“You can’t always get what you want,” wrote Mick Jagger and Keith Richards – many, many years before anyone dreamed of the Internet, let alone cyber attacks.
For cybersecurity startups, this is currently not the problem. They can get what they want. The question is, can they get what they need?
It is the best of times for cybersecurity. Globally, spending on cybersecurity will exceed $96 billion in 2018, according to Gartner, and cumulatively top $1 trillion by 2021. Investment in cybersecurity ventures is way up, too – over $7.6 billion in 2017. Locally, according to Start-Up Nation Central, cybersec startups based here in Israel raised a record $814.5 million in 2017, up 28% from 2016. There were 14 cybersecurity exits in Israel during 2017, reaping over $1.4 billion. 2018 is projected to be even better, both in Israel and worldwide, as cybersec continues its progress through the hype cycle. With worldwide enterprises scrambling to mount effective responses to high-profile cyberattacks, the money is flowing.
The exact percentage of startups that succeed, and what constitutes success, has been the subject of intense debate – but we do know that somewhere around 90% fail. A bullish investment climate brings a flood of ideas out of the woodwork – many good, some less so. Yet in good times like now, you can pretty much get what you want: most cybersecurity startups can find funding, one way or another.
All Money is NOT Good Money
Here’s the thing: savvy cybersec entrepreneurs know that not all money is good money. “Dumb money” doesn’t just refer to noncommercial traders anymore. Cybersecurity entrepreneurs are learning to be cautious about inexperienced investors, who bring limited added value to the relationship, yet still demand fast exits with high returns.
And despite the hype, savvy cybersec investors are beginning to ask tough questions, too – even when they are wowed by emerging tech in a space as hot as cybersecurity.
To ensure that they not only get funded, but also end up in the minority that succeed in bringing a product to market and actually selling it – entrepreneurs need to ask themselves these three questions (among others):
- How does it fit into the bigger picture?
Startups are born into niches, and this is a good thing. When an entrepreneur identifies a source of pain, then creates a solution to ease this pain – this is where the magic starts. However, when a startup CEO looks in the mirror, he or she should not just be asking “Does my solution solve problem X?” Rather, the relevant question is, “Does my solution solve problem X, and not create problems Y and Z?”
The issue is one of integration and ecosystem. The average enterprise IT has tens – if not hundreds – of security solutions operating together, in many cases, from different cybersec ISVs. Your solution may do exactly what it’s supposed to do, but if it creates additional burden for already-overloaded IT teams (training, integration, automation), it’s not going to sell. Make sure that you are intimately aware of the environment into which your solution will be integrated, and that your tech complements and seamlessly integrates with it.
- How does it make money?
Some of the best cybersecurity startups I’ve seen did not have astoundingly unique technology.
Yes, you read that correctly.
Technology never serves itself, and cybersec is no exception. Your “secret sauce” does not have to be uber-tech. What it does have to do is solve a problem better than anyone else has or shift an existing paradigm completely. That means you have to create a convincing, thoroughly-researched business case that shows a clear path to profitability and adoption. Remember, technology is your enabler, not your end game. Think creatively how you can make money. Do not pursue the licensing model as your first default.
- Can you explain it in plain English, please ?
The adage holds that if you can’t explain to your grandmother what your product – and in a reasonably short time – you need to rethink your product.
I would amend this. Because your grandmother is smart. If she doesn’t get it – it’s often not the product that’s lacking, but rather the explanation.
The way you explain your product needs to reflect your audience as much as the object benefits of the product itself. Take the time to prepare a concise pitch that works for the context (investors, customers, etc.) and that clearly addresses the pain of the listener.
The Bottom Line
The investor-entrepreneur relationship is never simple, and not always profitable. Like any relationship, getting what you need may be more challenging than getting what you want – but it is always ultimately more rewarding.