What's 🔥 in Enterprise IT/VC #216
Category creation in security + the one big hack, lessons from BigID - go small to go Big 🦄, not the TAM you start with but the TAM you grow into
In the security space when creating a new category, it can take years of chipping away one customer at a time and then with one massive attack, things can change quickly. Looking at our own portfolio at boldstart, I recall a number of events that served as catalysts to early market adoption. One of many of Snyk’s big moments was the Equifax hack in 2017 and the determination that the entry point was an unpatched server using open source software Apache Struts. For Security Scorecard, it was first the Target hack where intruders broke in through a HVAC vendor. Now this past week’s SolarWinds hack has once again put a 🔦 on the software supply chain.
In the security space, vendors have turned to cybersecurity scores — akin to credit scores — to reflect the risk level of specific tools. The SolarWinds breach will lead customers in the space to further prod the tools vendors implement, and what the reputation of those tools is like.
"If you're not asking the questions, if you're just grabbing tools and being too trusting, that's going to be the biggest flaw," Fizor said.
For BigID, now a 🦄 after its newest funding round led by Salesforce Ventures and Tiger Global, I remember Dimitri competing at the RSA Sandbox for top security startup the very day that Mark Zuckerberg was testifying to Congress on privacy issues. And that day, BigID won the contest which set off a wild ride of customer and investor interest. However, up to that point, it was crickets.
So how did BigID create a new market and become a 🦄 in 4 years? While there are many lessons learned, I’ll focus on the product. Looking back at our first meeting in August of 2015, 3 years before GDPR was passed, Dimitri Sirota and Nimrod Vax presented this:
And why security did not solve the problem
What they got right in that first pitch and even today is that you can’t protect what you don’t know. While their initial vision was a much bigger one to create a data intelligence platform, they knew that if they started with one of the basic but super hard problems of data discovery and correlating that to an identity, it could serve as the initial wedge from which to expand in the future. As Dimitri always said, privacy was disconnected from the data. And by starting small, BigID was able to go big.
4 years later, this discovery-in-depth still serves as the foundation of BigID and has expanded from PII to an even broader data intelligence category.
Reaching this milestone took a lot of hard work from the team: over the course of the past year, BigID also began shifting from a best-in-breed data solution for privacy to a data intelligence platform built on a foundation of data discovery for answering not just privacy questions, but also larger data protection and data perspective questions. We also got here by addressing secular trends like privacy (that require a new level of data transparency and accountability) as well as acceleration to the cloud – which requires new approaches to effectively inventory and understand the data you have in the first place.
While it was so tempting in the early days to expand the footprint, only during the last 12 months has the company become a true platform play with an app marketplace to boot. So founders, remember in your quest to expand your TAM (total addressable market) that you must first focus on the product and start narrow and targeted and go deep in solving a problem before you can go wide. 🚶🏼♀️ before you 🏃🏼♀️. Go small before you go big. Think about your initial wedge and what makes you differentiated and 10x better than what’s out there and only by focusing on that narrow pain can you get to build a big business over time.
🙏🏼 all for reading and please share with your friends and colleagues! Happy Holidays as well!
Growth PMs are one of the hardest roles to fill now and great 🧵 on what’s next
So agree on importance of talent and how it is getting even harder for companies with cash to bring on the best people
Founders avoid buzzwords…
Must read 🧵 on how Jay Simons scaled Atlassian GTM
On budgeting and goal setting…
👇🏼🤣 watch out Logan Bartlett, new sheriff in town and yes, Semil is spot on
Werner Vogels, CTO of AWS, shares his 8 predictions for 2021 - all with an AWS lens, of course - cloud everywhere meaning the edge and quantum becoming more of a reality
The Economist on “Wall Street’s latest shiny new thing: quantum computing”
Banks are also buying in expertise. Firms including bbva, Citigroup, JPMorgan and Standard Chartered have set up research teams and signed deals with computing firms. The Boston Consulting Group reckons that, as of June, banks and insurers in America and Europe had hired more than 115 experts—a big number for what remains, even in academia, a small specialism. “We have more physics and maths phds than some big universities,” jokes Alexei Kondratyev, head of data analytics at Standard Chartered.
Not an exact science but size of opportunity by company size/market segment - every company based on their product should adjust accordingly
Dev first investing is not for the faint of ❤️. Initial reaction when AWS enters your market used to be OH SHIT.
Now it’s more nuanced, as many times, it’s OH YEAH as AWS is amazing at creating new market demand. Case in point - chaos engineering is here in 2021 with AWS Fault Injection Simulator. This will surely be a rising tide for all.
Startups who are thinking right have designers as one of first 5 hires from day one
Blackstone’s Next Product May Be Data From Companies It Buys - been happening a long time and the appetite for alternative data is only increasing and industry will need more solutions to process that data with full privacy
Can’t wait for the new season!
Congrats to my friends at UiPath on their IPO filing - potentially a $20 billion+ company in the making with $500 million in ARR
Some 💎 on investing from Charlie Munger, Warren Buffet’s right hand man
"The single most important thing that you want to do is avoid stupid errors. Know the edge of your own competency. That's very hard to do because the human mind naturally tries to make you think you're way smarter than you are."
"You have to know a lot, but partly it's temperament, partly it's deferred gratification, you gotta be willing to wait. Good investing requires a weird combination of patience and aggression and not many people have it. It also requires a big amount of self-awareness about how much you know and what you don't know. You have to know the edge of your own competency, and a lot of brilliant people think they're way smarter than they are. And of course that's dangerous and causes trouble" - describing what makes a good investor.