"Whoever sells awareness with fear sells not safety but dependence." The cybersecurity market increasingly attracts parties who seem to understand more about marketing than about safety. They sell fear, urgency and spectacle, instead of knowledge, behaviour and culture. I call them cyber charlatans.
The real problem: fear sells, but teaches nothing
Fear is a powerful sales instrument. An exciting demo in which a hacker cracks a password live, a threatening story about millions in damage, a presentation full of scary figures — it makes an impression. People are startled, and startled people buy. But fright is not knowledge. And an organisation that acts out of fear builds not safety, but dependence.
Because what happens after such a fear session? Employees feel powerless instead of capable. They remember the threat, but not what they can do about it. And the vendor? They stand ready to sell "the solution", preferably an expensive product or subscription that eases the fear temporarily but never removes it.
Real awareness is about competence, not fear
Good security awareness does exactly the opposite of sowing fear: it gives people confidence. It shows that safety need not be complicated, that everyone can make a difference, and that making mistakes is allowed, as long as you learn from them.
An employee who feels capable behaves more safely than an employee who is afraid. Competence leads to action, fear to paralysis. That is why a calm, clear explanation of how to recognise a phishing email works better than a spectacular hacking demo that mainly impresses.
So watch the tone of a provider. Does someone mainly sell threat and urgency? Be careful. Does someone give you a course of action, concrete skills and realistic expectations? Then you are probably in good hands.
How do you recognise a cyber charlatan?
There are a few clear signals. A cyber charlatan leans heavily on fear and spectacle, promises fast and complete solutions, and mainly sells products instead of behaviour. The message is often: "The world is dangerous, and only we can save you."
A serious party does it differently. They acknowledge that safety is human work, that it takes time, and that behaviour matters more than technology. They promise no miracle cure, but a process. And ultimately they make you more independent, not more dependent. That is perhaps the best distinction: a good provider works itself out of a job, a charlatan makes sure you can never do without them.
Related articles
FAQ
What is the difference between urgency and fear selling?
Urgency is factual ('this risk is real, here is what you do'). Fear selling is manipulative ('be afraid, buy our product') without a course of action.
Can you never show threat in awareness?
Yes you can, provided it is tied to a course of action. Threat without a solution paralyses; threat with a solution motivates.
How do you recognise a charlatan in a sales conversation?
Ask: 'What should employees do differently after the training?' No concrete answer means probably a fear seller.
What is a healthy sign in a provider?
That they talk about behaviour, repetition and culture, not about a one-off spectacular intervention or a miracle-cure product.