CASE STUDY

© 2015 BRUCE PHARR | SCIENCE & TECHNOLOGY MARKETING

www.brucepharr.com

How to Create a New Security Technology Category with Gartner

HOW TO CREATE A NEW CATEGORY WITH GARTNER | 2  

BACKGROUND AND INTRODUCTION Inclusion in a Gartner report is the "Holy Grail" for many technology startups. However, if you don't fit an existing Magic Quadrant, you have to convince Gartner to create a new technology category—and that is not easy.

In 2005 and 2006, I led marketing, including analyst relations, with Covelight Systems, a security software firm. Covelight had pioneered a unique technological approach to passively monitor Web application traffic, compare user activity from an active session with historical activity, and raise an alert to anomalies in user behavior that indicated fraudulent access. But this approach did not fit any of the established network security categories, such as firewall, anti-virus protection, or intrusion detection and prevention. In addition, the company did not have a well-defined target market or value proposition.

In nine months, we were able to position ourselves with Gartner in a new data security category of Transaction Anomaly Detection. Here’s how we did it, and what I learned in the process.

HOW TO CREATE A NEW CATEGORY WITH GARTNER | 3  

USE SPECIALTY ANALYST FIRMS AS ADVISORS Before briefing Gartner, we met with TowerGroup and with Javelin Strategy & Research, both leading global financial services research and advisory firms. We described our technological approach and our belief that it complied with security measures recommended in a recent update to Federal Financial Institutions Examination Council (FFEIC) guidelines on online customer authentication by financial institutions.

Both firms agreed, and provided more insight into the probable impact of this new FFEIC directive on regulatory compliance for online banking and brokerage—an important, emerging channel of financial services. This led us to establish online fraud detection, identity theft protection, and regulatory compliance as our value proposition.

Furthermore, TowerGroup and Javelin provided information on the number of financial institutions affected by the guidelines (market size) and other companies with similar security approaches (competitor landscape). They also included Covelight Systems in their own reports, “Taming the Hydra: The Emergence of Enterprise Fraud Management in Financial Services,” by TowerGroup, and “Beyond FFIEC Compliance: Creating an Evolving Authentication Platform for Higher Lifetime Consumer Value,” by Javelin Strategy & Research.

HOW TO CREATE A NEW CATEGORY WITH GARTNER | 4  

DEVELOP A MARKET MODEL AND COMPETITIVE LANDSCAPE Gartner and other analyst firms make money by selling research and advisory services. Many of their customers are the very companies their analysts cover. Therefore, one of the factors that influence the creation of a new category is whether it is big enough and valuable enough to create new customers for the analyst firm’s advisory and consulting practice.

We developed a market model that showed U.S. financial institutions could spend over $1 billion to comply with the new guidelines, and that at least eight companies would compete in the new space. In a July 2006 report, “Hype Cycle for Information Security,” Gartner identified Transaction Anomaly Detection as a new security technology that was “On the Rise.”

HOW TO CREATE A NEW CATEGORY WITH GARTNER | 5  

LAND A MARQUEE ACCOUNT

As an analyst told me: You need to land a marquee account—either a top bank or brokerage firm. That will legitimize you as a credible competitor in the category. So we worked to expand our basic offering (a point solution) to meet the enterprise needs of a top 15 U.S. bank.

Landing a marquee account helped secure recognition by Gartner as a major competitor in a new online security category of Transaction Anomaly Detection. This combination enabled Covelight Systems to complete a turnaround, reposition itself in a new category with an attractive value proposition for the lucrative financial services market, and execute a successful exit through an acquisition by Radware in April 2007.

HOW TO CREATE A NEW CATEGORY WITH GARTNER | 6  

ABOUT BRUCE PHARR I live in the San Francisco Bay Area with my wife and son. I hike in the Santa Cruz Mountains, eat good food, drink good wine, root for the SF Giants, and indulge a passion for the arts.

I serve as a strategic advisor, senior consultant, and contract corporate executive with innovative science and technology companies in life sciences, healthcare, energy storage, instrumentation, and semiconductors.

I have a track record of helping companies create competitive advantage, grow revenue and market share, and increase enterprise value. And I’ve contributed to several successful M&A events. I am a subject matter expert in basic, translational, and clinical research systems. I have led or contributed to the development of market and product requirements for biomedical, genomic, and NGS products, written thought-leader white papers, case studies, and articles for leading online and print publications, and developed and delivered presentations at major biomedical conferences.

I led marketing at Covelight Systems, a security software firm, in 2006 and 2007. In nine months, we were able to position ourselves with Gartner in a new data security category of Transaction Anomaly Detection. This helped Covelight Systems complete a turnaround, reposition itself in a new category with an attractive value proposition for the lucrative financial services market, and execute a successful exit through an acquisition by Radware in April 2007.