Cybersecurity is more critical than ever before. As we continue to WFH and shift to remote work models, the rise in cybercrime has reached unprecedented levels. In 2021, the breadth, depth and sophistication of data breaches reached an all-time high.
In 2021, a joint report from IBM and the Ponemon Institute noted that the average data breach now costs close to $5 million, a roughly $1 million increase over 2020.
So, the question remains: How can cybersecurity professionals develop a successful business that provides a better, more secure product?
1. Combine existing solutions into a single service.
Cybersecurity is evolving rapidly, which is both good and bad news. Some security measures are keeping pace with cybercriminals, but the problem is there are simply too many niche products that only solve a single issue.
The more software businesses must manage, the harder it is to successfully maintain proper security. Look no further than the FBI’s 2020 Cyber Division report that outlined a fourfold increase in cybersecurity breaches to drive this point home.
The logical convergence of these issues is for IT services to offer a trusted, all-in-one solution that can be managed by a small in-house team or outsourced to a reputable provider.
2. Prioritize protection to better utilize company resources.
It’s easy for companies to become paranoid and overspend on security measures that may not provide the results they need. Benchmarks show that the average cybersecurity budget is about 6 percent of the annual corporate budget, so allocating resources effectively is critical.
Before making any changes to your business model or recommending changes for other corporations, stop to think. Prioritize which data is most valuable, and determine which data is most vulnerable. The consequences of theft are severe, but spreading resources too thin makes the problem worse. Prioritizing protection helps you put resources precisely where they’re most useful.
Cybersecurity solutions must be customized to your industry and needs to be effective. Otherwise, you’ll end up running around aimlessly like the proverbial chicken with its head cut off.
3. Match investors to your business development plans.
Venture capital firms are going all-in on cybersecurity investments. While investments slowed in 2020, they surged to a record $9 billion in the first half of 2021. However, even in 2020, approximately 45 percent of total early-stage investments were made in the cybersecurity arena.
Investors may indeed require more convincing to feel confident in a new cybersecurity product, but the fact is that the money is there for startups willing to do the work.
Don’t fall back on the shotgun approach to investment. Wait to find investors who match your market and current business development plan. For example, if you’re developing in the American market, look for American funds. If you’re starting in Europe, find European funding.
Focusing on a single market increases the likelihood of success. Speaking from experience, if you can succeed in one market, it will earn your company recognition in the more demanding global market.
In my opinion, the one caveat to this rule is that American startups may also consider seeking Israeli funding for cybersecurity ventures. Israel and the United States have longstanding ties, and Israel is also a leader in technology and cybersecurity solutions. A 2020 report shows that the United States and Israel were responsible for almost 90 percent of cybersecurity venture funding for the year.
In fact, when it comes to cybersecurity investment funding, Israel is a close second place to the United States, with roughly $2.7 billion raised over the past decade.
4. Consider the country-specific circumstances that contribute to cybersecurity development.
This particular insight follows hand-in-hand with focusing development efforts within a single market. Where is your business getting its start? Cybersecurity professionals must understand the industry as a whole to succeed, but they must also intimately know the needs of their country’s market.
For instance, eastern European countries have vastly different expectations and requirements for cybersecurity than Southeast Asian countries or North American countries.
In eastern Europe, there are minimal financial consequences for businesses that experience a data breach. Companies may face a fine and a temporary loss of consumer trust, but these cases are often forgotten quickly, and everyone moves on.
However, in the United States, data breaches come with far more severe financial and reputational losses. Companies that fail to protect client data risk substantial monetary losses, so American companies are far more likely to jump at an opportunity for services like risk insurance or more complex cybersecurity solutions.
Risk insurance is particularly attractive to markets like the United States, where mitigating financial losses is a top priority. Current predictions of the size of the global cyber insurance market suggest rapid growth will occur over the next five years, with the total market size increasing from around eight billion U.S. dollars in 2020 to just over 20 billion U.S. dollars by 2025.
Consequently, when you launch a cybersecurity product in the U.S., it is easier to explain its value to customers. After all, such insurance only covers financial risks, not reputational risks, the importance of which in the United States is paramount.
These differences highlight how important it is to know the country-specific challenges and consequences of cybersecurity. This allows you to formulate an attractive and viable product with an effective marketing pitch.
Additionally, once the company grows beyond its initial market, be sure to do regional research before promoting your solution so that you can tailor your pitch to suit that market.
5. Remember that your cybersecurity team is playing chess, not checkers.
In chess, there are many pieces that all serve a specific function. In checkers, the pieces are interchangeable and generic. In my opinion, it’s unhelpful to hire a team of people who all have a similar skillset (i.e., checkers pieces) because there will be nobody to fill in knowledge gaps or cover blind spots.
For example, the head of your team should have a broad and deep knowledge of the technology, landscape and competition. However, they don’t necessarily need to also have the ability to sell the product in layman’s terms. You can hire someone different with the skills and charisma to translate complex jargon into an engaging, understandable marketing pitch. This is how you “play chess” with your team.
I recommend thoroughly checking each person’s past employment and professional reputation first. This ensures they have the necessary industry clout to be an asset to you.
Personally, I prefer to hand-pick people for different positions, and I like to make sure they are ideally suited to the job. One person may be hired because they are ideal for sales, and another might be added to the team because they have the perfect skills to be an outstanding developer.
Remember That Founders Must Be Leaders
These insights are only helpful to leaders with vision and commitment. Anyone hoping to build a successful business must not only pay keen attention to industry trends but have a deep well of passion, inspiration and motivation to draw from, even in the face of possible failure.
If you know your market better than the competition, find investors who believe in you and choose your team wisely, you will be set up for success.
About the author
Sergey Voynov, CEO & Founder of G-71 is a serial entrepreneur in the booming cybersecurity industry and the founder of several successful companies EveryTag and G-71 with an annual turnover in excess of $2 million. Sergey has been working in IT since 2001. He started as a consultant and project manager, then worked as a top manager of several large and international companies, such as Robertson & Blums Corporation, Microtest and others. He then founded his own cybersecurity company EveryTag in Europe and followed by G-71 in the US. Today, more than 110,000 people use solutions developed by Sergey’s companies. Among Sergey’s clients are the world’s largest oil, energy and industrial companies, as well as medical and legal companies that work with sensitive information.