Achilles Heel … Sales

Over the years I have been a part of several startup teams and am now involved with the birthing process of security start-ups. What has become evident is that great and innovative solutions to BIG problems, better mousetraps, and totally obsessed start-up CEOs far too often fall short of the goal line… Why?: because they do not see their job is to sell.

Startup CEOs fail to understand that getting and keeping their first customer is far harder than finding outside investment… they may well find someone to invest the first time, but without real paying customers the game is over.

Last year was an exciting year for entrepreneurs as investment firms ponied up more than $1.4 billion to security startups and companies in 239 deals (through June 2013). However, only 27% of companies in 2013 were able to secure outside funding within one year. Ultimately, only 36% of accelerator companies since 2005 added to their seed and angel rounds after graduating from the accelerator - due in large part to their inability to gain sales traction in the market.

 Every day, we see angel and early seed investors who usually focus on the CEO and CTO --- the leader with the vision and the guy/gal who is putting hands on the keyboard --- what they overlook is the sales process. Too often the CEO and CTO don’t see themselves as the sales person or closer. This is the Achilles Heel – great ideas and products don’t sell themselves: the startup founder must … sell the idea, sell the vision, sell the Proof of Concept, sell the solution, sell the team, sell … sell … sell… and get a paying customer who believes and shares their vision of the solution.

Start-up founders who are going to jump into this big pond, must be focused on selling during every waking moment. If not, their start-up dream will come to a sudden (and not so pleasant) end quickly.

TheSalmonSpeaks: Net Neutrality

Occasional rants are good for the soul. If you disagree with the opinions expressed, please take it up with The Talking Salmon.January 15th the U.S. Court of Appeals for the District of Columbia struck down the FCC net neutrality regulations covering internet access. The press coverage digs into the arcane regulatory discussion around whether internet providers are “common carriers” or not, but of course this is really a heavyweight fight about money. In one corner are Verizon and their Internet Access Cartel (IAC) buddies, the cable companies. In the other corner are Google and their internet…well, there’s Google. Lurking in the shadows of the third corner are the traditional content providers, the axis-of-evil made up of the traditional TV networks, Hollywood, and their device friends making smart 3D super high definition large screens. Over there in the fourth corner are the cats and dogs like Netflix, HBO, and the new breed of independent short form internet content folks. OK, this is really more like one of those wrestling tag team matches than a heavyweight fight.Here’s the deal. Going back nearly to the dawn of history when the log carvers and the log drummers fell out there has been an ongoing battle between people who develop content (those artistic types) and people who build the infrastructure to get content to the people who want it. The key lesson from history is that no matter the incentive, these tribes have utterly failed to intermarry. Content providers are bad infrastructure builders, and vice versa.The Salmon agrees with the mantra used by broadcasters to justify letting broadcast networks wither on the vine: “Content is King”. Ultimately this is due to the “eyeball-bandwidth” product, the amount of information any individual can absorb at once (the Shannon limit for people) multiplied by the number of hours per day, generally not exceeding 24, times the 8 billion people in the world. It’s your eyeballs they want to own. As you can see, not counting a few benighted third world countries, we are nearing the theoretical eyeball-bandwidth product limit where it becomes simply a fight for market share. And people will opt for the highest value content…Content is King.So, who’s on first? Google of course is the de facto monopoly intermediary for internet content. They want net neutrality, unless they can actually build a virtual network of Android devices, in which case they are against it. Verizon and friends are getting squeezed…land lines are dead, SMS revenue has dropped for the first time, the Internet of Things probably only needs that old 2G network, not 4G LTE, people are starting to drop cable subscriptions and there is significant pricing pressure on internet connectivity. Almost makes you feel sorry for them, and moving to extract higher revenue from the pipes through competitive access pricing is a rational move. With vertical integration the goal for everyone, you would think the broadcasters, Netflix and crew would be looking to buy Aereo instead of killing it, but then far-sightedness has not necessarily been a virtue in that world.Technologists unite! Here’s what we could do, if we had the time. It might be that the Aereo court decisions make rebroadcast of initially free internet content OK, in which case small community ad hoc networks with one Verizon subscription, one cable subscription, etc. would be a great service to provide for your friends and neighbors. Seems like VPN tunnels to the “Free Internet” would re-disintermediate the greedy pipe guys. And of course innovation is a wonderful thing. Send your ideas and comments to The Talking Salmon, care of Daveknology. Remember: they’re your eyeballs.David Ihrie is CTO of MACH37 and has been the lead technical person for six startup companies. He has a BS in EE/CS and an MS in Management specializing in the Management of Technological Innovation, both from MIT.

