Two weeks ago I told you cloud observability had taken the #1 theme and AI governance was fragmenting into three buckets. That story rebalanced fast.
This period: 44 buying signals from 22 companies in 14 days. AI security and governance is back at #1 — 8 signals, up 33% over the prior two-week window. The cloud observability surge cooled to 4 signals (down 64%). And pentesting and vulnerability management, which had zero signals two weeks ago, is now the #3 theme with 4 firms actively shopping vendors.
Three quotes that explain what's actually happening.
We need to rotate and change pentesting vendors yearly. Adding new options to our list just makes sense.
We have many active AI initiatives. We also have an active project to improve our DLP program — using AI is a key attribute.
Looking for a tool that gives us unified visibility into where sensitive data lives, who/what can access it, and how AI tools might expose it. As we scale copilots and LLMs, we need a platform that keeps us ahead.
These aren't info-seekers. They've named the project, named the budget owner, and named the timeline. Most vendors don't find out about projects like these until the RFP drops. By then, the shortlist is closed.
Who entered the network
These leaders joined or submitted new meeting requests in the last 28 days. They are actively requesting vendor conversations now.
VP, Head of Tech & Cyber Governance — LPL Financial ($17.0B revenue, 14,729 employees)
Senior Vice President, Strategic Relationship Management, IT — Worley ($7.4B revenue, 51,000 employees)
VP, Chief Technology Officer — WellStar Health System ($2.5B revenue, 19,239 employees)
Chief Information Officer — Strike ($2.5B revenue, 4,000 employees)
VP & Chief Information Officer — Villanova University ($540M revenue, 5,498 employees)
Chief Information Officer — Open Door Community Health Centers ($127M revenue)
Chief Information Officer / Chief Technology Officer — George Fox University ($151M revenue, 1,764 employees)
Chief Information Security Officer — JAMS, Inc. ($56M revenue)
Director of Information Technology — Osage Nation
Director of Information Technology — Prairie Band Potawatomi Nation
Members typically take 2–3 vendor meetings per quarter. Once those slots are filled, the window closes for the cycle.
What they're working on
Moving 1,200 developers from Cursor to GitHub Copilot due to cost. Need a partner to prove AI ROI and track productivity across complex Jenkins/Artifactory pipelines. (IT Director, global telecom software company)
Required annual penetration testing for a financial institution — 1–2 vulnerability and pen tests per year. Actively evaluating new vendor options. (Director of Information Security, regional bank)
Pentest vendor rotation policy — required to swap pentest vendors annually. (Manager of Information Security, top Canadian law firm)
Active AI initiatives plus an active DLP improvement project where AI is a key attribute. (Divisional SVP, $13B U.S. insurance carrier)
Unified data visibility platform for AI exposure — where sensitive data lives, who can access it, how copilots and LLMs might expose it. (Sr Director IT & Analytics, Federal Home Loan Bank of San Francisco)
MITRE ATT&CK-style threat mapping, OT threat modeling, improved detection coverage and more actionable threat intelligence. (CISO, $4B+ Alaska-based holding company)
End-user AI usage visibility — getting visibility into AI tool usage and file uploads to unauthorized AI services. (Manager of Information Security, top Canadian law firm)
ITSM platform replacement — currently iVanti, evaluating ServiceNow and other options. (Director, Applications Management, Am Law 100 firm)
MSP replacement targeted for late Q3. (Director of IT Operations, mid-market retail)
Cloud-only monitoring gap — moving to cloud, but on-prem Zabbix is "after-the-fact" and not providing real insight. (Director, IT Security, national real-estate association)
Proof it works
Last issue I shared the headline outcome stats: 78% of meetings advance to a next step, 22% turn into qualified pipeline, 8.2 out of 10 average member rating.
Two weeks of fresh data: the next-step rate is 82% across vendor meetings tracked this period. Average member rating held at 8.17 out of 10. The system isn't softening — it's tightening.
The number that matters most for vendors: 92% of the members vendors met with this period are in market for the service inside 12 months. 48% inside 6 months. 20% inside 3 months.
The "let me think about it for next year's planning cycle" member doesn't exist on this network. Members come because they have an active project. They take the meeting because the brief told us what they're solving. They book the next step because the pitch matched the brief.
That's the system. It's not luck.
The Close
You can't cold-call the VP of Cyber Governance at a $17B financial services firm and get 30 minutes about their next AI project. You can't buy a list that tells you four firms are mid-pentest cycle this month.
But these leaders are in the network. They've told us what they're buying. The vendors who get in front of them this month are the ones on the shortlist when budget unlocks. The vendors who wait are the ones cold-pitching after the RFP drops.
Reply and let's talk about getting you in the room.