Scaling a Cybersecurity SaaS Startup: Lessons from Living Security
Living Security is a SaaS business that helps medium and large enterprises manage human risk. In this interview, co-founder Ashley Rose shares behind-the-scenes details about the business’s growth, and how they overcame the challenges associated with offering a new solution to the industry.
👇 Key Takeaways
- Living Security’s first clients came through networking and leveraging industry connections
- Ashley made the jump from side hustle to full-time when they were accepted into a startup accelerator program
- The business was initially bootstrapped but raised funding after demonstrating market demand
- The company’s first enterprise client led to a wave of new opportunities
Overview
Business Name: Living Security
Website URL: https://www.livingsecurity.com/
Founders: Ashley Rose and Drew Rose
Business Location: Austin, TX
Year Started: 2017
Number of Employees/Contractors/Freelancers: 35 employees
How much revenue does the business generate?
Living Security has experienced significant growth, with revenues reaching several million dollars annually.
Tell us about yourself and your business.
I’m Ashley Rose, the founder and CEO of Living Security. I’ve always been passionate about finding innovative ways to solve complex problems. I hold a degree in Business Administration and have spent over a decade in various roles within business, marketing, product management, and cybersecurity. My journey through these fields led me to recognize a critical gap in how organizations approach security training and awareness and to pioneer Human Risk Management as an expanded category.
Living Security was founded in 2017 with the mission to transform how organizations manage human risk by leveraging existing security data to identify human risk and protect the workforce by delivering engaging, behavior-changing security awareness training.
We serve a diverse range of clients, from Fortune 500 companies to mid-sized enterprises, providing them with interactive training modules, gamified experiences, and robust analytics to measure the effectiveness of their programs. My co-founder, Drew Rose, and I have been committed to building a company that not only enhances security but also fosters a positive security culture within organizations.
How does your business make money?
We’re a software-as-a-service (SaaS) company. We license our Human Risk Management platform to medium and large enterprises at a per-user price.
What was your inspiration for starting the business?
The inspiration for starting Living Security came from witnessing firsthand the limitations of traditional security awareness training. Many organizations were using outdated and ineffective methods that failed to engage employees or change their behavior.
I saw an opportunity to leverage modern technology and behavioral science to create human risk programs that were not only informative but also data-driven, engaging, and impactful. My goal was to build a company that could bridge this gap and help organizations significantly reduce their human risk.
How and when did you launch the business?
We officially launched Living Security in 2017. The initial phase involved extensive research and development to create our core product offerings. We started by developing a series of interactive and gamified training modules that could be easily integrated into existing corporate training programs.
Our first clients were primarily obtained through networking and leveraging our industry connections. The positive feedback and early success we experienced helped us secure additional funding and expand our team, allowing us to scale our operations and reach a broader audience.
How is the business funded?
Living Security began as a bootstrapped venture, with initial funding coming from personal savings and early revenue. As we demonstrated market demand and achieved significant milestones, we attracted the attention of investors. To date, we’ve raised several rounds of venture capital, with our latest Series B funding round bringing in $14 million. This funding has allowed us to accelerate our growth, expand our product offerings, and enhance our marketing efforts.
How did you find your first few clients or customers?
Our first few clients came from leveraging our existing network in the cybersecurity industry. We reached out to contacts who understood the importance of effective security training and were willing to pilot our program.
Word-of-mouth referrals also played a significant role in our early growth. As clients experienced the benefits of our engaging training modules, they recommended us to other organizations.
Additionally, we attended industry conferences and events to showcase our products and connect with potential customers. These strategies helped us build a solid client base and establish credibility in the market.
What was your first year in business like?
The first year was challenging and rewarding. We spent countless hours developing our product, refining our approach, and ensuring it was effective and engaging. The initial phase involved a lot of trial and error as we tested different approaches and gathered feedback from our early clients.
Despite the long hours and intense workload, seeing the positive impact of our training programs on client organizations was incredibly fulfilling. Financially, we reinvested our earnings back into the business to support product development and marketing efforts. The hard work paid off as we saw accelerating growth and began to build a strong reputation in the industry.
What strategies did you use to grow the business?
Several strategies were crucial in driving our growth:
- Innovative Product Development: Continuously improving and expanding our product offerings to meet the evolving needs of our clients has been at the core of our strategy. We invest heavily in R&D.