CTO SmackChat: Technology is not Innovation

In his excellent book "The Idea Factory: Bell Labs and the Great Age of American Innovation", Jon Gertner quotes Jack Morton, who worked at the Labs on the development of the transistor in the 1940s, saying "[Innovation] is not just the discovery of new phenomena, nor the development of a new product or manufacturing technique, nor the creation of a new market", but all of these working together to deliver things that make a difference. Or, as one of our investors puts it succinctly: "a business without customers is just a hobby". As technologists, we of the nerdly persuasion tend to believe that the tech is the key ingredient in the success of any startup. At MACH37 we talk to a lot of incredibly smart technical people, some with potentially game-changing ideas...but, technology is not innovation. For a startup to deliver products that make a difference it takes a great technical idea, but also someone who knows how to build a business, someone who knows how to turn an idea into a product, and people who can find customers, understand their problems and sell them your idea. Innovation is a team sport.So, how important is the tech? As we evaluate startups and talk to investors, a large majority consider it essential to have someone with deep technical domain expertise, as well as product development skills, as part of the initial entrepreneurial team. Many of those same people will tell you however that the initial technology contributes maybe only 10% or 20% to the success of the business, that the ability to pivot is critical, that technology almost never creates new market segments. My own rule of thumb is that your going-in idea is always wrong.Making sense of the contradictions can be maddening...being passionate about your ideas but willing to turn on a dime; knowing what is necessary but not sufficient; being game-changing in a way that's not too ground-breaking. This is the first of a series of posts to explore these contradictions from the technologist's point of view. How many features make a product? When do you abandon Rev 1 and start over? When does one product become two? How do you know what customers really want? How far ahead of the market or the product can you be? And once you delegate the product design, and customer interaction and hands-on coding, how do you continue to add value to your organization? David Ihrie is CTO of MACH37 and has been the lead technical person for six startup companies. He has a BS in EE/CS and an MS in Management specializing in the Management of Technological Innovation, both from MIT.

,

You Don't Scale

,

The more that information security incidents are in the news, the more often we hear that there aren't enough people to do all of the work necessary to batten down the hatches against everyone who'd like to compromise our systems and networks. The U.S. Government has been particularly vocal in discussing a shortage of security talent, but it's not uncommon to hear this refrain in business circles as well.If these folks are as difficult to find, hire, and retain as we're told, then we only have a few choices:

  • Train them internally;
  • Automate as many security processes as possible;
  • Do things to make the people you have more effective

Most people choose door #2 as a way to get what's behind door #3.There is a common criticism of information security practitioners: that we depend too much on technology, even when the core problems may not be technical ones. Those critics have a point: effective security isn't something one can buy in a box and then proclaim victory afterward. However, in the face of limited talent, deploying a new technology may be the most straightforward way to attempt to address some risks.The reason is simple: many of the best security products tend to embody some very specific, reproducible, automation-friendly aspect of security expertise and perform it tirelessly, over and over.  You may have the best internal security people in the world, or the best  world-renowned consultants, but the bottom line is that humans don't scale particularly well.This is true whether you're the security manager with the responsibility to keep your network safe 24 hours a day, or the consultant who parachutes in to save the day when things look bleak. The former can only hire so many staff members, and the latter can only be billed for a finite number of hours in a day/week/year.If experts are in short supply, then one of the most scalable options is to encapsulate the expertise of rare, highly paid people and build it into a mechanism that can attempt to apply that expertise to real environments, be they network traffic flows, host configurations, or software updates.There has yet to exist a security product that solved all of the world's (or even one enterprise's) problems, but if we look at some things that made a difference in the state of the art when they arrived, they tend to fall into a few categories:

  • They allow less-senior people to do some work that used to be the province of a few
  • They help people to make better sense of information they (usually) already had somewhere
  • They help less-technical users to avoid inadvertently hurting themselves
  • They fundamentally changed some aspect of how we work or build systems to make them inherently more secure*

*This is where the most value is created, but it's also the most difficult.If you've gone to the trouble of building something to solve a problem for yourself, and believe that other people have the same problem, that's called a market opportunity.

What Type of Entrepreneur Are You?

480786_Horse-Trader copy

MACH37 typically invests in companies at their inception.  With a lack of meaningful company history, our decisions are always based heavily on our assessment of the entrepreneurs behind ideas that we like.  Consequently, we are often asked what we look for in MACH37 entrepreneurs.

While they come in all shapes and sizes, it has been my experience that there are principally two types of entrepreneurs:  “horse traders” and “horse breeders”.

Horse traders are driven to create wealth for themselves by exploiting market inefficiencies.   Their businesses are transaction oriented and rely on simple buy low and sell high principles.  In technology, they often find success in understanding an application of an existing capability, negotiating attractive rights to that technology, then rapidly commercializing (or flipping) it.  Horse traders are not typically technical and often lack a vision beyond the first implementation of their technologies.

