Having the best product in the world is not enough

We started our journey beginning of May, but it seems like forever ago already.

It was a continuous challenge of validating what we are doing, getting traction, developing a product and all the classic lean startup steps. It didn’t take us long to figure out that the lean startup strategy is not something to be applied ad litteram.

A successful business needs to have an industry focused approach, as much as a client focused strategy. Working in Security is even “more challenging” than other industries, as security sales can be much harder — you need to build rapport with the business and make them realize that staying safe should not be a reactive approach, but a proactive one. A very difficult thing to achieve on a cold lead.

During customer development, we started by going to companies that would benefit most from our solution. In fact, we started by approaching SMEs which should have been a good fit. Clearly, an underserved part of the market that needed our help right?

It took us weeks (and many, many meetings) to figure out that we were wrong. Very wrong. In startup life, this felt like a lifetime!

<aside> 💡 “Even if my customer’s data is made public, who cares about their Starbucks receipts anyway”

</aside>

1*KgVnHwQ23nIgUuLRMHx0tw.webp

Unfortunately, UK SMEs are in denial. They don’t think anyone would ever hack them .”What can they possibly get?” they’d ask frequently. To quote one, “Even if my customer’s data is made public, who cares about their Starbucks receipts anyway” (this was from an accountant!)

There is an awareness problem within the industry, a perception of “it is not going to happen to me” and a tendency to react to what is coming, rather than prevent it. In our journey, we also had the benefit of collaborating with some US companies and noticed a notable difference there: they are so much more attuned with the security trends, and what the industry needs. They WANT security, and won’t wait for security to WANT them.

But for now, the plan is to take a plunge at the UK market. Baby steps, or better put: startup steps. Smaller and faster steps. After all, UK is booming in cyber-security, and it’s certainly far more advanced than the rest of Europe right now. UK will shortly follow US in in the next 2 years, and in the next 5 years, the rest of Europe will follow as well.

Startup journeys are interesting — jumping from no sale, to potential sale and then to an actual sale in a short period of time is very exciting! It’s as if compressing a mature company’s life of one month into one day, with added startup excitement. After the first month where we almost got to 2 closed deals, that fell through in the end, we shifted focus to people who clearly need and understand the value added in our services: enterprises. For an eager startup, it is very disheartening to see that a buying cycle can take …. well, forever! We were very aware that enterprise sales cycles are long (about 6 months or more sometimes) and that it takes a long time, but this is our market, so we had to try.

With both of our experience in enterprises, we quickly figured out how to leverage our own networks and our advisors’ to get through some quite impressive doors. Experience has also shown us that starting with warm leads is much more productive that starting with cold emails. As it happens, these were in the legal sector — which made for a perfect match for our services. Law firms not only have sensitive client data (contracts, IP, IPOs, etc), but also a need to keep this data secret for long periods of time.