- Customer-Centric Approach: Focusing on providing exceptional customer service and building strong relationships with our clients has helped us retain customers and generate referrals. We actively seek feedback and make adjustments to our products based on client input.
- Strategic Partnerships: Forming partnerships with other organizations in the cybersecurity space has allowed us to expand our reach and offer more comprehensive solutions to our clients.
- Effective Marketing: Leveraging content marketing, social media, and industry events to raise awareness about our brand and products. We create valuable content that educates potential clients about the importance of security awareness training.
- Scalable Sales Process: Developing a scalable sales process with a focus on building a robust sales team. Training our sales team to effectively communicate the value of our products has been key to closing deals and driving revenue growth.
- Data-Driven Decision Making: Using analytics to track the performance of our training programs and identify areas for improvement. This data-driven approach ensures that we are always enhancing the value we provide to our clients.
What was the biggest challenge you had to overcome?
One of the biggest challenges we faced was convincing organizations to invest in human risk management, a new approach to security awareness training. Many companies were accustomed to traditional methods and were hesitant to change. Overcoming this challenge required us to clearly demonstrate the effectiveness of our programs through case studies, testimonials, and pilot programs. We had to build trust and show that our innovative approach could significantly improve their security posture.
What have been the most significant keys to your business’ success?
The most significant keys to our success include:
- Client Focus: Prioritizing our clients’ needs and feedback has helped us develop products that truly address their pain points and deliver value.
- Innovation: Continuously innovating and staying ahead of industry trends has allowed us to offer cutting-edge solutions that differentiate us from competitors.
- Team Excellence: Building a talented and dedicated team has been crucial. Our team’s expertise and commitment to our mission drive the company’s success.
- Resilience: Navigating challenges with resilience and maintaining a positive outlook has helped us overcome obstacles and stay focused on our goals.
Tell us about your team.
Our team consists of 35 employees, including full-time and part-time staff, contractors, and freelancers. We operate primarily out of Austin, Texas, but also have remote team members across different regions.
Our team is diverse, with expertise in various areas such as cybersecurity, instructional design, technology, marketing, and customer support. This diversity allows us to bring different perspectives to the table and develop well-rounded solutions for our clients.
How did you make the transition from side hustle to full-time?
We did business development and obtained our first customers before we went full-time in the business. The transition point for me was when we were offered admission into a cybersecurity startup accelerator program. The program made a small initial investment in the business but required the founders to be full-time. In return it was a “micro-MBA” on startups where I learned how to build a financial model, investment deck, GTM plan, etc. to obtain my first seed round of funding to build the business.
What was the turning point when you knew your business was successful?
The turning point for us was when we secured our first large enterprise client. This was a significant validation of our product and approach. The positive feedback and subsequent referrals from this client led to a wave of new business opportunities, confirming that we were on the right track.
What is the most important lesson you’ve learned growing the business?
In hiring, culture fit trumps resume experience every time.
What separates your business from your competitors?
We’re taking an entirely new approach to managing human risk for organizations. Instead of a one-size-fits-all approach to security awareness and compliance training, we help organizations leverage their existing security data to identify the riskiest and most vigilant employees so they can respond with targeted training and controls and allocate their resources more effectively to improve their security posture. Organizations that want to move to a risk-based approach to their human risk program, work with Living Security.
What advice do you have for other entrepreneurs?
My advice for other entrepreneurs is to stay resilient and adaptable. Building a business is full of challenges and uncertainties, but maintaining a positive attitude and being open to change can help you navigate these obstacles.
Focus on solving real problems for your customers and always seek feedback to improve your offerings. Lastly, surround yourself with a talented and supportive team that shares your vision and values.
What is your favorite quote?
“It is not the critic who counts: not the man who points out how the strong man stumbles or where the doer of deeds could have done better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood, who strives valiantly, who errs and comes up short again and again, because there is no effort without error or shortcoming, but who knows the great enthusiasms, the great devotions, who spends himself in a worthy cause; who, at the best, knows, in the end, the triumph of high achievement, and who, at the worst, if he fails, at least he fails while daring greatly, so that his place shall never be with those cold and timid souls who knew neither victory nor defeat.”
—Theodore Roosevelt
What are some of your favorite books, blogs, podcasts, or YouTube channels?
Books:
- Start with Why by Simon Sinek
- Escape Velocity by Geoffrey Moore
- Good to Great by Jim Collins
Blogs:
Podcasts: