Earning Your Business is Good. Earning Your Trust is Better.
The impact a company culture has on delivering value
Company culture might feel like a touchy-feely, softer side of a business. Not necessarily something that business leaders would prioritize with regards to competitive advantage or gross margin. However, as a CEO, I have come to find that the most important decisions I make are around the type of culture we have in the company, how we compete, and how we win.
Case in point: Netflix.
Their culture, and how they strive to bring in the right talent is a cornerstone in leading and driving a market category. If you haven’t read the Netflix slides on culture, you definitely need to take a look. Company culture can be a long-term competitive advantage for an organization. Of course, that means it can also be the beginning of a downward slide to stagnation and irrelevancy. But it’s important for a business leader to recognize its significance.
Netflix’s decision to share an important aspect of their success to competitors was definitely a bold choice, but they know who they are, and they know their competitive advantage well. I am a huge proponent of transparency; so, similar to the way Netflix shared the details of their strategy, I want to take a moment to share our strategy, and why I firmly believe the cornerstone of a company’s competitive advantage can be defined within a culture of people driven to deliver one very critical element: Value.
Strategy driven by culture.
First off, I’ll say straight up: I prefer simplicity in decision-making. I have a philosophy that “strategy” is simply your plan to compete and win. So, we started by simply stating what we do and why we do it:
Critical Start provides Managed Detection and Response services. Our mission is simple and probably very similar to our competitors: “Stop breaches by detecting and responding to cybersecurity attacks.”
From that point, my job is to answer the question, “What is the battle we fight, that if successful, will help us win the war?” (Yes, I have a military background.)
However, that question forces one more very critical point: If you are striving to win then you have to focus on what you are fighting for. In the case of Critical Start, the company was founded by a small group who have lived and breathed cybersecurity for our entire careers. It was mind blowing to me – to all of us – that the entire industry had basically become complacent with the ineffective results of their service providers. So, we took our mission to another level and decided to challenge the status quo by actually building a service that any security expert would really want. Something that truly allows security practitioners to no longer be complacent and accept any level of risk. This led us to define two basic principles of our company culture:
- Do what’s right for the customer.
- Don’t do things that suck.
Devoting ourselves to a culture that is deeply ingrained within the company led us to a long-term vision and strategy. We knew if we built something that literally did what we believed was right for our customers – resolve every alert and stop breaches – then we’d be able to achieve our core goal: Be #1 in providing and proving value.
If you were getting your MBA, you might define value as, “The benefits the client receives as measured in terms of the business, technical, operational, personal, and political outcomes a customer receives in comparison to the price they pay for our services.” Again, I like simplicity, so the way I state it in all my internal meetings and conversations is slightly different:
Give our clients the most bang for their buck and make sure we can prove it.
Value starts with being effective in detecting every attack possible, responding as quickly as possible, and only using the very best of breed security tools in the market. But we also think about the client’s operational expenses when it comes to handling alerts, their ROI, efficient onboarding, reduced risk, operational flexibility, less stress, better retention of client security personnel, workload reduction, and decreased costs. A lot of MDR providers claim to provide value but how do you really prove it?
Delivering value should begin at the onset of a customer experience, which can start long before a customer even decides what they need. So, we decided to take the initiative to simply introduce ourselves and let people know just who we are and what we stand for both culturally and as a company. We know who we are and we know our MDR service can do what others can’t, and never will. Our competitive advantage is there, and we set out to prove it. That actual proof of value, once delivered, is simple to see: more sales, stronger customer retention, and ongoing brand loyalty.
Today I am proud to show you exactly who we are, and how our culture is driven by the desire to never settle for “good enough.” Not ever. That’s our message and it’s the beginning of a movement to deliver value and then prove that value over and over again to our customers and to our partners. Soon, you will see that while other cybersecurity providers might be good, we’re just better.
So, now I’m taking the bold step to share our company strategy with everyone, including our competitors and here it is: Critical Start provides the valuable outcomes demanded by customers and we promise to prove these outcomes from the early decision-making process, through the entire sales cycle, and during service delivery. This is what I expect from my teams and our vendors and it’s what you can expect from Critical Start.
A self-professed security geek, Rob Davis is a Certified Information Systems Security Professional (CISSP) with more than 20 years’ experience in information security. In 2011, he founded CRITICALSTART, recognizing the need for a client-focused, customized approach to cybersecurity. During Rob’s 14-year tenure at RSA, he served as Vice President of Worldwide Systems Engineering, Area Vice President of Sales, Systems Engineering Manager, and PKI Evangelist.
You may also be interested in…
- Consumer Education(39)
- Consumer Stories(2)
- Cybersecurity Consulting(10)
- Data Breaches(15)
- Data Privacy(43)
- Incident Response(9)
- MDR Services(64)
- Penetration Testing(16)
- Press Release(60)
- Research Report(9)
- Security Assessments(16)
- Thought Leadership(17)
- Threat Hunting(9)
- Vulnerability Disclosure(3)