Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Why is it so hard for security startups to get government customers?

Dan Lohrmann | Dec. 3, 2014
Selling to governments is not hopeless for security startups, but it is very difficult. Here's a story to show why.

A few weeks leader, some of the staff working the pilot came in and asked: What are we really trying to accomplish with this product?  "Can't we do this is 3-6 months after we finish identity management and other more important projects that we are on the hook for delivering on time and on-budget."

STEP 6: Fight the vendors -- Meanwhile, I spoke with a few key vendors who I trusted. They didn't say "No, this is a bad idea." But... they clearly had their own special interests. They wouldn't go out of their way to see another new competitor's product succeed -- especially a startup with no track record.  

STEP 7: Procurement Woes -- After a project update meeting in June, I pushed the issue again with various team members. I remember getting a phone call from some procurement specialist asking: "How can we pay for this, even if we like it and the pilot is successful?" Can we buy this sole source? What would be the justification? (Answer: No sole source).

One person made it clear, "There is no competitor. This is a one-of-a-kind product. Also, the vendor has no track record with unique testimonials? How can we pay for the product?"

STEP 8: Project champion leaves -- When early July rolled around, I announced that I would be leaving state government in August to join Security Mentor, as their new Chief Strategist & CSO. Over the next few weeks, I watched as my departure announcement took the wind out of the sales for this product.  My last day in Michigan State Government was August 1.

STEP 9: Project Stalls with other high priorities taking precedent -- I spoke with some government colleagues in September, and they told me that they stopped working on the pilot. The reason: two other higher priority security efforts, including identity management and the enterprise-wide risk assessment. Both of these projects had gone through the formal Request for Proposal (RFP) process, with competitively won contracts. Management expectations were high on those efforts.  There were no available people to work out the necessary details for a pilot with Aorato.  

STEP 10:  Microsoft Buys Company -- And then... in November, I see this blog announcement from Microsoft, announcing that they are buying Aorato. (This was actually welcome news to me from a distance, and made total sense given the functionality of the product protecting Active Directory.) If you go to the Aorato website, you get this message:

We are excited to inform you that we have been acquired by Microsoft.

Hello Microsoft,

At our core, Aorato has always been focused on strengthening enterprise security, by giving customers deeper visibility into their Active Directory and identity infrastructure with an emphasis on user behavior intelligence and analytics. Joining Microsoft gives us a unique opportunity to pursue this vision, and help customers at the broadest possible scale.


Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.