Simple Fixes vs Complex Innovations
The simplest fixes are often the most effective. This is a truism that runs right across the gamut of all industrial processes, yet it is so often ignored. While there is certainly no problem with being innovative, far too rarely is the question asked…how does anyone working in this niche actually benefit from what we’re doing?
It is surprising how often this basic facet of logic is disregarded. One such example of this came from a study related to malware. This is obviously a critical area for many businesses, as malware can be extremely irritating, and can also do considerable commercial damage.
The work on malware was using what is referred to as a ‘sandbox’. To explain this briefly, a sandbox is effectively an environment used for testing; in this case, it is a security mechanism that makes it possible to assess suspicious files in a safe environment.
When companies are assessing the malware issue, the vast majority of files that they are dealing with usually show absolutely no signs of any problems. But there are a small number that are suspicious. You simply do not know whether they are safe, or if they could infect your entire system. This is where the sandbox comes in.
So when sandboxes are in operation, they often use signatures in the process of identifying nefarious files. What the company addressing the malware issue had therefore done is to create a sandbox that had proprietary technology that was protected by patent, and it was able to identify malware without needing to use signatures.
This was potentially hugely beneficial. It meant that this student, working with a tiny startup, was potentially able to compete with billion-dollar companies, in terms of detection rates. Certainly not a mean feat, by any means.
Clearly, it appeared at this stage that the startup was onto something big. So they went out into the commercial world, with their technology that they felt was potentially worth millions of dollars, that they sincerely believed could define the future direction of the entire niche. And they approached vendors in the market, and found something truly surprising…
Nobody really cared! And the reason for this was quite simple. Nobody really cared because the company had done exactly what we experience continually in our field of work, they had failed to raise the bar in a meaningful way, or deliver some new and transformative.
Yes, they had created an effective product. Yes, it could potentially be better than some massive companies’ products in time, if massive amounts of data were invested in the project. Yes, it did an excellent job of detecting zero-day malware (which was a big selling point of the software, in the eyes of its developers). And, yes, it was absolutely comparable with the top established performers in the industry.
But it didn’t better the best malware solutions. So no-one cared about it. There were already packages out there that could do what the software did, so there was no need for anyone to adopt this solution.
And the startup struggled to understand the situation. This was a project about which they were extremely passionate; it was pretty much their life at the time. They had invested a huge amount of energy and passion into it. And thus they couldn’t comprehend why the market wasn’t interested in it.
Breaking Down the Process
At this point, they had come to us, hoping that we could shed light on the situation. So we took them through a process in which we broke down the various processes and targeting that had been used. And what we found from speaking with the audience for the product was that they were already using multiple tools, and pulling parts of all of these individual tools into their own report. And that’s what they were sending to their clients.
So just to clarify this process briefly, what they were involved with is akin to a managed service provision or threat detection service, and companies were offering them this as a product.
But when we spoke to clients and quizzed them on their current approach, we found that companies were indeed using similar solutions to the one suggested by our client, but that there was a key area where their processes could be improved.
They divulged that the most time-consuming aspect of dealing with malware was that they only required a certain area of your report to go into our report. And it takes us ages because we have to manually code it, and manually move it across.
The Simple Solution
Of course, they knew their own business, and they knew what they needed. They told us that if they had an easy way to just hook up into the API and then pull individual sections out of your report, and then put it straight into ours, this would be massively valuable to us.
In fact, when we examined the issue, we found that this huge advantage for the client, this innovation that they were hankering for, only required around ten days worth of development time. And yet it was a massively valuable feature. It was a key differentiator in the industry, that no other provider had thought to offer at that time.
Strategising and Success
This is a classic example of how the most valuable solutions, the most useful elements of a product can be both extremely simple, and also not immediately obvious to outsiders. It was only by speaking with clients that we were able to ascertain that the most valuable thing that could be done with the malware software was, in fact, rather straightforward to implement, and yet would provide any company that achieved it with an absolutely key competitive advantage.
That is the sort of data that defines whether any venture will be a success, or a failure. And identifying this type of information should always be a key strategy for any company, as opposed to attempting to shock companies into stunned silence with technical brilliance.
You should always remember to ask the market what it needs, and then respond to that need.