How to get to the finals of the international cybersecurity accelerator
In the spring of this year, we underwent a serious selection in the international accelerator competition in the field of cybersecurity, Security Startup Challenge, organized by Kaspersky Lab together with the funds of Mangrove Capital Partners (which invested in Skype and website designer Wix) and ABRT Venture Fund.
SiteSecure.ru has become one of 40 information security projects that were supposed to change beyond recognition within three months and show that they are viable. Only 11 projects reached the final, which included our team: we became the only accelerator project on cybersecurity from Russia. In this article I will tell you how we did it.
First I will talk about what the Security Startup Challenge is.
')
Kaspersky Lab, together with the funds of Mangrove Capital Partners (who invested in Skype and Wix website builder) and the Russian ABRT Venture Fund, launched this year the first accelerator-competition, Security Startup Challenge. The purpose of the event is the selection of the best startups in the field of security, who will share the prize $ 80 thousand. The winner gets $ 50 thousand, the second and third-placed projects are $ 20 thousand and $ 10 thousand, respectively.
In addition, Kaspersky Lab could offer cooperation to interesting projects, which is very, very valuable.
As far as I know, more than 200 applications from all over the world have been submitted for participation, of which 40 have completed primary screenings and participated in the accelerator program.
SSC Accelerator doesn’t have the word “competition” through a hyphen, the selection of projects didn’t stop there - the selected projects needed to constantly test hypotheses and adapt to the market and the resulting insights based on the test results. For this projects received from the experts and their mentors points.
A few words about testing hypotheses within the SSC: we described the hypothesis, indicated the current indicator (the hypothesis must always be measurable) and the expected, plus the period of testing the hypothesis. At that time, we already had experience of testing hypotheses in the Accelerator of IIDF , where it is done using HADI-cycles (HADI - Hypotesis - hypothesis, Action - action, Data - data, Insight - conclusions). In simple terms, to test the hypothesis, it is necessary to formulate it, perform certain actions, obtain data and draw conclusions. In the Accelerator of the IIDF, the term for testing a hypothesis is initially set as a week, but not always this required term is observed by the projects. This experience helped us quickly test hypotheses within the SSC framework.
The SSC acceleration does not require the presence of the founders of the project at any physical site (as it was in the Accelerator of IIDF), lasts three months and consists of monthly bootcamps (face-to-face meetings with projects) and weekly Skype calls.
There were two Butcamps, they were held in Luxembourg in late May and early July, and included training sessions and expert sessions. Their goal was to provide selected projects with expertise (experts from different parts of the business - sales, marketing, development, etc.) and to conduct face-to-face hearings of start-ups, where they talked about the results achieved, proven hypotheses and insights received.
Below is the photo of our technical director, Vlad Andersen, just in Luxembourg on the first bootcamp (he thinks how to technically implement hypothesis testing)
Between the bootcamps, we worked in our office in Russia, where we talked with experts and our mentor on Skype every week. It was necessary to tell what was done over the past week, what results were obtained from testing hypotheses, and what we are going to do with all this next week.
The essence of such weekly Skype calls is to track the speed of development, to find out if the company is moving in the right direction, and to give recommendations to the founders for further actions.
This is similar to the traction rallies that FRIA conducts for its projects, but with the only difference that the SSC Accelerator does not need a full-time presence, and the projects are given more time and attention (an hour per week for a conference call with all experts and unlimited time with a personal mentor), as they eventually become less and less. For comparison: in the Accelerator of the IIDF, traction meetings are held by several experts in person on Saturdays, while other projects are also present at the meeting, which allows you to get feedback from them. With the individual tracker, the same team meets in person during the week.
According to the results of the traction rallies, the experts and mentors of the SSC gave us and other projects scores on a ten-point scale. According to the sum of the average ratings of experts and mentors on full-time bootcamps in Luxembourg, projects were determined that could go to the next “round”. After the May bootcamp, 20 projects left the accelerator, and after July, another 9 projects. As a result, only 11 projects reached the final, including us - SiteSecure.ru.
I cannot be 100% sure why our project was selected: the SSC does not fully disclose its criteria. But I can guess. First of all, the matter is in the very specifics of our project: it is suitable for SSC by profile.
