[By Brian McMahon, CEO and President of Threater]
Letās say youāre looking for some new technology for your business. How do you decide which company youāre going with?
If youāre like many people, you head straight to the Google search bar, where youāll quickly type in something like ābest threat detection software.ā The first few results will likely be global enterprises, because theyāre the ones with the massive marketing budgets to pay for sponsored results.
Perhaps you head over to Gartner or Forrester to read some analyst reviews. Itās always good to get high-level validation and quadrant/wave placement. However, once again, youāre only looking at corporations that can afford to fund the expensive analyst-approval process.
With either method, youāll probably find a perfectly fine solution. But doesnāt your business deserve more than fine? Donāt you want a dynamic platform that grows with you, perfectly fits your needs, and doesnāt come with the blown-up price tag of a big-name brand?
Thatās why itās time to start giving startup tech a fair shake.
The rub is that decision-makers have to start somewhere. Every year, five million new businesses join the economy. If you picked up the phone for every new kid in town, youād never get anything done. And since 90% of startups fail, how do you ā as a decision-maker, even know if this new tech will be around in two to three years?
Itās nice to stick with a known commodity, especially when youāre talking about securing your companyās digital framework. But the quest for comfort might be holding your business back.
Startups are famous for being nimble: pivoting to help when customers have pain points and working with specific enterprises to custom-fit their solutions. These startup vendors can start small, build from the ground up without being tied to any specific framework or bloat of legacy frameworks, prove their value, and repeat the process.
Letās explore why startup tech can be a game-changer in the world of cybersecurity and threat detection:
The problem with traditional analyst reports
Iām not here to rag on big analyst firms. They play a valuable role in our ecosystem. But analyst reports shouldnāt be the only thing youāre considering in the decision-making process.
Analysts are expensive. They also want to see major customer validation before they stick their noses out to review a company. For emerging startups, itās a classic Catch-22; customers wonāt buy your product until Analyst Firm X vets you, but Analyst Firm X wonāt vet you until you have an army of customers willing to speak to them.
Analyst relations remind me of standardized tests. They give indications of potential and socioeconomic status, but almost everyone recognizes standardized tests are not indications of actual skills or success.
Put another way, an analyst report is more an indicator of potential success and economic status than an actual evaluation of the product itself. Can companies that analysts vet add value to your business? Yes, but youāll need more information. Can companies they donāt vet also add value to your company? Also yes.
3 reasons you should try startup cybersecurity tech
Hereās how Iād make the case for incorporating startup vendors into your cybersecurity tech stack:
Big companies are already looking for the ānext big thingā
Often, big corporations pay attention to new technologies from startups. When they donāt, they risk being the latest business school case study a la Blockbuster. When they do, theyāll almost always make one of two plays:
- Try not to trip in their own red tape to come up with something ā anything ā that allows them to exist in that space so they can tell their current customers they have them covered (for a nominal fee, of course). Orā¦.
- Buy a startup to take them out of the market, claim ownership of that tech, and again claim their territory.
Signing on with startup is like getting in on the ground level before the red tape and markups.
āSecurity through obscurityā
The best way to ensure a robber canāt crack a safe is to make sure he/she doesnāt know a safe exists. In the world of cybersecurity, this concept is known as āsecurity through obscurity.ā By choosing startups, companies get access to new protections and technologies threat actors might not be as familiar with yet.
Better pricing
I saved the best for last ā and this oneās pretty self-explanatory. As theyāre hungry to grow their businesses, startups typically charge lower prices for their tech and services. The brand-name premium hasnāt kicked in, and the savings are passed on to you.
How to vet a startup and its technology
Now, I did mention that 90% of startups fail. So you shouldnāt put the sanctity of your companyās digital infrastructure in the hands of just anyone. Look for a few key indicators of success in your next startup vendor:
Seek out customer repeatability
Donāt just look at who their customers are, but rather at how many they have ā and how long they stay. Repeatability is key. If customers are signing on longer than a year or two, itās a good sign that early adopters are happy.
Pay attention to category disruption
Figure out who the ābig playersā are copying and understand why. If you see a flurry of new products emerge in a normally stagnant category, itās almost always because thereās a startup that saw a hole and started filling it. Now the enterprises are scrambling to push out a solution that is often subpar, bloated, and requires their proprietary tech to operate.
Read reviews on neutral sites
Reviews on neutral sites (such as G2 or Capterra) from actual customers are the first stepping stone toward those analyst reports. These reviews often give even more insights into how the company delivers on its promises ā and how theyāll treat you as an ongoing customer.
For your next tech decision: donāt overlook the startups
āStartupā shouldnāt be a dirty word when searching for your next vendor, platform, or service provider.
In a broad sense, I could point out that Nike, Walmart, American Airlines, and the famous California garage-borne tech companies were once āstartupsā too.
Letās keep it specific to security, though. One of the constants in cybersecurity is just how quickly it all changes. Threat actors arenāt just evil; theyāre also incredibly intelligent and talented at what they do. Protecting ourselves requires us to find solutions that are equally nimble and find new ways of thinking about the problems.
If enterprise technology companies are looking to startups for new solutions, I would propose itās time you should, too.
About the author
Brian McMahon is the CEO and President of Threater, the active defense cybersecurity platform. Prior to Threater, Brian was the President of Platforms & Data at Fractal Industries, the worldās first Human + Artificial Intelligence (AI) Operating System. He also previously served as CEO of MapQuest. Brian is an advisor and investor in local Washington, D.C. area startups.