Post on 31-Aug-2014
description
http://www.michaelrwolfe.com
michaelrwolfe
michael.wolfe@stanfordalumni.org
Innovation as applied to early stage startups
Our journey todayThis is the story of a successful B2B Silicon Valley startup launching a new product into a new market. !
I will talk about how we validated the idea, designed the solution, and how we successfully grew and exited the company.
I've seen the story many times
As a founder, exec, or advisor to a bunch of startups !
The same recipe doesn’t works twice, but patterns emerge
Let me take you back to 2002
The economy wasn’t so hot
"e-business" is still new
Companies still reasoning about risks and opportunities
Enter our intrepid band of tech dudes
Joseph Ansanelli, CEO!• Multi-time founder/CEO, Apple, product
management and marketing
Kevin Rowney, CTO!• Security Architect, Netcentives
Michael Wolfe, VP Engineering!• Several startups, Entrepreneur in
Residence at Benchmark Capital
Kevin’s experience leads him to an insight
Companies spend a great deal of money keeping bad guys out of their network
• Firewalls • Intrusion detection • Anti-malware
But insiders who has access to the network can easily take data out of it
• Via email, chat, web posts • Via thumb drives, DVDs, or
laptops • Either accidentally or maliciously
A kernel of an idea
Build software that allows companies to prevent the loss of confidential data from the inside
It might seem obvious now
• Legal risk • Reputational risk • Regulatory
compliance • And other Truly Bad
Things
!
But was it then?
Did we do this?1. Raise venture capital
2. Hire some engineers
3. Build the product
4. Hire marketing and sales people
5. The product flies off the shelves
6. IPO!
It doesn’t work that way
The graveyards are full of startups with products that
customers "should have
wanted"
It usually goes wrongToo early - there will be a market, but not yet
Too late - competitors already addressing the problem, or customer has workaround or internal solution
Not a "top 3" priority for the customer
Building the wrong feature set Product can’t be built or is delayed!Pricing, messaging, and distribution never figured out
The industry has gotten smarter about this
Growing recognition that startups are completely different than established businesses
A startup is an experiment
• Form hypothesis • Find fastest/cheapest
way to validate hypothesis
• Test and measure • Adjust, «pivot» if
needed
I will walk through our:Questions
What were the most important questions we had to answer
!
Validation How we got the answer to each of those questions
!
Learnings What we learned and how we adjusted
Question #1: !
Do companies care about the loss of confidential data enough to invest in this market?
Careful before you say "yes"
When is the last time you sent an encrypted email?
Pre-product validation
• Get meetings with potential customers • Interview them on their problems and desired
solutions • Show them mock-ups, examples, anything
tangible that will get them talking • Ask for follow-up meetings, repeat
Getting the meetings• Work your personal network • LinkedIn, Twitter, comment
threads, blogs • Put up a landing page, drive
traffic, gather names • Cold call, email, twitter - be
persistent
!
Requires "hustle" and may be painful or uncomfortable
Getting them to respond• Be clear it is not a sales call • Flatter them - you want their feedback and
advice • Entice them with the opportunity to work with
a cutting edge company - more interesting than their usual meetings
• Meet them anywhere, anytime • Ask for a short amount of time - they’ll give
you more if they are interested
Running the meeting
• Listen, listen, listen • Don't try to "sell" your solutions • Ask open-ended questions • Bring screenshots/slides/mockups - get their
reaction • Close them on another meeting
Sample questions
• “Talk us through your top priorities and projects”
• “Tell us about your existing infrastructure” • “Have you experienced this problem” • “How are you solving this problem today” • “Force rank the following capabilities” • I'll show you some prototypes - give me
your reaction”
?
What we heard
"This is something we'd seriously
consider"
"We have been building homegrown solutions to address
this"
"We are talking about this problem at the
board level"
"We’d try it if you built it. Put us on your beta
list"
Takeaway: !
It is never too early to talk to customers. !
If you can’t reach customers now, why do you think you can reach them later? !
Build the company alongside a few key customers.
Then we raised money• We raised a $5M series A financing
based on this feedback. • Normally you’d raise later than this, but
we already had firms predisposed to give us money.