SiteSecure is a cloud service for protecting sites from losses and downtime caused by Internet threats. First of all, our service is designed for owners of commercial sites and internet marketers who do not have the proper level of technical knowledge and time to protect the site. All product positioning is aimed at them - starting from the ease of connecting the site to protection (this requires simply specifying the site address, no code installation on the site), and ending with notifications for problems that have been identified and solutions to them turnkey.
Secondly, unlike other products and services to protect the site, which are aimed only at one specific issue, we initially focused on comprehensive protection, combining the necessary security tools in a convenient interface, since Something one does not solve the problem. It was liked by the experts and mentors of the SSC.
Prior to the acceleration, we already had a working partner network of web studios, agencies, CMS developers and hosting providers, a steady stream of monthly revenue and several thousand regular customers.
Acceleration of the IIDF helped us achieve such a start before the start of SSC, which taught us effective hypothesis testing techniques, tools for focusing on tasks and extensive connections in the Russian market.
A year ago in FRII and now at SSC we were helped by the fact that all members of our team have extensive experience in the information security market at Acronis, InfoWatch, Kaspersky Lab, and B-152, which we, together with the same team, developed and brought to breakeven.
We came to the beginning of SSC with the understanding that our solution really solves the pain of a business that has websites for attracting customers. In addition, we knew that scaling the service and the client is quite easy, due to the well-thought-out architecture and business logic of SiteSecure.
That is why we clearly understood that through the SSC we open the way to the international market.
Looking back and analyzing the events of the last three months, I can say with complete confidence that we have become better. And as a team, and as a solution to protect commercial sites, and better in terms of understanding the target audience.
In more detail about the errors that we made, I will describe in a separate material.
I will not go into details, just give a list of what we have changed based on the results of tested hypotheses, and what
Looking at this list, I understand that we really tested a lot of hypotheses.
As we were told from the very beginning, experts and mentors: in order not to remain outside the acceleration-competition, we need to show how quickly we can test hypotheses and use the insights obtained for qualitative and quantitative changes.
Over the past three months of the accelerator, we have tested more than 25 hypotheses related to the problem being solved, the target audience, value proposition, attraction channels and the product.
In addition, each hypothesis had to have some rationale and ambitious goal: to test the hypothesis for the sake of the hypothesis or hundredths of a percent increase in conversion was meaningless. Not the first time, but we learned to formulate clear hypotheses .
Besides the fact that it was necessary to learn how to formulate clear hypotheses, it was necessary to quickly check them and make correct conclusions. Many projects that participated with us in the Security Startup Challenge did not always succeed. We also made mistakes, but tried to fix it quickly. Sometimes, after setting the hypothesis, we managed to start testing it in a few hours, although this required the need to completely shovel the product and use absolutely all team members.
Also note that we had to become very flexible . Besides the fact that we tested many hypotheses and changed the product for this, the bulk of the business was profitable and had to be serviced.
For greater flexibility, we “separated the wheat from the chaff” and learned to prioritize operational tasks and tasks related to hypothesis testing.
I will make a reservation that such flexibility was not easy for us - to restructure your thinking is a very difficult task. It is also not the first time, but somehow thinking was able to rebuild and become flexible.
And the last thing that, I think, influenced our high marks and helped us reach the final - the ability to listen to external advice and focus on the results of hypothesis testing . Sometimes (especially when every project participant has success stories and acceleration programs already completed), it seems that we know everything and can figure it out ourselves. Even when the brain did not want to agree with the results of testing hypotheses (and this was - our understanding changed dramatically several times), we were able to pull ourselves together and accept the data as it is.
During the SSC, we were able to see how projects with cool and high-tech products flew out of the competition due to their inability to quickly restructure and work at an accelerated pace. At the same time, projects with an average product could bring the product and business indicators to a new level due to fast and well-coordinated work of the whole team and quick testing of hypotheses.
Therefore, the ability to quickly change, make decisions and correctly formulate your goals means a lot to the project. Great product and success will be rewarded for it.
