And when it comes to cutting through the hype, Hay said sharing information with colleagues can help. "If your product or solution can solve an actual problem, and not just a marketing-derived problem, the 'hype fog' can be cleared away from the product pretty easily," he said.
"When your product or service is built on hype and not value, the industry that it aims to serve will quickly pick it apart and surface its actual value."
Zilberman agreed. Especially smaller organizations, he said, "can look for tools that have had success in the industry. They can evaluate it through 'referenceable' customers. You don't want to be the guinea pig."
Saif agreed, adding that CISOs aren't the only ones dealing with a marketing blitz.
"The challenge of separating fact from fiction and not being lured by slick marketing is not a challenge unique to CISOs," he said.
Zilberman said he thinks the market is sorting itself out somewhat based on Gartner's so-called "hype cycle," in which an emerging technology reaches a peak of "inflated expectation," then slides into a "trough of disillusionment and then moves back into a more sustainable growth curve called the "slope of enlightenment."
"The security industry is very much following that curve," he said. "We were at the front end 12 months ago with huge amounts of capital pouring into it. Now, some companies are not growing as fast as expected, so we're more in the trough of disillusionment.
"But bad guys are not going away," he said. "I think there will be a slight correction, and in the not-too-distant future, the market will rebound."