Welcome to all of the new subscribers to The Cyber Why! We’ve had absolutely insane follower growth since the start of the year and it is all thanks to you telling your friends about us. We really appreciate you and can’t wait to send out the next piece of awesome content.
The Cyber Why content ranges from investing and business to technical analysis of markets and specific products. This is a post for all of the founders, company leaders, and cyber security executives out there that are trying to rapidly grow their business. Remember, there is no easy way to fast cash. There’s no free lunch via the world of growth hacking. PLG isn’t a silver bullet.
I have a love hate relationship with product led growth (PLG). I’ve told some entrepreneurs to do it and I’ve told others to stay away at all costs. When PLG works it can completely disrupt and take over a market. When it doesn’t work your entire business can fail on the back of your misguided attempts to gain traction.
In the last year or two I’ve seen what I would consider to be an unhealthy obsession with PLG rising in the ranks of cyber security businesses. Everyone wants to build the next best PLG based business and destroy the competition. It’s a great ambition to have but it’s a lot easier said than done. A while back I threw out a snarky tweet on the topic:
A successful go to market motion isn’t just “Hey we’re doing PLG!”. The success of a GTM motion requires synchronization of multiple pieces of a very complex system. Your product, sales engine, marketing efforts, and the overall business all have to support a GTM motion for it to be even remotely successful. In general, I’ve found that most people don’t think of it this way. My good friend Adrian Sanabria (@sawaba) had a wonderful comment to go along side my snark:
Let me double click on each of the respective points that Adrian is making above and see if I can help you decide if a true PLG based GTM is right for your business.
The Right Company — I’m going to take some editorial liberties with this bullet and say that what matters is that you are in the right “market”. Specific markets are better suited for PLG than others. For example developer targeted markets are more likely to be successful than cyber security markets simply because the target “user” number is orders of magnitude larger. For PLG to win you have to be targeting the right “market”. The number of individual people you can target has to be MASSIVE. Anything smaller than that and you will fail.
The Right Product — The product has to be properly built and designed to demonstrate rapid time to value in a zero friction user focused environment. If you don’t have that (and MOST cyber security companies do not have this) you will end up spinning your wheels as users enter and rapidly churn out. If they can’t find value immediately and with zero friction they are gone for the foreseeable future.
The Right Timing — Sometimes the best PLG fit company can still fail. There are lots of sprockets in the complex system that is a company and market demand, competitive dynamics, and customer appetite for self service waxes and wanes over time. Timing the launch of a PLG motion is not a trivial task but you should consider when you want to launch the offering in market and do your best to make sure you get the traction you need.
The Right Founders — I could talk about founder market fit all day long. It’s difficult enough to build and create a product that serves a market, if you add a founder that doesn’t have the correct reputation and visibility to the buyers it makes the super early stages of a startup extremely difficult. Most early stage growth is on the back of the networks of the founders, advisors, and investors. This is one of the reasons why investors look so closely at the founders when making early stage investments. PLG will fail without the founders having a large following and respect of the target buyers AND users. This can be built up over time with the correct executive brand marketing efforts but it’s better if it already exists from the start.
The Right Designers and Engineers — Building a product is super hard! Building a product that has a stellar user interface and user experience is damn near impossible. I personally believe that almost every cyber security market could (and should) be disrupted simply by creating a product that is 80% as good technically as the incumbent vendors but has an impeccable user experience. That is the level of user experience that is required for PLG to function and return the maximum business value. Bring the users in, onboard them, and give them an immediate time to value. If you can’t do this then don’t do PLG.
The Right ICP — It cannot be said enough, the ideal customer profile (and specifically the ideal USER profile) must be understood for PLG to be effective. If you don’t find the right users with your GTM effort you will never gain traction for PLG. When looking at the customer and user profiles, make sure that there are enough of them. Make sure that they are reachable. Make sure that they will be interested in what you have to offer. From there it’s an exercise in marketing execution to draw them in.
In general I think the obsession with product led growth has gone too far. It’s a fad that every single company, no matter the specific details of the product, market, company, people, and users, are trying to take on. Be smart about what you are doing when it comes to PLG. Think about it and understand the impacts that type of GTM design will have on your business. Is PLG truly something you can be successful with given the tools in your tool box or should you try some other method of gaining traction. PLG isn’t for everyone — make a smart decision and don’t blindly follow the trend.
If you’ve made it this far you either found my musings at least semi-entertaining OR you enjoy pain and kept going regardless. No matter how you made it to this point, you should know that I appreciate you. Please do me a solid and share The Cyber Why with your friends. I would love to reach a bigger audience and referrals is how I’ll do it. Help me out and I’ll see you next week!
In hindsight, I think I could have included one more thing: "the right pricing". PLG and the consumerization of enterprise/IT/security/etc demands that the sales cycle can exist with minimal, if any sales team interaction. For the product to lead growth, that cycle needs to be extremely small (days or weeks) with an entry-level price that comes in well under the amount that triggers CFO/procurement involvement, or a freemium tier, or a pull-out-a-credit-card subscription model.
The reason I mention this is that it tends to *immediately* exclude 95%+ of the security market, which tends to take the "build for the rich early, trickle down to the poor later" GTM approach. That means aiming for 5 or 6 digit deals with long sales cycles, filling out SIGs, POCs - all stuff that's generally incompatible with a PLG approach.