SiteSecure.ru has become one of 40 information security projects that were supposed to change beyond recognition within three months and show that they are viable. Only 11 projects reached the final, which included our team: we became the only accelerator project on cybersecurity from Russia. In this article I will tell you how we did it.
First I will talk about what the Security Startup Challenge is.
')
Security Startup Challenge - what is a program
Kaspersky Lab, together with the funds of Mangrove Capital Partners (who invested in Skype and Wix website builder) and the Russian ABRT Venture Fund, launched this year the first accelerator-competition, Security Startup Challenge. The purpose of the event is the selection of the best startups in the field of security, who will share the prize $ 80 thousand. The winner gets $ 50 thousand, the second and third-placed projects are $ 20 thousand and $ 10 thousand, respectively.
In addition, Kaspersky Lab could offer cooperation to interesting projects, which is very, very valuable.
As far as I know, more than 200 applications from all over the world have been submitted for participation, of which 40 have completed primary screenings and participated in the accelerator program.
SSC Accelerator doesn’t have the word “competition” through a hyphen, the selection of projects didn’t stop there - the selected projects needed to constantly test hypotheses and adapt to the market and the resulting insights based on the test results. For this projects received from the experts and their mentors points.
A few words about testing hypotheses within the SSC: we described the hypothesis, indicated the current indicator (the hypothesis must always be measurable) and the expected, plus the period of testing the hypothesis. At that time, we already had experience of testing hypotheses in the Accelerator of IIDF , where it is done using HADI-cycles (HADI - Hypotesis - hypothesis, Action - action, Data - data, Insight - conclusions). In simple terms, to test the hypothesis, it is necessary to formulate it, perform certain actions, obtain data and draw conclusions. In the Accelerator of the IIDF, the term for testing a hypothesis is initially set as a week, but not always this required term is observed by the projects. This experience helped us quickly test hypotheses within the SSC framework.
The SSC acceleration does not require the presence of the founders of the project at any physical site (as it was in the Accelerator of IIDF), lasts three months and consists of monthly bootcamps (face-to-face meetings with projects) and weekly Skype calls.
There were two Butcamps, they were held in Luxembourg in late May and early July, and included training sessions and expert sessions. Their goal was to provide selected projects with expertise (experts from different parts of the business - sales, marketing, development, etc.) and to conduct face-to-face hearings of start-ups, where they talked about the results achieved, proven hypotheses and insights received.
Below is the photo of our technical director, Vlad Andersen, just in Luxembourg on the first bootcamp (he thinks how to technically implement hypothesis testing)
Between the bootcamps, we worked in our office in Russia, where we talked with experts and our mentor on Skype every week. It was necessary to tell what was done over the past week, what results were obtained from testing hypotheses, and what we are going to do with all this next week.
The essence of such weekly Skype calls is to track the speed of development, to find out if the company is moving in the right direction, and to give recommendations to the founders for further actions.
This is similar to the traction rallies that FRIA conducts for its projects, but with the only difference that the SSC Accelerator does not need a full-time presence, and the projects are given more time and attention (an hour per week for a conference call with all experts and unlimited time with a personal mentor), as they eventually become less and less. For comparison: in the Accelerator of the IIDF, traction meetings are held by several experts in person on Saturdays, while other projects are also present at the meeting, which allows you to get feedback from them. With the individual tracker, the same team meets in person during the week.
According to the results of the traction rallies, the experts and mentors of the SSC gave us and other projects scores on a ten-point scale. According to the sum of the average ratings of experts and mentors on full-time bootcamps in Luxembourg, projects were determined that could go to the next “round”. After the May bootcamp, 20 projects left the accelerator, and after July, another 9 projects. As a result, only 11 projects reached the final, including us - SiteSecure.ru.
Our state at the beginning of the program, and what we did during the acceleration time
I cannot be 100% sure why our project was selected: the SSC does not fully disclose its criteria. But I can guess. First of all, the matter is in the very specifics of our project: it is suitable for SSC by profile.
SiteSecure is a cloud service for protecting sites from losses and downtime caused by Internet threats. First of all, our service is designed for owners of commercial sites and internet marketers who do not have the proper level of technical knowledge and time to protect the site. All product positioning is aimed at them - starting from the ease of connecting the site to protection (this requires simply specifying the site address, no code installation on the site), and ending with notifications for problems that have been identified and solutions to them turnkey.
