Ditching Hourly

Hello and welcome to Ditching Hourly. I'm Jonathan Stark. Today I've got an audio excerpt from an answer I provided on my YouTube channel. You can check it out at thejonathanstarkshow.com and it'll redirect you to YouTube if you're into watching videos. Otherwise, you can just listen to the audio here on the podcast. Enjoy. Hey, Jonathan here. I've got a question from Chuck Spiedel who asks, what kind of advice do you have for someone who wants to transition from WordPress project-based work into website security consulting for nonprofits? Ooh, where do I start? Okay, here's where I'll start. First, I'm going to assume that you know what you're doing with website security consulting. You've got some kind of street cred there. You know how to do it. You know what's involved. Certainly more than someone at a nonprofit, but security is almost like healthcare, but in the digital space. There's a certain level of malpractice. So we're just going to assume for the sake of argument that you're good at it. You have high confidence and you're actually good at it. You've got demonstrated results, so on and so forth, which maybe you've gotten from previous work doing WordPress sites that just have to be secure, and therefore you can say, oh, I've done these HIPAA compliance things and all these other regulatory environments and GDPR and blah, blah, blah, all these things. So you've got the expertise. Okay, so it's great that you've picked nonprofits, but that's a tax designation. What kind of nonprofits? You could go a little bit more specific there, I think. Either nonprofits of a particular size or nonprofits that, I don't know, it's still very broad, but it's a good start. And so here's what I would do. I would talk to them. So find, well, yeah, I would talk to them. So look, where do they hang out online? Can I connect with them in maybe a Quora thread or do they have a subreddit or is there a local meetup where they talk or a local conference or a trade show or some sort of trade association that has a magazine that you could read? Are there certain books that they all read that are related to WordPress or security or digital transformation or something? And you can look through the comments in the Amazon reviews. Where do you know people in your network? Are you already connected with folks in the target audience that you want to reach? Start reading their words, communicating with them, interacting with them, having phone calls with them, and ask them, what are your concerns around security? Do you have any pains in this area? Is there anything about this that keeps you up at night? Have you ever had a security problem in the past? What kinds of security problems do you typically experience or people like you typically experience? What would happen if you had a security breach? Do you know what kinds of security breaches there are? Here are all the different ones. What would happen in these cases? Basically, have a conversation with these people where you don't want to lead the witness too much. You don't want to say, hey, I've got this new security consulting product. Wouldn't it be cool if it was like this? Don't you think people would buy that? Because they're just going to be nice and say, yeah, I guess, I suppose. What you want to do is you don't want to lead the witness too much, but you do want to have the conversation around the thing that you're good at. So you have to be a little bit delicate there and say, hey, have you ever had a security breach or do you worry about security? Or maybe you pick a nonprofit where it's related to healthcare or something or has some special security concerns beyond just normal data privacy. And you talk to them and ask them what their pains are and keep a huge list of exactly how they describe them. Even if they use the wrong words for terms, jargon that you understand that they don't, maybe they, whatever, just lots of notes, write down everything that you can from all these conversations. And the next step is that I would start, if you can find an online forum where they exist, it's the easiest where you can go in and actually answer their security questions. Or at least point them in the right direction. Or if you can't answer it, help them in some way, move the needle for them a little bit. You know, like if somebody's like, should I be worried about, I don't know, ransomware? Then you could ask maybe a little diagnosis. You're like, I don't know, what version of WordPress are you running? Do you even know? Do you have a web developer? Are you doing it yourself? Is your web dev like a professional? Or is it like your cousin Vinny? You know, you can ask a few questions, kind of diagnose the situation, then maybe point them in a direction that would be helpful to them. And like, wow, that was great. That was super helpful. Thanks. Then you can take that answer and post it as a blog post, do it as a podcast episode, publish it somewhere as like a piece of content marketing, see if other people are interested in it. Maybe that turns into a PDF download where you say, hey, hey, folks in this community, I have this new PDF about website security for nonprofits. You know, it's free. I just, I'd like to get your feedback on it. What do you think? Is there anything I could change about it? Are there any questions I didn't answer? How can I make it better and more helpful to you? Start getting, you know, now the conversation is more centered on this piece, this content piece that you've created.

with and people are chiming in and you're making it better and better and better. You're getting more and more of their language baked into it. So as soon as someone like that reads it, they'll immediately be like, oh, this is for me. This is using my language. This is using sort of nonprofit inside baseball language, our jargon. So once that's, you just build up from there. So that's like, you know, the bottom tier of like, you could think of it as the top of the funnel. You could think of it as the very bottom of your ladder, your product ladder, and you build something on top of that. Maybe it's a mailing list or a podcast or something up from there. Maybe it would be, you know, a one-on-one consulting call where you deal with, you know, a particular kind of security issue, whatever is the top of mind for folks who are in this situation. You know, maybe they're, you know, maybe they're, you know, maybe they're like all distracted by like, maybe we should be using blockchain for something. You know, who knows? I don't know. But if you talk to them, you will know. And the more conversations you have with them, the more ESP you'll have with other folks like them. And you can just, just immediately start communicating with them, not broadcasting to them. I mean, communicating with them by using their terms, you know, even if they're wrong for the things that you know, you know, you know, they understand these terms to mean X, it's actually not the right term, but that's okay. I understand what you mean. And you can actually communicate where the message is going back and forth. And then over time, they'll just tell you what they need. And they'll automatically, eventually, if you're, if this is working and there's a need, if nonprofits do have web security needs, then pretty quickly, someone's going to say, listen, can we just get you to come in for a couple of days and, you know, audit our infrastructure? And you can say, sure, I'll put together a proposal or, you know, you could give them a productized service and just give them a fixed price. So eventually they'll just tell you what they want because they'll recognize you as the go-to person for them, for this thing. You're the one they trust for website security and they'll just start asking for stuff. And so then you can just start selling it to them. It's not going to happen overnight, but it can happen pretty quickly, you know, relatively quickly. And that's, that's how I would start. Okay, I hope that helped. I'm Jonathan Stark. If you have a question for me, just hashtag AskJonathan on Twitter, LinkedIn, or YouTube, and we'll add it to the queue. See ya. Would you like to learn how to get paid what you're worth? How about selling your expertise and not your labor? We work through all of this together in the Pricing Seminar. Pre-registration starts soon, and you can sign up to be the first to know when early bird pricing is announced at ThePricingSeminar.com. That URL again is ThePricingSeminar.com. Hope to see you there. Hey, Jonathan again. Do you have questions about how to improve your business? Things like value pricing your work instead of billing for your time, or positioning yourself as the go-to person in your space, or maybe productizing your services so you never have to have another awkward sales call or spend hours writing another custom proposal. Book a one-on-one coaching call with me and get answers to these questions and others in the time it takes you to get ready for work in the morning. Best of all, you're covered by my 100% satisfaction guarantee. If at the end of the call you don't feel like it was worth it, just say the word and I'll refund your purchase in full. To book your one-on-one coaching call, go to JonathanStark.com slash call, C-A-L-L. That URL again is JonathanStark.com slash call. Hope to see you there.