“Horse breeders” are wholly different.  They innovate to develop new breeds of capability – disrupting the status quo with better alternatives.  Their innovations often eliminate market inefficiencies rather than exploit them.  During this process, they create wealth for themselves and others by ultimately making the economic pie bigger.  Horse breeders are often technophiles, but they also include musicians, artists, athletes, and anyone is who is driven by a passion for creating something that can make a significant positive impact.

MACH37 looks for horse breeders.  Not only because they are far more fun to work with, but also because horse breeders create value where it never existed before – an underpinning of disruptive innovation.  MACH37’s sole focus is to empower this type of entrepreneurship with the knowledge, exposure, access and validation (by the security buyer and venture communities) necessary to successfully take disruptive cyber security innovations to market.

If you think you are a horse breeder, send us an email or submit an application for the next cohort session.

, , , ,

Stay East Young Man

, , , ,

I recently read the New York Times article, “The Pentagon as Silicon Valley’s Incubator,” by Somini Sengupta, which highlights a welcomed trend in cyber security investing that most of us in the industry are watching unfold.  The article highlights the enhanced relationship between Silicon Valley venture capital firms and DoD and Intelligence Community cyber security stakeholders.  The article also underscores my assertion that the DC-Maryland-Virginia Cyber Beltway is the center of mass for global cyber security expertise (see Blog Post: dated   August 2013, “The Cyber Beltway’s Innovation Dislocation").We at MACH37 are thrilled that Silicon Valley and other venture capital rich regions are bridging the gap with the Cyber Beltway.  We continue to strongly support initiatives focused on achieving such gains, such as the Security Innovation Network, which has made tremendous strides in bringing both communities together.However, Sengupta’s article illuminates a related and troubling trend – the migration of cyber entrepreneurs from the Cyber Beltway to Silicon Valley.Specifically, Sengupta references two cyber security start-ups, Morta and Synack, both of whom recently pulled up chocks and moved to Silicon Valley to secure venture investment.  Sengupta also references several other high profile cyber security policy stakeholders who migrated West to join other cyber security startups.I can imagine why VC’s would desire to keep first time entrepreneurs close to home.  It’s difficult for VC’s to effectively mentor and manage young and inexperienced entrepreneurs when they are separated by over 2,850 miles.  I can also imagine why former policy stakeholders would be drawn to the luster of the fast-paced Silicon Valley start-up environment.  I am sure that echoes of Horace Greeley’s “Go West Young Man” add to the excitement and romance of their first entrepreneurial experience.However, if VC’s have already recognized the unmatched density of cyber security expertise residing within the Cyber Beltway, it makes little sense to me that they would desire for these entrepreneurs to leave the rich intellectual ecosystem that originally inspired them.In the cyber security space, perhaps more than any other technology sector, intellectual capital has a very short shelf-life.  In order for cyber security companies to thrive beyond the releases of their initial alphas and betas, their founders and technologists must continue to innovate.  In order to do so, they must maintain an awareness of the state of the cyber threat as well as the state of their competitive environments.By pulling these entrepreneurs out of the cyber intellectual epicenter, their VC’s are inadvertently undermining their ability to compete over the long term.  Outside the Cyber Beltway, these entrepreneurs are going to lose a step and will find it more difficult to, not only keep up with the threat, but also to seize and defend a competitive market position.To be certain, in Silicon Valley, these entrepreneurs are going to find a wealth of expertise in new venture development, software engineering, and enterprise solution sales and marketing.  But they will also find a dearth of cyber security expertise.  There are lots of folks out West who know how to build a highly scalable database to search through and correlate log and threat data, but very few of them have any idea what they are actually looking for.Let me suggest an alternative approach.  Stay East Young Man (and Woman).If VC’s want to give their cyber security entrepreneurs every advantage to succeed, leave them inside the Cyber Beltway.  If the entrepreneur is a first timer, establish your firm’s presence here and surround the entrepreneur with experienced talent.  By allowing the entrepreneur to remain immersed in the ecosystem that originally inspired her, her venture will continue to innovate, keeping pace with the cyber threat and competitive environment.  Several venture firms with strong cyber security track records such as NEA, Grotech, New Atlantic, Valhalla, Harbert, Columbia Capital, Paladin and Alsop Louie understand the importance of this immersion and are either already established or are in the process of building a more sustained presence within the Cyber Beltway.MACH37 is working hard to make it easier for both cyber entrepreneurs and venture capitalists to build cyber security companies inside the Cyber Beltway.  We augment our entrepreneurs’ existing cyber security skill sets with the critical product management, development, sales and marketing and venture development capabilities they will need to succeed.  We pair them with seasoned entrepreneurs, cyber technologists, market analysts and venture advisors who are committed to helping them be successful.  We drive their ventures through concept validation, target market customer acceptance, and alpha commitment and provide them and their investors with the strong market-driven foundations they will need to achieve the success we are all driving towards.