The Signal
Two weeks ago, AI security and governance held the #1 theme with 8 signals. This period stretched further and was split.
51 buying signals from 28 IT teams in 14 days. Roughly 9 of those are about governing AI — finding shadow AI, building governance frameworks, putting guardrails on agentic platforms. Another 7 are about deploying AI to fix real operational pain, alert fatigue in the SOC, contact center automation, ERP back-office work, and dev pipeline standardization.
Same theme on both sides of the table.
Everybody and their grandma has AI tools, whether sanctioned or not. I need to find them to protect them.
We are putting together our AI framework and global rollout with governance policies. But hitting a roadblock around shadow AI.
We are looking at expanding our detection and response capabilities to include AI.
Two of the three are buying governance. The third is buying AI itself. Both are open projects, named owners, this quarter.
Underneath the AI churn, the replacement cycle didn't slow. A Director of Network Services at a top NYC law firm said they are "stuck in the VMware price increase vortex" and are now actively evaluating alternatives. An IT Director at a multi-cloud telecom software company said their posture "tends to drift between major audit cycles" and they need continuous controls across AWS, Azure, and GCP. An IT Director at a hospitality group is replacing their MDR over MSP response-time complaints.
Most vendors find out about projects like these when the RFP drops. By then, the shortlist is closed.
Who Entered the Network
These leaders joined in the last 14 days. They are actively requesting vendor conversations now.
Global Chief Information Officer — Cadwalader, Wickersham & Taft LLP ($3.6B revenue, 3,100 employees)
Director, ITS Cybersecurity Operations — DTE Energy ($12.7B revenue, 10,700 employees)
Vice President, Head of Cyber Security — A+E Global Media ($453M revenue, 2,040 employees)
Web AI Lead — Google ($182B revenue)
Vice President & CISO — Paychex ($5.2B revenue)
Vice Chancellor for Information Technology & CIO — University of Massachusetts Amherst ($2.9B revenue, 6,313 employees)
Senior Director IT, AI Center of Excellence & PLG — SentinelOne Group
Chief Information Officer — Optomi Professional Services ($200M revenue, 1,000 employees)
Head of Risk & Compliance (Deputy CISO) — City of San Jose ($1.4B revenue)
Partner, Head of Data, AI and Engineering — Fractal ($352M revenue, 5,722 employees)
Chief AI Officer — N-able Technologies ($354M revenue, 1,426 employees)
Associate Director of Information Technology — Biogen ($5.2B revenue, 8,574 employees)
Members take 2–3 vendor meetings per quarter. Once those slots are filled, the window closes for the cycle.
What They're Working On
Discovering shadow AI across a city government and tracing what it connects to — Head of Risk & Compliance, City of San Jose
Replacing VMware on remote office infrastructure with Hyper-V or an alternative as the price increases continue — Director, Network Services & Security, a top NYC law firm
Continuous cloud posture controls across AWS, Azure, and GCP to stop posture drift between audit cycles — IT Director, Netcracker Technology Corp.
Replacing existing MDR provider for slow MSP response times — Director of IT, O'Reilly Hospitality Management
Adding AI to an existing detection and response stack — Divisional SVP, Great American Insurance Company
Reducing overwhelming alert volume and tool sprawl in a pharma SOC — Sr. Director, IT Infrastructure & Operations, Abzena
Modernizing DLP — current "traditional DLP is complicated and hard," exploring AI-driven options — Senior Director ITIO & Cybersecurity, The New York Public Library
AI policy enforcement in the browser for a healthcare enterprise — Director, Information Technology, Adventist Health
Replacing a Microsoft Purview + Varonis stack with broader options — Director, Cyber Security, Denver Water
TPRM modernization with AI to replace questionnaire-driven process — Director, Network Services & Security, a top NYC law firm
ITSM and observability platform consolidation, moving from open source to enterprise grade — Senior Director ITIO & Cybersecurity, The New York Public Library
Cloud risk assessment automation to replace manual review of every new SaaS onboard — VP and CISO, Paychex
Proof It Works
We just published a new vendor spotlight with Clarity Security, and the math is worth reading.
Clarity is a five-and-a-half-year-old identity governance company running a two-person marketing team. They opted for a 20-meeting package on DoGood. Half of those meetings, 50%, turned into sales opportunities. The average ACV on the resulting deals was at least 2× what they see from cold outreach, and every closed conversation has been above $100K.
Shelby McIntyre, the marketer who runs the relationship, put it this way:
The ACV pays for DoGood like 30 times over in a quarter.
Two other points from the conversation are worth the vendor read. She spends under an hour a week managing the relationship. And on what walking into an opt-in meeting feels like: "It almost feels like less selling. Less convincing and more conversation. We can dive in versus trying to force someone to get on the line with us."
That's the wedge against cold outreach, against events, against intent data, and against the fully automated matching platforms. Every match here is reviewed by a person. That's why 78% of meetings advance to a next step, 22% turn into qualified pipeline, and the average member rating sits at 8.2 out of 10 across the partner base.
The full spotlight: How Clarity Security turns opt-in conversations into 2× ACV.
The Close
Two ways to think about the math.
You can spend a quarter cold-calling CISOs at $5B+ companies and hope one picks up. Or you can spend an hour a week reviewing the leaders already in front of you — and double your ACV because every conversation starts with the buyer already informed about what you sell.
These leaders are in the network this month. They've told us what they're replacing and when. The June matching cycle is open. The vendors who land in front of them now are on the shortlist when the RFP drops in 60 days. The vendors who wait are writing cold emails after the decision is made.
Reply if you want in on the June cycle.
— Ryan
