioral factors using a 1–5 scale (Narrative, Operations, Data, Technology, Risk, Growth, Stakeholder). Growth orientation dropped from 3.56 to 3.04 — a 0.52 decline on that scale, the largest single-factor move in the segment this month. Narrative orientation surged from 3.45 to 3.85 — a 0.39 climb in the opposite direction.
Less growth-pitch, more story. That sounds like marketing language. It isn't. The story being told isn't a growth story. It's an attack story. The active power vocabulary in cybersecurity moved from emotional intensifiers ("critical," "absolutely") to specific technical terminology ("blast radius," "remote code execution," "persistence," "unauthorized access"). The industry got less about how-much-of-it and more about what-actually-happens.
That shift matters for anyone building product, content, or sales motion into the security buyer.
Go deeper: Explore the full Cybersecurity Intelligence Profile for real-time buyer signals, language patterns, and positioning data.
The Factor Profile
| Factor (1–5 scale) | May | Prior | Shift |
|---|---|---|---|
| Stakeholder | 4.39 | 4.40 | -0.01 |
| Technology | 3.90 | 3.95 | -0.05 |
| Narrative | 3.85 | 3.45 | +0.39 |
| Data | 3.47 | 3.44 | +0.02 |
| Risk | 3.15 | 3.26 | -0.11 |
| Operations | 3.09 | 3.17 | -0.08 |
| Growth | 3.04 | 3.56 | -0.52 |
Two factors moved meaningfully. Growth dropped 0.52 — a half-point decline in a single quarter. Narrative climbed 0.39. Everything else held.
The growth drop is worth pausing on. Cybersecurity buyers were never aspirational growth talkers — the function exists to prevent loss, not drive expansion. A 3.56 growth score in the prior period was already on the lower end of the seven-factor profile. A 3.04 in May brings it close to the floor for this segment. The industry is settling back into its core posture: defend first, talk about growth later.
The narrative climb is the more interesting signal. Security leaders are storytelling more. Not pitching more growth — telling more incident stories, more architecture stories, more threat-actor stories. The shift toward concrete narrative usually shows up when an industry is trying to make complex realities legible to non-experts. Cybersecurity is doing more translation work than it was three months ago.
The Vocabulary Got Technical
Power words that surged from prior period:
| Phrase | May | Prior | Change |
|---|---|---|---|
| Exploit | 6 | 0 | NEW |
| Blast radius | 6 | 0 | NEW |
| Unauthorized access | 3 | 0 | NEW |
| Remote code execution | 3 | 0 | NEW |
| Persistence | 3 | 0 | NEW |
| Breach | 3 | 0 | NEW |
| Context | 3 | 0 | NEW |
| Compromised | 3 | 1 | +200% |
| Empower | 3 | 1 | +200% |
| Deny by default | 3 | 1 | +200% |
These aren't pitch words. They're operations-room words. "Exploit." "Blast radius." "Remote code execution." "Persistence." This is the vocabulary of someone walking through a post-incident review, not someone briefing a board.
That's the most striking pattern in the segment this period. Cybersecurity executives, in podcast and long-form interview settings, are reaching for technical attack vocabulary as their power vocabulary — the terms they use to make a point land. The signal is that the industry's leaders increasingly trust audiences to parse the technical language. Or they've stopped softening it.
The Vocabulary That Faded
| Phrase | May | Prior | Change |
|---|---|---|---|
| Critical | 3 | 14 | -79% |
| Visibility | 5 | 10 | -50% |
| Secure | 3 | 7 | -57% |
| Absolutely | 3 | 5 | -40% |
"Critical" dropping 79% is the headline. It was the dominant intensifier in last month's cybersecurity language — used as a catch-all to mark importance. In May's data, leaders are naming what's critical instead of declaring something is. "Critical vulnerability" became "remote code execution." "Critical exposure" became "blast radius." The work the word "critical" was doing got distributed into more specific terms.
"Visibility" dropping in half is also notable. The market spent two years selling and buying "visibility platforms." That word may be reaching saturation as a positioning angle. Buyers want to know what you actually see — not whether you offer "visibility."
The Top Jargon
| Term | Mentions |
|---|---|
| CISO | 14 |
| Zero trust | 10 |
| Privilege escalation | 8 |
| EDR (endpoint detection and response) | 8 |
| Supply chain attack | 7 |
| PII | 6 |
| CVE | 6 |
| Blast radius | 6 |
| Agentic AI | 6 |
| Zero days | 5 |
| Prompt injection | 5 |
| MFA | 5 |
| LLM | 5 |
| Social engineering | 4 |
| Ransomware | 4 |
The classic cybersecurity terminology holds — CISO, zero trust, EDR, CVE. The notable additions are "agentic AI" and "prompt injection," both at meaningful counts.
That pairing is the AI-as-attack-surface conversation finally landing in cybersecurity vocabulary. Agentic AI shows up as both a tool the defender uses and a category the defender now has to defend against. Prompt injection is the attack vector that didn't exist as a serious topic two years ago. Both terms entering the top jargon means the AI security category has graduated from emerging concern to working vocabulary.
What's Missing From the Data
Cybersecurity returned no consolidated red flags or priorities at the n≥2 threshold this period. Every interview surfaced different specific concerns and different specific priorities. That fragmentation tells its own story: the security conversation right now is heterogeneous. Each shop is fighting a slightly different fight, with a slightly different stack, against slightly different threats.
That's consistent with the narrative climb. When the conversation fragments, leaders default to telling specific stories rather than reaching for shared themes. "Here's what happened to us" replaces "here's what the industry needs."
What This Means for Buyers and Sellers
If you sell into cybersecurity, the message is: lose the hype words. The buyer is using technical, specific, post-incident language. Pitches that lead with "critical," "phenomenal," or "transformational" sound off-key. Pitches that lead with what attack you stop, where you reduce blast radius, or how you prevent persistence will land in the vocabulary the buyer is currently using.
The agentic AI and prompt injection vocabulary is the wedge for new positioning. Any vendor that can credibly speak to AI-driven attacks or AI-augmented defense has a vocabulary alignment with the buyer that wasn't available three months ago.
If you're inside cybersecurity, the most important thing to watch this month is whether growth orientation continues falling or stabilizes. A continued decline below 3.0 would suggest the segment is fully retreating into pure-defense posture — which has implications for board narratives, hiring conversations, and CISO mandates. A reversal would suggest the early-summer sobriety is settling.
The vocabulary already moved. The posture is still moving.