First of all, how are you and your family doing in these COVID-19 times?
Steve Thomas: We are all alive and healthy, which is all I can really ask for during COVID. My wife is a school teacher, and thankfully she’s able to teach virtually, which prevents her from getting coronavirus from her students. Our parents are in quarantine, which is helping keep them safe. Building a startup during COVID is definitely more stressful than normal.
Tell us about you, your career, how you founded HackNotice
Steve Thomas: I’ve been in enterprise security and startups for 15 years. I launched my first threat intelligence company eight years ago, bootstrapped it, and then eventually sold it. I helped build the sales team at SecurityScorecard, where I met my co-founder. I then left SecurityScorecard to found HackNotice in 2018, bootstrapping it and building it up to the company that it is today.
How does HackNotice innovate?
Steve Thomas: Each employee acts as the CEO of their own part of the business. Instead of dictating exactly what employees need to do, we often give people open-ended projects, like “figure out how we can use machine learning to improve data processing” or “build a marketing pipeline”. Employees often have to research the best way to accomplish something, and through that research, they innovate, coming up with better solutions and new ways of making systems work for us.
We also focus on hiring smart people with useful skill sets, rather than people who have been doing the job for tens of years. One of our security researchers had spent very little time in hacker forums but had spent a lot of time in testing automation, which is a skill that he uses in unique ways to do a lot of automated research.
How the coronavirus pandemic affects your business, and how are you coping?
Steve Thomas: We had quite a few sales opportunities disappear overnight at the start of the pandemic. Companies were either too distracted or too worried about their finances to start a new security project, no matter how badly they needed it. We’ve adjusted our sales process and customer outreach to make sure that we continue to sign up new customers. We’ve also refocused on employee security, which is more important than ever before, given the number of companies that switch to remote work in a short period.
Did you have to make difficult choices, and what are the lessons learned?
Steve Thomas: Absolutely. As opposed to a lot of startups at the start of COVID, we retained all of our headcounts, but we had to cut budgets and take on debt in order to do so. We also were in the middle of a fundraising round, which we had to pause due to the pandemic. We refocused our efforts on reducing burn and building a road to profitability.
Thankfully, we made the right choices. Our employees are helping grow the company, and we should become profitable by the end of the year. We still plan on growing rapidly, but not having to worry about making payroll will help us strengthen our business, enabling us to fund-raise and grow fast when the market returns to normal.
How do you deal with stress and anxiety? How do you project yourself and HackNotice in the future?
Steve Thomas: I do an hour of cardio exercise every day, which is a huge help when dealing with stress. I also monitor myself to tell when I’m getting overstressed or overworked, and I make sure to take time, read a book, or use the Headspace app to practice mindfulness.
I also like to end the day with a glass of Maker’s Mark bourbon. That helps a lot as well.
For my company’s future, we expect to have a great year next year. We will come out of 2020 stronger than ever and with unique services that no one else is offering. We will grow organically until we fund-raise, and then we will grow very quickly. We are prepared for the worst, but hope for the best.
Who are your competitors? And how do you plan to stay in the game?
Steve Thomas: There’s a ton of competitors in the threat intelligence space, with companies like Recorded Future, Flashpoint, and many others that sell data. Instead of selling data, we focus on making the intelligence useful, informing each employee of their risk and helping employees reduce their risk. We use our data to create a lot of value for the company, so instead of seeing us as a data provider, our customers see us as building a valuable culture of security. We also focus on unique and hard to find data, like data breaches, ransomware, and stolen identities.
Long term, we plan on continuing to offer long-chain value to our customers. There are too many companies that only offer a point solution or a single link in the chain. We plan on offering complete, out of the box solutions that deliver a full solution.
Your final thoughts
Steve Thomas: Sadly, I expect 2020 to be the best year for hackers in a long time. Hackers see COVID as an opportunity, which means that everyone needs to stay extra vigilant online.