Readers wonder what leads an analyst to cover one firm or technology over another. There was a whole session on this topic at the RSA Conference US 2016, titled "Do Industry Analysts Actually Stifle Security Innovation?"
There are several questions raised:
- Are analysts ignoring innovators? If small startups are ignored, how would buyers ever learn of them? And how will those companies thrive?
- Problems with categories. Firms are squished into some category, where they may not belong. Or there are too many categories.
- Rigid ranking in a two-by-two matrix. I won’t mention the analyst firm but you may be able to guess.
Here’s how I look at it: IT analysts need to encourage innovation and not use product and solution categories too strictly.
I don’t try to ignore small firms, which are often the source of innovation. It’s just difficult to cover them all since there are so many.
If someone came up and said "we’re the Uber for toilet cleaning" (I’m actually a networking analyst so that will never happen to me, but you get the point), and I don’t see a great product/service fit with the market, I will unfortunately decline your request for a briefing.
But on the other hand, if you do have something novel that fits a need, then yes, I am interested. There is no magic formula or criteria that fits in one sentence, but being able to articulate concisely and crisply customer value is a great thing to have.
I’ll give you a couple of examples of small firms that I've talked with recently.
- Teridion — I spoke with a company called Teridion that's almost like Pied Piper from HBO’s Silicon Valley TV show. They found a way to make network performance via the public internet a whole lot faster (faster downloads!) through rerouting (not magical compression with off the charts Weissman score, but it’s finding the best path, like Waze for networks). That’s interesting, so I spoke to them before they launched, and now they have traction with many customers.
- Hypernium — There’s another small firm called Hypernium. It is in a narrow category: encrypted and compressed access to SQL Server from Windows with no need for appliances. Narrow use cases? Yes. Value to the end-users? Definitely. It meets a need. Possibilities for growth into other areas? Yes.
Categories and Buckets
People love or hate market categories. Example categories in my space include "network packet brokers", or" data center switches". This is a tough one to evaluate. Sometimes it is useful to bucket products, if it's a well known area for all buyers. Then you can use it as framework for comparing solutions. On the other hand it may ultimately do some harm if it acts as a straitjacket.
At the RSA session, one person observed that the product managers, who loves their own creation, will say: “This is a new category! We have no competition”.
The marketing team will say: “don’t swim in your own separate pool, you’ll be all alone and ignored. Instead, place yourself in this well-known category”. Unfortunately, that category may be crowded.
If that happens, they struggle to stand out. They may fight to talk about each other's negative aspects in an attempt to try to disqualify them and remove them from the category. That starts a downhill slide as we forgot a meaningful, positive discussion.
There’s no easy answer. I try to use accepted categories, and describe the differentiation through words and not buckets. I don’t try to create new categories if there are enough out there.
But when I see tons of solutions all squeezed into one category, such as the now meaningless bucket of SDN, I try to create some clarity and look for the different benefits that each product can provide. Those benefits may depend on different type of customers, as sometimes it’s hard to overgeneralize with one-size-fits-all category.
From the point of view of customers, outcomes are important. My fellow analyst Doug Cahill talked about the use of outcomes as a way to differentiate. In other words, avoid using marketing hype and focus on the ability to solve use cases that lead to desired outcomes.
Also, as products start to become platforms that cross multiple categories, it's even harder to place them into a single bucket. Is this platform a network security solution? Is this a network monitoring solution? Sometimes it is both.
There's an unmentioned but well-known name for the famous two by two matrix in which vendors are rated by how they score in their ability to execute and for having vision. Let me be polite and just call it an "enchanted matrix". People criticize these scores as being overly simplistic.
It does have its uses, as it simplifies the view for people who want to get a quick grasp of the situation. However, it hides the variety of considerations that went into the rating and also doesn’t respect the fact that each customer's requirements differ.
- From the vendor's perspective, it’s unfair if the only way an prospect evaluates a product is by whether or not it is in the upper right quadrant.
- From the customer's perspective, if a product is designed to meet their needs, but misses the leadership quadrant mark because it lacks one feature (and that feature isn’t even needed by the customer), it’s a shame. That firm may never break out to the top ranks, even if it shows plenty of promise.
Some risk-averse customers may buy from the upper right quadrant as a way to be safe. They can always says "don't blame me! I took the safe choice!" Normally, being risk-averse in cybersecurity or business continuity is a good thing, but in a changing landscape (i.e. emerging threats), decision makers need to look at how the solutions meet their requirements for desired outcomes. So the solution's position in the matrix becomes one of the many inputs into decision making, and not the sole input.
I try to describe what matters (the bigger truth) to end customers in our analysis. I realize that not every customer is the same, but there are common business goals that matters. If I focus on that, it will meet the needs of customers and vendors (small innovators and well-established firms alike)