Category Archives: Uncategorized

Are There Really Dead Content Websites?

(Imagen 4)

Do I deserve to be called out for that last post?

As a reminder, I said:

“But if I could offer a marketing word of advice to TPRM firms, the “we are better than legacy TPRM firms” message has jumped the shark. EVERYONE is better than legacy TPRM firms these days; you are nothing new. No one is completely manual any more. It’s like comparing a Tesla to a bicycle. Or any basketball team to the Washington Generals.”

But has my own messaging jumped the shark?

Such as my oft-repeated claim that some firms aren’t creating current content…and therefore need my help?

Who are these mythical companies? 

But then I ran into one (TO) that last blogged on June 18.

And another (AD) that last blogged on June 4.

And another (HM) that last blogged on March 24.

And there are probably others that haven’t blogged in 2025…but I haven’t heard about them.

If you’re a TPRM or other technology firm, Bredemarket can help you generate content. Assuming you want people to know about you. Contact me.

Stop losing prospects! Use Bredemarket content for tech marketers

Is TPRM Agentic AI, um, SAFE?

Third-party risk management (TPRM) tools take varying approaches to automated vs. manual operations.

The company SAFE addressed automation in a July 15 press release. It uses the trendy term “agentic AI” so it must shift paradigms and optimize outcomes.

After stripping out the PR fluff, here’s some of what’s left.

“[SAFE] announced the expansion of its Agentic AI strategy with the release of 12+ new autonomous agents, over the next 3 months, purpose-built for third-party risk. The next two AI agents are SnapShot and BreachWatch which help organizations proactively organize AI summaries and identify third-party breaches respectively….

“‘Legacy solutions weren’t built for risk landscape,’ said Saket Modi, CEO and co-founder of SAFE. ‘SAFE is transforming TPRM….’”

But if I could offer a marketing word of advice to TPRM firms, the “we are better than legacy TPRM firms” message has jumped the shark. EVERYONE is better than legacy TPRM firms these days; you are nothing new. No one is completely manual any more. It’s like comparing a Tesla to a bicycle. Or any basketball team to the Washington Generals.

The real question is HOW you use your automation, and how accurate your automation is. Speed alone is not enough.

It’s All About Me 2: I Ask, Then I Act

Continuing my self-promotion, as opposed to promotion of my Bredemarket marketing and writing consultancy, how do I promote myself to companies outside of identity and biometrics? 

For example, cybersecurity firms, or third-party risk management (TPRM) firms, or content management system (CMS) firms, or healthcare firms (the non-identification biometric)?

By emphasizing that I ask, then I act.

Resonating with both the Simon Sinek devotees, and the bias to action adherents.

Short in duration, heavy on symbolism, and daring to mention “B2G” before “B2B.” That will start a conversation.

And then if someone fixates on the biometric modalities…

…I will redirect the person to Part One.

I ask, then I act.

PoisonSeed: Cross-Device Authentication Shouldn’t Allow Authentication on a Fraudster’s Device

(Important July 30 update here.)

(Imagen 4)

The FIDO Alliance is one of the chief proponents of the “death of passwords” movement, and is working on delivering secure authentication. But even the most secure authentication method is not 100% secure. Nothing is.

Authentication is a complex undertaking, and the ability to authenticate on a new device is a special challenge. But the FIDO Alliance has addressed this:

“Cross device authentication allows a user to sign in with their device using a QR code. 

“FIDO Cross-Device Authentication (CDA) allows a passkey from one device to be used to sign in on another device. For example, your phone can be linked to your laptop, allowing you to use a passkey from your phone to sign into a service on your laptop.

“CDA is powered by the FIDO Client-to-Authenticator Protocol (CTAP) using “hybrid” transport. CTAP is implemented by authenticators and client platforms, not Relying Parties.”

What could go wrong? Well, according to Expel, plenty:

“After entering their username and password on the phishing site, the user was presented with a QR code…. 

“What happened behind the scenes is the phishing site automatically sent the stolen username and password to the legitimate login portal of the organization, along with a request to utilize the cross-device sign-in feature of FIDO keys. The login portal then displayed a QR code….

