Security is a Growth Center

How would a cybersecurity breach affect your startup’s growth? It is hard to imagine a positive outcome. The goal of a startup is to grow quickly, and ensuring the security of customer data keeps the momentum going. Every company today needs to prioritize security, yet there is a common misconception that security is a cost center, while sales and marketing are profit centers. Where does this idea come from?

“One of the biggest mistakes I have made during my career was coining the term profit center, around 1945. The truth is that inside the business, there are only cost centers. The only profit center is a customer whose check hasn’t bounced.” - Managing in the Next Society, Peter F. Drucker, 2002

In 2015 Frame.io raised a $2.2 million seed round with the goal of improving video production. The software allows users to upload video files, share them with stakeholders, and complete projects faster. The media industry was skeptical that their intellectual property would be safe on a cloud hosted platform. A data breach would have been an absolute disaster for the company. Prior to starting Paraxial.io I worked as a security engineer at Frame.io, and was impressed by the strong emphasis the founding team placed on security, ensuring I had the ability to get real work done. The decision was prudent, Adobe acquired Frame.io in 2021 for $1.275 billion. The growth curve and exit would not have been the same had a data breach occurred.

For a startup, or any business where growth is a priority, a major security incident kills the velocity that everyone has worked so hard to create. I have seen many engineers and security professionals cynically explain that their career is a cost center, not a profit center like sales. It reminds me of Heinrich Hertz, when asked about the applications of his work, replying “Nothing, I guess”. The number of cyberattacks is only increasing, every year security becomes more important.

The sales and marketing people are unlikely to correct someone calling them a profit center, despite the revision from Drucker. My message for engineers and security professionals is that you should not use the self defeating label cost center to describe your craft. When sales closes a massive contract, that would not be possible without a secure and high quality product. When revenue projections are exceeded, that happened because a team of people worked very hard to prevent a cyberattack.

Paraxial.io stops data breaches by helping developers ship secure applications. Get a demo or start for free.