PLG Clapback - PLG is RIGHT for Cyber Security
A guest post from Steve LaChance - Founder at discernr.com
I love debate. Open and respectful discussion is what brings drastic improvement to what we are all working on day in and day out. To that end, I recently had a chance discussion, while at a bar in DC, with Steve LaChance from discernr.com on the efficacy of PLG. The brief encounter was the impetus for me to write my “Fallacy of PLG” post. In the spirit of healthy discourse, here is a “Clapback” piece from Steve that drives home some great counterpoints! Thanks, Steve, for taking the time to write this for The Cyber Why!
This guest post is written by Steve LaChance - Founder at discernr.com
You should know now that I am a strong advocate for the Product Led Growth (PLG) strategy. In fact, I like it so much that I wrote the book Marketing for Product-Led Growth to dispel fears while providing a roadmap for implementation. You can claim a 95% discount on that book just for reading The Cyber Why at this link www.discernr.com/tcw
I'm also a big advocate of the clapback. So after reading Tyler's piece on the fallacy of PLG, I felt like he threw down a gauntlet… so I chose to pick it up.
Let’s get into it.
What IS product led growth and is it for you?
The PLG motion focuses on leveraging the product itself as the primary driver of customer acquisition, engagement, and retention. Deliver value at zero cost, and start doing it at the earliest stages of marketing.
Or simply put, it’s a self-service contributor to your funnel.
This is a departure from traditional marketing, which focuses on advertising and brand reputation as primary drivers of growth. The goals of which seem to be collecting more burner emails, more phony numbers, and more useless LinkedIn followers.
There are many benefits to the PLG approach, including:
A more efficient use of time and capital thanks to less investment in, "Smile and Dial" outbound tactics
The ability to generate and qualify leads directly from the product (instead of through the “Write, Watch, and Pray” content approach)
A deeper understanding of customer needs thanks to activity tracking, which helps you refine your offering
And for the investors - Improved net dollar retention, increased average lifetime customer value, and delighted users
Even with those benefits, here are three things to keep in mind:
PLG isn't right for every product. You'll know where your product stands by the end of this piece.
Initiating PLG steps in the correct order (see below) will result in a net gain for your company (and career) even if you never get to "viral."
PLG will not, should not, and cannot replace the sales, marketing, or customer success functions in your company.
Again, PLG is a self-service contributor to your funnel. Think of it as the monumental task of implementing B2C tactics for B2B users.
Don’t abandon all hope yet because I have a framework you can use.
The PLG Hierarchy of Realities
To frame up the “correct order,” I created this hierarchy of realities you need to address (or construct) for even a slim chance at success. We’re starting at the bottom and layering up.
You need Product Market Fit
Product Market Fit (for PLG) is solving a real problem that individual contributor buyers address daily, in a growing market, where the needs of the user are articulately defined, and in such a way that you capitalize on a flagrant competitive shortfall.
If you have product market fit you're now better off than 95% of companies lurching from round to round. All levity aside, that’s a huge deal and congratulations.
Abundance of Potential Users
Next up, you need a “metric s*** - ton” of potential users. Think millions. Not one million, but several millions. What if you can only address a market of hundreds of thousands? Expand your pool of users by solving more granular problems.
For example, instead of saying your product improves security posture, optimizes spend, and protects from breaches think about shifting the deliverable towards something like:
Respond to Cybersecurity Incidents
Manage Firewalls
Maintain Continuous Compliance
Tech-stack Patch Assurance
The big question is: what roles in cyber security are there a LOT of and could be labeled as Practitioner? Then map out what those people do and write it down.
Here’s a handy Jobs-to-be-Done chart for you to steal leverage when starting out
The jobs to be done at the top of the pyramid are for the C Suite. There just aren't enough of buyers here, so aim lower. Lower than the middle. Aim for the bottom, where real work gets done! Which leads us to the third reality to face.
PLG relies on a bottom up adoption movement.
Bottom up is best, lateral is a stretch, top down adoption is better suited for a sales-led motion. If your product's value is a nebulous definition of security instead of concrete measurable outcomes....PLG isn't your next best step.
Bottom up adoption only works when the value you're delivering is obvious. I call these Conspicuous Value Experiences, and your user should be experiencing them before signing up, while testing your product, and every time they return to have their daily problem solved.
To make these CVE's available for free requires a frictionless self service motion with a free trial, freemium, or trial loop mechanism. And to generate new users with the product, it's critical to build a sharing option that actually makes sense for the user. Something that organically brings more of their team into the product.
Most people incorrectly assume that PLG is as easy as slapping a self signup button with a free trial on the website and, "Viola," next stop is annual vacation in Ibiza.
Overnight success takes years so don't book your tickets just yet.
Why make a change at all?
Traditional marketing and sales tactics are no longer enough to achieve sustainable growth on their own. At least not with user group like cyber security practitioners. Security professionals are by and large what’s known as skeptical pragmatists and they are exceedingly competent in the art of escaping funnels as we currently know them.
The PLG strategy shifts the focus from outbound tactics, such as cold-calling and advertising, to inbound tactics, such as creating a product that is so valuable that users naturally spread the word to their peers. "Valuable" in this case equates to:
Solves a mission critical, if tedious, problem in a repeatable way
Works well enough that referrers will get a boost to social and professional standing by sharing within their peer group
Is so relatively inexpensive that the purchase decision is a hand-wave at the individual contributor level
PLG is not just a marketing strategy, it's a business strategy. By putting the product at the center of the growth engine, the entire organization is aligned towards a common goal: creating a product that is easy to find, easy to try, easy to love, and that users can't live without.
PLG also allows for a more efficient use of resources. Instead of pouring money into expensive acquisition tactics, the focus is on continually improving the product to drive organic growth and creatively uncover ways to communicate value conspicuously. This approach is not only more cost-effective, but it also leads to a more engaged and loyal customer base.
Sounds risky
Is it hard? Yep. Can you fail? Of course. What if it's impossible? If PLG is impossible in cyber security you won’t know for sure until after confirming product market fit, simplifying your value prop message, expanding your potential user base, improving your onboarding process. The end result is an all around better product and confirmation that you don't need to worry about a competitor using PLG to eat your market share.
That's a lot of tallies in the win column. If you have any questions on any of this feel free to shoot me an email or set up a call.
Great points. I’m also an advocate of PLG.
Great Points. I am moving from a large corp to a startup that has chosen to go with PLG. I love the approach you outline here. Food for thought for sure...even for those are sales led.