How should startups respond/pivot to the pandemic?
In the 90s, it used to be that security was something you would bolt on to a product. As we approached 2000, security became something that you incorporated into your products. Many security segments collapsed into features and other products. It's not to say that security as a product is going away, but you can certainly see the low hanging fruit becoming, security by design, security by default, these sorts of concepts. I think this will manifest more in how products are built when they need to meet the associated compliance regimes versus a huge product opportunity. I think that your analogy of the mine auditing is a good one. Construction companies will also sometimes rely on cameras to make sure that things are actually happening. I think the problem is very similar, the difference is that, in some of these facilities you don't get to have a view of what's happening inside of those facilities relative to security controls. You have to look at the artifacts that the system produces to be able to assess conformity with your policies, procedures, and controls. I don't immediately see the opportunity for startups to build things, but I do see a trend happening in the context of the way we build software, that actually plays very well to this reality that we're now facing. For example with Signal, they don't make assumptions about the operating system, or the environment that they're running in, instead they try to build security mechanisms into the way the system is built. I think in the context of compliance, you'll see that same approach. How am I, as I design this system going to be able to demonstrate to my auditors as a natural byproduct, not an artificial byproduct, that I'm meeting my compliance obligations. That's my initial thinking there.
Content you might like
Avoiding vendor lock-in41%
Competitive Pricing57%
Ease of scaling to workloads45%
Resistance to outages40%
Regulatory compliance12%
Other (share below)4%
Yes90%
No9%
I also think that the way we approach IT may change. If we look at what it means to onboard an employee who's never going to physically be in the office, there's lots of supply chain relationship management problems that actually exist. The HR startups, that are frankly just web form versions of the paper processes that companies were doing, those companies that are domain experts in doing these things online, they are still burdened with heavy paper processes. I think that there are startup opportunities in the area of how do you automate these core business processes. Another area that is particularly interesting is the way we use work laptops at Google. Let's say my work laptop were to die, I would drive to the closest Google office, I would walk in. And then there's just a stack of laptops there where I come in and I badge and I walk away with a laptop and they assume the one that was unplugged when I badged was the one I took. Then I log in, they cross reference it to that, and now that laptop is associated with me and my downtime is an hour round trip. I think that there will be somebody who's successful in this area to augment the IT desktop lifecycle. If you look at fully loaded costs of an employee, there's a lot of value to be extracted, if you can compress that into a more complete solution.