Secondly, unlike other products and services to protect the site, which are aimed only at one specific issue, we initially focused on comprehensive protection, combining the necessary security tools in a convenient interface, since Something one does not solve the problem. It was liked by the experts and mentors of the SSC.
Prior to the acceleration, we already had a working partner network of web studios, agencies, CMS developers and hosting providers, a steady stream of monthly revenue and several thousand regular customers.
Acceleration of the IIDF helped us achieve such a start before the start of SSC, which taught us effective hypothesis testing techniques, tools for focusing on tasks and extensive connections in the Russian market.
A year ago in FRII and now at SSC we were helped by the fact that all members of our team have extensive experience in the information security market at Acronis, InfoWatch, Kaspersky Lab, and B-152, which we, together with the same team, developed and brought to breakeven.
We came to the beginning of SSC with the understanding that our solution really solves the pain of a business that has websites for attracting customers. In addition, we knew that scaling the service and the client is quite easy, due to the well-thought-out architecture and business logic of SiteSecure.
That is why we clearly understood that through the SSC we open the way to the international market.
Looking back and analyzing the events of the last three months, I can say with complete confidence that we have become better. And as a team, and as a solution to protect commercial sites, and better in terms of understanding the target audience.
In more detail about the errors that we made, I will describe in a separate material.
I will not go into details, just give a list of what we have changed based on the results of tested hypotheses, and what
- we did from the start of the SSC program:
- launched the English version of the site for the markets of North and South America;
- talked with more than 120 users, partners and potential customers of our service in order to better understand who they are, reveal what they need and their pain;
- launched more channels to attract the target audience and completely changed the tariff scale;
- completely revised your email marketing for current users.
Looking at this list, I understand that we really tested a lot of hypotheses.
How did we get to the final
As we were told from the very beginning, experts and mentors: in order not to remain outside the acceleration-competition, we need to show how quickly we can test hypotheses and use the insights obtained for qualitative and quantitative changes.
Over the past three months of the accelerator, we have tested more than 25 hypotheses related to the problem being solved, the target audience, value proposition, attraction channels and the product.
In addition, each hypothesis had to have some rationale and ambitious goal: to test the hypothesis for the sake of the hypothesis or hundredths of a percent increase in conversion was meaningless. Not the first time, but we learned to formulate clear hypotheses .
Besides the fact that it was necessary to learn how to formulate clear hypotheses, it was necessary to quickly check them and make correct conclusions. Many projects that participated with us in the Security Startup Challenge did not always succeed. We also made mistakes, but tried to fix it quickly. Sometimes, after setting the hypothesis, we managed to start testing it in a few hours, although this required the need to completely shovel the product and use absolutely all team members.
Also note that we had to become very flexible . Besides the fact that we tested many hypotheses and changed the product for this, the bulk of the business was profitable and had to be serviced.
For greater flexibility, we “separated the wheat from the chaff” and learned to prioritize operational tasks and tasks related to hypothesis testing.
I will make a reservation that such flexibility was not easy for us - to restructure your thinking is a very difficult task. It is also not the first time, but somehow thinking was able to rebuild and become flexible.
And the last thing that, I think, influenced our high marks and helped us reach the final - the ability to listen to external advice and focus on the results of hypothesis testing . Sometimes (especially when every project participant has success stories and acceleration programs already completed), it seems that we know everything and can figure it out ourselves. Even when the brain did not want to agree with the results of testing hypotheses (and this was - our understanding changed dramatically several times), we were able to pull ourselves together and accept the data as it is.
What we got in the end
During the SSC, we were able to see how projects with cool and high-tech products flew out of the competition due to their inability to quickly restructure and work at an accelerated pace. At the same time, projects with an average product could bring the product and business indicators to a new level due to fast and well-coordinated work of the whole team and quick testing of hypotheses.
Therefore, the ability to quickly change, make decisions and correctly formulate your goals means a lot to the project. Great product and success will be rewarded for it.
Source: https://habr.com/ru/post/293540/
All Articles