The Market Didn't Tell You To Stop. You Flinched.

I was on an onboarding call with a guy I'd just brought into my coaching program. Sharp kid, early twenties, based in Switzerland, had already closed his first client in the cybersecurity space. He was doing appointment setting for a compliance consultant - the kind of guy who goes into companies and rewrites their security policies to keep them out of legal trouble.

Before I looked at the emails, I asked him to walk me through the offer. And he said something that I've heard a hundred times, in a hundred different forms, from a hundred different service providers.

He said: "The client told me not to use fear. When he pushes security too hard, prospects tell him their IT team already handles that. So he switched to compliance language."

I stopped him right there.

Because what this consultant had described - framed as a market insight, delivered with the confidence of someone reporting hard-won research - was one of the most common and most expensive mistakes in sales. He wasn't reporting what the market said. He was reporting what happened when he got uncomfortable and stopped pushing. And then he invented a professional-sounding reason to justify stopping.

Let me explain exactly what happened, and why it matters for anyone selling services - especially anything in tech, security, or consulting.

What the Emails Actually Looked Like

When the guy shared the email copy, it read like a compliance brochure. Phrases like "helping you meet regulatory compliance requirements" and "protect your client relationships." Technically accurate. Completely dead on arrival.

I told him straight: nobody's going to read that and feel anything. Nobody wakes up sweating about regulatory compliance language in a cold email. There's no urgency, no fear, no reason to respond.

The email he sent me also had a stat in it - something like "I recently helped a CPA firm cut their financial exposure by 76%." Which on paper sounds impressive. But "financial exposure" doesn't mean anything to someone reading fast. 76% of what? Two dollars? Two million? You have to make the number real. You have to make someone feel the size of what they could lose - or what they already lost - before a stat like that lands.

I rewrote the framing on the spot. Something like: a CPA firm just got hit by a hacker. Lost two million dollars. I went in, made a few changes to their security stack. Six months earlier, that never would have happened. I want to make sure you don't have the same vulnerabilities. Mind if we talk?

That's fear. That's the thing that works in cybersecurity. Not because I'm being manipulative - because it's true. These attacks happen constantly. The fear is legitimate. The consultant has real case studies. He's just been trained to bury them under polite language because somewhere along the way, a prospect pushed back and he took it personally.

Why Salespeople Abandon Their Strongest Angle

Here's what actually happens when a service provider stops using their most effective angle.

They make a pitch. A prospect pushes back - "our IT team handles that" or "we're already compliant" or "we don't really have that problem." And instead of pushing through or reframing, the salesperson hears that objection and thinks: the market is telling me something.

So they soften the angle. They switch from fear to compliance, from urgency to features, from specific loss to vague benefit. And for a little while, they get fewer objections. Because nobody argues with a sales pitch that doesn't say anything provocative.

But they also get fewer closes. Because nobody gets moved by a pitch that doesn't say anything provocative.

The objection wasn't market feedback. It was one prospect, probably not even a qualified one, doing what prospects do - deflecting. And the salesperson treated it like a referendum on the entire approach.

The golden rule I gave the guy on this call: clients have no idea how to do marketing, or they wouldn't have hired you. The compliance consultant is an expert in security. He is not an expert in selling security. Those are different skills. When he tells you "don't use fear," what he's actually telling you is "fear made me uncomfortable and the prospect pushed back and I didn't like how that felt." That is not data. That is discomfort dressed up as strategy.

The Difference Between Market Feedback and Rationalized Retreat

This is the part that matters most, so I'm going to be specific.

Real market feedback looks like this: you send 500 emails, you get 15 responses, and 12 of them say the same specific thing. You run a sales call script for three months and you notice a consistent drop-off at one particular question. You A/B test two completely different angles at scale and one gets three times the reply rate of the other. That's data. That's the market actually telling you something.

