THE SECRET TO GROWING YOUR SECURITY STARTUP

February 16, 2017/Frederick Scholl/

This week is RSA 2017 and I am counting hundreds of vendors exhibiting in San Francisco. This doesn’t count the others still in stealth mode and off the main show floor. They are all looking for the right formula to survive and grow. But what is that formula? In fact security startups aren’t much different from other startups when considering the secrets to business success. My own background includes two technology startups. But the best advice I heard on how to grow a business came from a talk given by serial entrepreneur Kevin McGovern. This was: “catch the wave”.

Mr. McGovern was one of the founders of SoBe soft drinks, a leader in the nutraceutical beverage market. Did anyone really need another drink? Yet, SoBe indeed caught the wave when it was sold to Pepsi for $325m. How do you catch the wave in your startup? You need preparation and constant 360-degree vigilance of the market.

Some years ago, I tried surfing on a trip to Hawaii. I wasn’t successful, but there are some lessons learned.

  1. I hired a world champion surfer to train me. Good idea to find a mentor; maybe not the right person to train a beginner.
  2. I found out that the beach was rocky…I didn’t have water shoes to make it navigable.  So minus one for lack of preparation and equipment.
  3. I did have a good surfboard, rented from the pro. So plus one for preparation and equipment.
  4. I hadn’t read anything or watched any training videos on surfing ahead of time. So minus one for lack of preparation.
  5. I gave up after one lesson, when I was unsuccessful.  Minus one for lack of persistence. Surfing is harder than it looks.

To be a good surfer, you will need 360 degree vision. Backwards to pick the right wave, and forwards to see where you are going. The same is true for any security startup. Watch where you are going, but keep your eye in the rear view mirror to watch for firms gaining on you with new technology. Be prepared and stay out in the water!

For a short introduction to preparing and running your security startup, I recommend serial entrepreneur Milton Chang’s book: Toward Entrepreneurship.

Posted in
Tags:

Frederick Scholl

Frederick Scholl is an accomplished Global Senior Information Security Risk Manager. Dr. Scholl earned a BS and Ph.D. in Electrical Engineering from Cornell University. In 1991, Fred founded Monarch Information Networks, LLC to enable forward-thinking organizations to protect their information. Previously, he co-founded Codenoll Technology Corporation (NASDAQ: CODN). He chaired the IEEE committee that wrote the first standard for Ethernet communication over fiber optic links, now used world-wide.

Book an Appointment for Cybersecurity Issues

Request an appointment with Dr. Fred Scholl. We will discuss any cybersecurity issues you have.

Book an Appointment

More Good Reading

Cybersecurity Thrives in An Organizational Context

The First National Cybersecurity Summit

New Privacy Laws Require Security Professionals Up Their Game

Cybersecurity Workforce Development: Real or Imagined Problem?

Antidote for Fake Everything

Information Security Risks, Gray Rhinos and Black Swans

Managing Information Security On a Limited Budget

Building a Security Start-Up

Cybersecurity Risk Management for Directors

My Reading List for Security Start-Ups

Should Your CIO Learn to Code?

How IT Leaders Can Keep a Seat at the Table

Equifax points out—again—the need for speed in security management

Anatomy of a Security Breach

The Smartest Information Security Companies

Book Review: Play Bigger

Long Term Beneficiaries of WannaCry

RISK: A NEW MOVIE ABOUT JULIAN ASSANGE

TRADE SECRET THEFT CONTINUES UNABATED

TENNESSEE LEGISLATORS MUDDY WATERS AROUND PRIVACY BREACH NOTIFICATION REQUIREMENTS

LEADERSHIP CHECKLIST FOR SECURITY PROFESSIONALS

SIEM VENDORS HAVE IT ALL BACKWARDS

THE SECRET TO GROWING YOUR SECURITY STARTUP

CLOUD JOBS PEAKING?

The Spy Who Couldn’t Spell

IS THERE A CYBERSECURITY PROFESSIONALS SHORTAGE?

No Blue Pill for Cybersecurity Failures

Presidential Cybersecurity Commission Makes Some Good Suggestions

Understanding Intelligence

Align Your Security Program With the Business

Don’t fall victim to BEC

Enterprise Risk Management and Information Security

Evidence Based Risk Assessment: Lessons Learned from the Y-12 Breach

First Conviction for Illegally Distributing Android Apps

Locking Up the Ivory Tower

Cloud Vulnerabilities

More Security Lessons Learned from the Y-12 Breach

Security or Compliance?

Home Disaster Recovery Planning

Cloud Computing: Trust but Verify

Background Checks May Not Be Enough

PERFECT SECURITY STORM FOR LAW FIRMS?

How Not To Be a Cyber Janitor

SECURITY MEMO: IT CAN’T HAPPEN HERE, CAN IT?

Don’t Forget Cloud Availability

Compliance v. Security

GAO Report on Information Security in Federal Government

Lean Security

Mitigate Your Social Engineering Vulnerabilities

HIPAA Security. Are We Making Progress?

Brand Your Security Program

PDCA is Dead

LEARNING FROM PAST MISTAKES

How Better Security Can Create Shared Value

C’est La Vie, You Never Can Tell: Lessons Learned from the HBGary Hack

DDOS Tutorial

The future of information technology

Data Governance Anyone?

Learning from the oil spill disaster

Down the Rabbit-Hole…Again?

Ideas on Risk Management