1 Key Piece Advice for Startups from Cyber Security Leaders
During Tel Aviv Cyber Week 2018, five global cybersecurity leaders gathered for an exclusive fireside chat, and I had the opportunity to moderate the discussion. The panel included Dave DeWalt, former CEO of McAfee and FireEye and Founder of NightDragon; Justin Somaini, CSO of SAP; Andy Ellis, CSO of Akamai Technologies; Eric McAlpine, Founder of Momentum Cyber; and Galina Antova, Founder of cyber security startup Claroty.
One key idea underscored the conversation; a theme perhaps best summarized by NightDragon’s Dave DeWalt. “In cybersecurity, the difference in IP is measured in inches, but the go-to-market difference is measured in miles.”
Go-to-market model matters
DeWalt’s offhand comment hit the mark, stopping a technical debate in its tracks — and had a handful of the market’s most impactful CSOs and founders nodding in agreement on what can make or break a security startup. DeWalt wrapped up his remarks with this call to action: “Whoever’s listening: spend as much effort and energy on your go-to-market model as you do on developing your product,” because “roughly 95 percent of security companies fail due to ineffective go-to-market strategies as opposed to product failures.” The message was clear: Technological tunnel-vision will result in a startup getting blindsided by the market.
Cybersecurity consolidation demands differentiation
Eric McAlpine, whose investment firm Momentum Cyber closely monitors industry trends, said go-to-market strategy is all the more important for security startups because their window of opportunity is narrowing as the market continues to consolidate. “The combined market cap of the top 30 firms we track has grown from $30 billion to $130 billion in the past decade,” he said. And as the cybersecurity market matures, customers are opting to buy comprehensive solutions from established firms. Large vendors have been expanding their offerings in response and are increasingly hesitant to acquire additional technologies that they feel they can develop on their own. While there is still a need for outside innovation from startups, the opening for new cybersecurity vendors is narrowing. Unless a cybersecurity startup has carefully differentiated its offering and mapped a lane for its go-to-market plan, its chances of being able to successfully execute on that window are closing as well.
Is there a market for the problem you’re solving?
There is a tendency, especially amongst more technical founders, to get caught up in “feature wars.” Priority is given to solving the engineering problem at the expense of asking whether or not the problem is actually worth solving.
Why will customers buy it? More importantly, how will you convince them to buy it from your company? It’s surprising how many startups lack adequate insights and answers to these critical questions. Panelist Justin Somaini lamented, “Right now, we have a lot of startups in the cybersecurity market, but many aren’t adding much value.” As SAP’s Chief Security Officer, Somaini’s purchasing decisions carry massive weight. His candid perspective on the current cybersecurity landscape was eye-opening. “What we see on the buy-side is there’s a deep need for innovative solutions in core areas like infrastructure, application security, governance, and the like. Although the market is in a consolidation phase, we still need to see that outside innovation.”
Focus your resources on your core business
Akamai’s CSO, Andy Ellis advises startups to confront this challenge by focusing on a single area and then channeling all available resources in that direction. “A founder needs to ask themself: How much of the work I have to do is the feature I’m going to sell? The less of that work they can monetize to make their ‘big idea’ possible, the worse off they are going to be. Every piece of tech a startup builds should be something they can monetize — otherwise, just use open source technologies. Don’t focus on things that are not key to your core business!” Tight competition and tough customers mean the margins for go-to-market edge are razor thin. Honing the product to a point gives you an advantage.
Convert potential competitors into partners
Another way to maximize your resources is to leverage strategic collaboration. Galina Antova, whose industrial cybersecurity startup Claroty just closed a $60 million dollar funding round, explained her unique approach to converting potential competitors into productive partners. “If you can proactively convince potential competitors to use your technology, they won’t have to build it themselves to compete. When your product helps them with their go-to-market, you’re empowering them and making them successful. It gives you great market validation and unbeatable scale.” Deep understanding of the competitive landscape allowed Antova to transform threats into opportunity and helped build a sustainable business foundation in the process. Claroty’s savvy go-to-market approach improved the company’s value proposition dramatically.
Engage with the market from day zero
As the previous examples show, a robust, practical go-to-market strategy can have transformative potential. In fact, the benefits of implementing one from the outset are so clear (and the downsides of ignoring one, so pronounced) that they seem self-evident. But stressing go-to-market strategy is the “eat your vegetables” of startup advice. Often given, yet often ignored.
As managing partner of a venture capital firm, I make go-to-market planning one of my fund’s highest priorities. The process of engaging with the market must begin even before product ideation and continue throughout the development process. My firm taps into our network of CISOs as part of the due diligence process and then aims to have our companies meet at least 50 prospective customers in the months following initial, seed-stage investment.
However, the attitude founders take is the most important thing. One trait that’s vital for entrepreneurs is that they always remain flexible and open to continuous feedback. Because let’s say you can’t find 10-12 receptive CISOs out of those 50 calls. That might be a sign you need to pivot or rethink something. All the customer insight in the world won’t help if you think you know better than the customer. One final piece of advice: Listen to the market before you go-to-market.[bibblio style=”bib–font-arial bib–size-18 bib–recency-show bib–default bib–hover bib–shine bib–white-label bib–grd-6″ query_string_params=”e30=” recommendation_type=”optimised”]