“In the case of this attack, the bad actors have entered the correct username and password and requested cross-device sign-in. The login portal displays a QR code, which the phishing site immediately captures and relays back to the user on the fake site. The user scans it with their MFA authenticator, the login portal and the MFA authenticator communicate, and the attackers are in.

“This process—while seemingly complicated—effectively neutralizes any protections that a FIDO key grants, and gives the attackers access to the compromised user’s account, including access to any applications, sensitive documents, and tools such access provides.”

Presumably the FIDO Alliance will address this soon.

Mountain Avenue Rite Aid is Closing in Five Days

Update to my July 2 Bredemarket blog post.

As of July 21, the Rite Aid at 4th and Mountain in Ontario, California IS closing. In the next five days.

No Thrifty Ice Cream here.

And while the Thrifty Ice Cream counter at this store is empty, at least the Thrifty company survives.

No pharmacy pick up either.

More pictures below. Avoid if store closings depress you.

Aisles mostly bare, some store fixtures disassembled.
And they’re for sale.

Making Case Studies (and Other Content) Specific So Prospects Act

(Imagen 4)

Tech CMOs want to move their prospects to act and buy world-changing offerings (products or services) from their firms…and I want to move my tech CMO prospects to act and buy marketing and writing services from Bredemarket. So tech CMOs, I definitely feel your pain. But how can you move your prospects…and how can I move you?

Failure of a vague problem, solution, and results

In my recent post about converting an end customer interview into a case study, I discussed a “problem, solution, results” simple case study outline.

Justin Welsh just discussed the same thing, but with better words.

“I copy/pasted a spreadsheet of over 100 posts I’ve written that created real impact for my readers into ChatGPT, and I found a pattern:

“Specific struggle + specific transformation = lasting change

“Not some vague tension. Not a generic transformation. Specific moments where everything shifted.”

My specific solution

Of course the dozen case studies I ghostwrote for my client were implicitly specific. But it’s helpful to make that word “specific” explicit.

Imagen 4.
  • Because my client had a specific problem. The client needed its prospects to understand how its offering could solve nagging prospect problems. Riots. Car thefts. Robberies.
  • And my client had a specific solution. I can’t reveal the solution without giving the client away, but let’s just say the the solution simultaneously addressed the end customers’ dual needs of speed and accuracy, as well as other end customer concerns.
  • As for specific results, I confess I don’t know. In this case my client never got back to me and said, “John, case study 3 attracted a prospect that ended up buying an annual contract.” And my primary contact at the client subsequently moved to another firm. But the fact that the client stuck with me for a dozen case studies and some subsequent NIST FRTE analysis work indicates that I did something right.

You see what I did there. Well, as much as I could while preserving my ghostwriter status and my client’s anonymity.

What is your specific problem?

This section of the blog post is specifically addressed to tech CMOs and other marketers. The rest of you can skip this part and watch this entertaining video instead.

Imagen 4.

Now I know I’ve loaded this post with links to previous Bredemarket content that addresses the…um…specific topics in much more detail. Maybe you clicked on the links, or maybe you didn’t. I will find out.

But if you are ready to move forward, this is the one link you need to click. (“Now you tell me, John!”) It lets you set up a meeting with Bredemarket to discuss your specific needs.

It’s All About Me 1: Biometric Product Marketing Expert

Lately I’ve been so busy promoting my Bredemarket marketing and writing consultancy that I’ve neglected to promote me, John E. Bredehoft.

So my first “It’s All About Me” (IAAM, for those in the know) focuses on my self-declaration as the biometric product marketing expert.

Some of you may have seen a similar reel targeted to Bredemarket consulting clients (identity/biometric marketing leaders). Actually there are two Bredemarket reel versions because of a landing page change. The existence of three reels shows my dedication to repurposing.

But none of the three versions is meaningful to cybersecurity firms, or third-party risk management (TPRM) firms, or content management system (CMS) firms, or healthcare firms (the non-identification biometric).

Hence Part Two.

Biometric product marketing expert.