Sunday, February 6, 2022

4 Key Reasons Why Your Cyber Start Up Has No VC Funding

 


I think just about a week ago or so, I wrote a blog as to how the Merger and Acquisition Activity Is going to further fuel the growth of the Cybersecurity industry in the coming years.  Part of this is the larger companies buying out the small ones, and also Venture Capital (VC) and Private Equity (PE) firms taking part in the mix as well. 

Obviously, these latter group of people don’t want to hold on to their new assets for too long, as they want to make money them as well.

This has prompted a new trend in the Cyber industry for people to launch startups with all of the bells and whistles, so that they will look attractive to a potential buyer.  But that is far as they will go, and now it is starting to backfire on them, as the VCs and PEs want something of substance and value as well when they make their purchases. 

After all, they just can sell air either, right?  In fact, in many ways it feels eerily resemblant to that of the late 90’s – as long as you had a .com in your name, you were guaranteed to get something.  So, what is an investor looking for, and how can you increase your chances of getting some funding? 

Well, I came across an article that actually takes the opposite approach, and instead, points out the warning signs that a VC or PE looks for.

So what are they?  Here we go:

1)     Hiring from the Dark Side:

In simpler terms, this means that a company has hired an individual(s) who have been illegal, hard-core hackers in the past (hence the name “Black Hat”), but now have turned over to the good side. Who knows why they do this, but businesses want to scour up these individuals in order to have access to their knowledge and hacking skills.  Unfortunately, VCs and PEs don’t look at this away.  They simply will not invest in a startup that has hired these kinds of individuals.  They simply don’t want their good name associated with anything illegal that may have happened in the past.  I can see where they are coming from on this, after all, they are potentially investing a lot of money, and don’t want anything bad to happen.  But I don’t agree with this. To me, what has happened in the past stays there.  You have to evaluate what the assets you have now, and everybody deserves a fair chance to prove their worth.  What I would tell a VC or PE is that you are taking a risk in other areas of the transaction, so why are you afraid of this one?

2)     Stop the bells and whistles:

This goes back to what I said before.  Cyber startups need to come up with something solid, whether it is a product or service.  In other words, just don’t chase what is red hot at the moment, because given the ever-changing dynamics of the Cyber Threat Landscape what is red hot today could turn out to be ice cold tomorrow, to varying degrees.  Also, make sure that your new product or solution actually meets the needs of your existing customer base and prospects.  Sure, this could take some market research, but if you want to get that funding or be acquired, you need to do this.  VCs and PEs are looking at this very heavily now, especially from a business model standpoint.  They all know it will take time to get something to market and to start making money off of it, but they want to see that the potential actually exists, and that could be something viable.  Some of the areas that they are interested in are services surrounding the Cloud, the Remote Workforce, and especially given today’s times, the Zero Trust Framework.  Cyber vendors are also notorious today for creating solutions that creates alerts and warnings for the Cyber team, but that is fay as they go.  They do not make an attempt to actually solve a problem. This is yet another key area that VCs and PEs look at, as they think that this will give them a differential advantage in the marketplace after the acquisition has been complete.

3)     Hiring former government or military personnel:

For some reason or another, VCs and PEs will not invest in a start up that is run by individuals in these backgrounds.  Honestly, I don’t why.  They simply feel that they do not have the real-world experience.  But IMHO, this is the most ludicrous statement ever concocted.  For example, I have had the honor and privilege of interviewing many ex-government and military personnel who have started their own Cyber companies, and are quite successful at it.  If I ever reach to the point where I can invest in a Cyber startup, I would rather spend my $$$$ on a startup headed by these kinds of individuals rather than some kid right out of Harvard or MIT.  These people have the discipline to get things done, and have even deeper levels of experience, given any covert work they may have done for the government.

4)     Creating solutions that are not defensive in nature:

This is yet  another one I cannot quite understand.  Simply put, VCs and PEs will not invest in a Cyber startup if there solutions and/or products are offensive in nature.  In other words, forget about developing the next generation of Penetration Testing Tools, but instead come up with a softer version of it, one that is defensive in nature. To me, this does not lead to a proactive approach or mindset which is so badly needed in Cybersecurity today.  If it was me, I would much rather invest in a company that is developing solutions that will help businesses take this kind of approach when it comes to building up their respective lines of defenses.

My Thoughts On This

So long story short, if you are Cyber startup, and want to receive some sort of VC or PE funding, or even want to be bought out for that matter, go back to the traditional ways of creating something.  Find something you are passionate about in Cyber, and then go from there. 

Your passion will be your guide in building something that can not only meet the needs of people, but will be attractive to investors as well.

Perhaps just a build a better mousetrap to get started with.  And don’t forget this one cardinal rule:  Always provide great customer service.  With all of the technological advancements that are happening today, people yearn for the days when life was purely simple and straight. 

They are sick of bells and whistles.  Deliver something of quality and value that could meet their needs, and you will be all set.

No comments:

Post a Comment

Why Students From K-12 Are So Vulnerable In Becoming A Cyber Victim

  Whenever we hear about a Cyberattack or a security breach, we often think that the entity involved is a Fortune 500 company, or even a hea...