Rationalized retreat looks like this: one prospect said "our IT team handles that" and it felt like a wall, so now you don't push on IT-related fear anymore. One client told you compliance language converts better, so you switched the whole campaign. You got three no's in a row on a cold call opener, so you changed the opener instead of practicing the conversation that follows it.

The difference is volume and specificity. Real feedback shows up repeatedly, across different prospects, across different contexts. Rationalized retreat shows up once, feels bad, and gets promoted to policy.

What makes this particularly tricky is that the retreat usually sounds reasonable. "The market told me to" sounds like you're being data-driven. It sounds like you're listening and adapting. It sounds like the opposite of stubborn. But if you haven't actually tested the alternative at scale, you don't know. You just know it felt bad once.

What Actually Works in Cybersecurity Sales (and Why Fear Is the Right Tool)

I've booked tens of thousands of meetings for IT and tech agencies. I've helped close over $30 million in cash for agencies selling development and security services through cold outreach. So I'm not theorizing here.

Cybersecurity sells on fear because the threat is real and the consequences are catastrophic and the buyer knows it. A law firm that gets ransomwared loses client data, faces lawsuits, and potentially loses their entire practice. A construction company that gets hacked can lose multi-million dollar contracts - there was an example in the guy's original email about exactly that. An accounting firm that gets breached can watch everything they've built get handed to a competitor.

When you walk into a sales conversation armed with news articles about firms in that industry getting attacked - real stories, real numbers, real outcomes - and you connect that to what could happen to this specific prospect, you're not being predatory. You're doing your job. The threat is real. The question is whether they take it seriously before or after it happens to them.

What I told the guy to do: pull up current news about cyberattacks targeting the exact vertical you're selling to. If you're selling to accounting firms, find the accounting firm that got hit two years ago. Put that article on your desktop. Bring it up on the sales call. Show them. Let them see the actual headline, the actual company, the actual number.

Then let them tell you their IT team has it handled.

Some still will. That's fine. But the ones who were on the fence? They're not on the fence anymore. They're scared. And scared people who have a way to fix the problem will pay to fix the problem.

This is not manipulation. This is giving someone accurate information about a risk they face and offering to help. The alternative - sending emails about "regulatory compliance requirements" that make nobody feel anything - doesn't protect the prospect. It just makes the salesperson feel like they're not the bad guy.

The Free Assessment Trap

While I had the guy on the call, he also floated another idea that came from the same instinct: offer a free security assessment to reduce friction and get more people on calls.

I've never had success with free assessments. Not in security, not in marketing, not anywhere. And here's why.

When you charge for the first engagement - whether it's $6,000, $12,000, whatever the number is - the client takes you seriously. There's a contract. There's skin in the game. They'll actually show you the full system because they trust you enough to have paid you. They're bought in before you start.

When you offer a free assessment, especially in cybersecurity, you introduce a different problem entirely. You're basically telling a stranger: "Let me look at all of your security vulnerabilities for free. Show me everything you have. No contract, no payment, just let me in."

From the prospect's perspective, that pitch could be a hacker running a phishing operation. Or at best, it's some random vendor with no skin in the game. Either way, it erodes exactly the trust you need to do the actual work.

Charging for the first engagement communicates expertise and creates commitment. The friction isn't a bug - it's a feature. It filters out the people who were never going to take security seriously anyway, and it signals to the serious buyers that you're the kind of person they should trust with their most sensitive systems.

Free assessments come from the same place as compliance language: the desire to reduce pushback. And they produce the same result: a watered-down approach that doesn't close.

The One Exception to Listening to Clients

I want to be fair here. I'm not saying never listen to clients. I'm saying there's a specific thing clients are bad at, and you need to know what it is.

Clients are great sources of information about their industry, their buyers, their specific pain points, their existing relationships and constraints. If your client tells you "these companies don't respond to cold email at all, they only buy through referrals," that's worth testing seriously. If they tell you "these buyers take six months minimum to make a decision," factor that into your expectations.