• Today it would be typical for a company to get much further along before raising a round
• Cloud computing and low-cost distribution channels allow companies to get much further along before raising
Oh, we also named the company
Next Question: !
What customer segments care the most about the problem?
Which verticals?
• Technology • Oil and Gas • Entertainment • Financial services • Manufacturing • Automotive
What tier?Start at large companies!Larger budgets
Most public scrutiny
Largest amount of data to protect
“Name brand” references
!
!
Start small, build up!Less demanding
Shorter sales cycle
More innovative
Gain experience before going big
What we learnedThe strongest feedback came from large companies in regulated industries
In this market, the larger companies were more, not less innovative
Drivers were regulatory and reputational risk.
“Keep me off of the front page of the WSJ”
What we did
Laser focus on large companies in regulated industries, primarily protecting customer data
De-emphasized the rest and even ignored some smaller companies that came to us ready to buy
This focus meant we would lose deals that weren’t in our sweet spot
Takeaway: !
Focus, focus, focus !
If you try to help everyone, you will help no one !
This means losing business !
And that’s OK
Next Question: !
What kinds of data do customers care the most about protecting?
Data types• Employee data? • Customer data? • Intellectual property? • Strategic plans? • Financials?
How we found out
• Built trust with prospects • Spent time with them as they walked us through
actual internal breaches and their costs • We showed them several kinds of policies and
got their reactions to each • Found that almost everything they talked about
had to do with consumer PII (personally identifiable information)
What we did nextWe pivoted away from an earlier idea - tagging emails and documents
We focused instead on one that could identify and protect large databases of consumer data
Contrarian move - at the time DRM was the next new thing
Next Question: what threat do companies care the most about?
• Data escaping via outbound email
• Data escaping via web posts / web mail
• Data escaping via FTP, P2P networks, other internet file transfer
• Data escaping via thumb drives, DVDs, and lost laptops
Do they want block incidents or simply monitor + notify?
Block!
Prevent the incident from happening
Avoid cost of the incident
Provide assurance to customers
!
Monitor!
Less disruptive
Less expensive
Allows education and policy changes in response to incidents
Our minimum viable productWe did Not
Focus on data loss Malware, anti-porn, URL monitoring
Focus on customer data Documents, intellectual property, financials
Email only Webmail, thumbdrives, FTP
Monitoring only Endpoint blocking
Tools for remediation Simply logging them
Great reporting Reporting as afterthought
Focus on large companies Sell to anyone with money
Some competitors did “more“ but ended up losing
What happened next• Responded to an RFP from
Bank of America
• Focused and won the deal
• ~$500K, over time grew to several million
• Needed to promise several near-term features to win the deal
• Made them referencable and a champion
Takeaway: !
The “minimum viable product” can often be way more minimal than you think. !
Do a few things, and do them right. !
Customers will want more, but if you are solving an important problem, they will be patient.
Example MVPs• Created an “explainer video”
demoing the product, got > 100K signups, didn’t ship product until 18 months later
• Went to shoe shops, took pictures of shoes, put online. When people ordered, went back to shop to get shoes.
• Started with one plane and one route. Perfected their system and then expanded
Would you ship a phone without cut and paste?
Other things we learned
• Opportunity to sell high - to the CSO/CIO level • Bring in experienced enterprise sales reps • Partners were not a large factor - we had to
evangelize/sell ourselves • Employees with security experience often did
not do well in the company
This sure helped
Expanded to more verticals
Added products
We obsessed aboutTeam - Putting tons of time and money into recruiting, and removing bad hires Training and team building - constant trainings and company events Transparency - everyone at the company had access to almost all information Customer success - making them reference able and our champions Planning and forecasting - quarterly replans, goals and objectives
Grew and grew2003 - $500K in bookings, 1 customer
2004 - $3.5M, 7 customers
2005 - $13.5M, 30 customers
2006 - $27M, Europe office
2007 - $50M, 175 employees
!
FTW
Key takeaways
• Validate, validate, validate • Build your product with customers. Seek face
to face meetings, not just metrics • Seek focus • Get an MVP to market as quickly as possible
and then iterate!• Obsess about people
http://www.michaelrwolfe.com
michaelrwolfe
michael.wolfe@stanfordalumni.org
Questions?