Building the category. Messaging to CISOs before the market has a name for the problem.
When I joined Onyx Security, there was no playbook. No established category, no analyst quadrant to cite, no competitive matrix to reference. There was a thesis: enterprises are deploying AI faster than they can govern it, and the resulting exposure is real. My job was to turn that thesis into a market position.
That's category creation. You're not differentiating within something buyers already understand. You're explaining why the problem exists before you explain why your solution matters.
Shadow AI is the new shadow IT. The attack surface expanded almost overnight. Most enterprises are still mapping it.
Employees are connecting company data to AI tools IT never approved, building workflows on infrastructure security never reviewed, and using models whose data handling nobody has audited. The gap between AI adoption speed and AI governance maturity is where Onyx operates. My work is to make that gap legible to the CISOs who are responsible for closing it.
The challenge with this audience isn't awareness. CISOs know AI is moving fast. The challenge is translating a diffuse, systemic risk into something concrete enough to justify budget and specific enough to anchor a buying decision. Not fear-based, but precise enough to hold up in a room with a technical executive.
There's also a board dimension. CISOs are being asked about AI risk by boards who don't understand the technology but understand liability. Part of the content work at Onyx is building messaging a CISO can take upstairs without editing out the vendor speak first.
Building the marketing function from zero at a stealth-stage company means making decisions on every dimension simultaneously: positioning, persona definitions, messaging hierarchy, content strategy, analyst and media relationships, event presence. The infrastructure that established marketing teams take for granted doesn't exist yet. That's the job.
The product is in stealth. The category is forming. The CISOs who will define enterprise AI governance posture are already in the room at the dinners and events where Onyx shows up. Getting the narrative right now matters more than it will later. First impressions in a new category tend to stick.
CISO dinner, a panel, or a direct conversation about where enterprise AI governance is headed.