Clients are terrible sources of information about which sales angle will work. They are not marketers. They don't know which emotion moves their buyers. They haven't A/B tested anything. They have emotional reactions to pitches the same way everyone does - and they mistake their emotional reaction for market intelligence.

When a client says "don't use fear," what they're reporting is their own discomfort when prospects pushed back. When they say "compliance language works better," what they're reporting is that compliance language generated fewer objections. Both of those things can be true and still be completely wrong as sales strategy. Fewer objections is not the same as more closes.

Your job as the marketer or the appointment setter is to go back to first principles: what is the most compelling, true, specific reason this buyer should take action today? And then build the pitch around that - not around what makes the client feel comfortable when they hear you say it.

How to Actually Tell If Your Angle Is Wrong

If you're sitting on a campaign right now and you're not sure whether to change the angle or push harder, here's the framework I use.

First, look at volume. If you haven't sent at least a few hundred emails or made a few dozen calls with this angle, you don't have data. You have anecdotes. Don't change anything yet. Get volume first.

Second, look at where the drop-off happens. Are people not opening? That's a subject line problem, not an angle problem. Are people opening but not replying? Now you're into angle territory - the content isn't landing. Are people replying negatively or with specific objections? That tells you a lot about what they're thinking and what you need to address.

Third, A/B test before you abandon. Send one version with the fear angle and one version with the compliance angle to equivalent lists. Look at reply rate, not just open rate. If compliance genuinely beats fear at scale, then okay, the client was right. But I'd bet against it.

Fourth, look at the quality of the responses you're getting. A campaign that gets five replies but two of them are serious conversations is often better than a campaign that gets fifteen replies but they're all "not interested." Fear angles sometimes generate stronger negative reactions and stronger positive ones. That's fine. You want the buyers who are scared, not the ones who are indifferent.

If you want to go deeper on building the right outreach structure from scratch, I put together a full breakdown in the Best Lead Strategy Guide - it covers how to sequence this stuff so you're testing the right variables in the right order.

One More Thing the Guy Did Right

I want to end this on a positive note, because the guy I was coaching was doing something right that a lot of people miss.

He had niched down. He wasn't selling to "agencies" or "tech companies." He was selling to cybersecurity companies specifically. And that specificity - even without knowing it - was already doing half the work for him.

When you tell me you're selling to cybersecurity firms, I can immediately picture the conference where those people will be. I know what keeps them up at night. I know what news cycle they're plugged into. I can find the trade publications they read. I can build a list in a B2B database filtered specifically to that vertical. I can build sequences that reference their world.

When you tell me you're selling to "IT companies," I can do none of that. It's too broad. I can't find the right conference. I can't find the right fear. I can't find the right case study reference. Everything gets generic, and generic doesn't close.

He figured this out without being told. Now the job is to not let the client talk him out of the thing that's actually working - which is the specific, fear-based, case-study-driven pitch that got him his first close without a single case study to show for it.

Someone bought without seeing proof. That's the market actually telling you something. That's a green flag. That's the direction to run.

Don't let one prospect's pushback turn a green flag into a reason to retreat.

The Bottom Line

The compliance consultant didn't do market research and conclude that compliance language outperforms fear. He got uncomfortable when prospects pushed back on the fear angle, and he invented a professional reason to stop using it. His marketer - the guy I was coaching - took that explanation at face value and built a campaign around it.

This is how the strongest angles die. Not because they don't work. Because someone flinched, rationalized the flinch, and then taught the flinch to everyone downstream.

When a client tells you to change your angle, ask one question: did you actually test both, or did one of them just feel bad? If they can't answer that question with data, you already know what happened.

The market didn't tell you to stop. You stopped. Own the difference, and go back to what works.

If you're building out your outreach from scratch and need to get the fundamentals right before you even get to angle questions, grab the Cold Email Manifesto - it covers everything from targeting to offer structure to sequence design. And if you want to get into a room where we look at live campaigns together and fix exactly this kind of thing in real time, check out Galadon Gold.