Getting through to users is a complex process, and every organization has its preferred marketing techniques. Marketing is primarily based on trends and techniques that come in and out of vogue. When it comes to marketing cybersecurity solutions, most organizations revert to the default technique- identifying a user’s challenge and providing a solution. While this method has remained tried and true, with new techniques taking the marketing world by a storm, it may be worth reassessing how we sell software.
What Is PLG?
One of the latest marketing techniques to gain prominence is PLG or product-led growth. PLG is a marketing approach and business methodology that focuses on increasing user acquisition by allowing restricted or limited access. The strategy relies on facilitating product usage, and as users gain value from the product, it becomes an inseparable part of their daily life. Think of a free trial or freemium version of a product, which allows users to get acquainted with the product and the value it can add.
As the product becomes an essential part of their daily lives, users are more likely to pay to get unlimited access or an upgraded version of a product. This technique increases user satisfaction with a product and makes it more likely for users to recommend the product to their peers. Many companies take it even easier to share and recommend their product by including a built-in feature to invite users and collaborate. Most consumers are more willing to try a product if it’s been recommended to them by a trusted friend or colleague instead of being introduced by the company that created it.
So What’s the Hype?
Why has PLG made such a big splash in the marketing world? The results speak for themselves. Companies that adopt PLG methods are thriving. PLG companies have been found to trade at an almost 50% premium to the SaaS index tracked by OpenView. Additionally, PLG companies in the Nasdaq grew an astounding 150% NRR.
How PLG Challenges Traditional Marketing to Achieve Results
PLG is less about telling users you can address their problems and more about proving you can by allowing actual product usage. Our company recently chose to switch from one project management platform to another. What made us choose to take the leap? We heard good things about the new platform for a while, so we chose to give it a try.
We quickly saw the results. The platform had an easy onboarding process and a free trial that quickly revealed the value this company could add to our business. “Zero time to value” is essential to acquiring and maintaining new customers, as users can see the value in using the product from the get-go. This also increases the likelihood of developing usage habits and seeing the product as a must-have. With the project management platform we moved to, we quickly found that we couldn’t imagine conducting business processes any other way, and we were glad to pay to access more features. PLG has proven to be successful, so what makes cybersecurity companies so reluctant to adopt it?
The Traditional Cybersecurity Marketing Approach and Why It’s Time for Change
Most cybersecurity companies are slow to adopt new approaches. The traditional marketing approach in the cybersecurity industry involves directly targeting C-level security personnel, such as CISOs and CIOs, by addressing their pain points and showing how the product offers a solution through traditional marketing material.
These executives are flooded with hundreds of solutions claiming to address the same old pain points, all using the same stale marketing format. This makes it difficult for CISOs to determine whether one software is better than the other. Furthermore, CISOs often aren’t the ones who will use the product- that usually falls to security IT teams, DevOps, DevSecOps, or developers. This “bottom-up” adoption of tools by end-users affects how products are built, with the end-user in mind.
Real Examples of Software Companies that Adopted the PLG Approach
We spoke to both Snyk and Bridgecrew to learn how adopting a PLG approach affected their user acquisition. Both companies used the traditional approach of targeting CISOs directly before switching tactics and adopting a more developer-oriented approach. The companies decided to reach the CISOs through the developers who would be working with the product. Once the product had been in use for some time, they would then approach the CISO.
To properly implement a PLG approach, a product needs to provide users with added value within a short time of using it. Snyk’s vulnerability scanner and Bridgecrew’s Checkov solution seemed perfect candidates to lead the companies’ PLG campaign.
Both solutions would be rapid to add value to users, which is a necessity for any product used in a PLG campaign. As the products would quickly become helpful to users, creating an open-source version was sure to pay off in the long run. In addition to being quick to provide value, these solutions also shared an empowering element. Using these solutions allowed developers to take ownership of their code and initiative.
When Cybersecurity Solutions Should Adopt PLG … and When They Shouldn’t
Applying a PLG model to security solutions isn’t always straightforward. Security solutions often require high privilege to implement, meaning developers can’t simply implement on their own initiative without permission from a higher-up within the organization. Additionally, security solutions add value by preventing attacks, which is a value that’s difficult to quantify. PLG also involves high-integration complexity, which can lead many companies to the decision that it’s not right for them.
For a PLG model to be effective for a security solution, the product must meet the following criteria:
- Be quick to provide value to users: Users should be able to see a difference either before their free trial expires or quickly enough to see that investing in the full version would be worth their while.
- Provide real value: Security solutions operate on the assumption that they make users’ networks or devices more secure. Unfortunately, when adopting a PLG model, assumptions aren’t enough. Users should see real, tangible added value after implementing the solution, which isn’t an easy thing to offer.
- Easy onboarding: A PLG model relies on users going through the onboarding process before they’ve purchased the product, meaning that most of the impression users have will be based on this process. Making a simple and streamlined onboarding process will encourage users to recommend the product to others and continue using it themselves.
PLG can empower developers, giving them ownership over their code. Once they introduce a security solution into the company, they feel both valued and responsible for ensuring that the security solution positively impacts their product’s performance. The employee will be committed to ensuring your solution and their product emerge successful, leaving everyone satisfied and eager to continue a business relationship in the long term.
In Summary
PLG isn’t for everyone, and especially not for every security solution. But if your product can meet the criteria that make PLG an effective method, it may lead to new and never-before-seen user acquisition and onboarding rates. Security solutions can grow and even thrive by adopting PLG — as long as they can provide users with fast value and a smooth and comfortable onboarding process.
