September 9, 2020

Last Updated on January 14, 2024

Venture capital and private equity funds look very closely at the scalability and salability of target companies.

Does the target have the right systems and processes in place to grow quickly so it can sell for multiples of the original investment? Or will growth be impeded by processes that can’t scale?

This is why the right data security and privacy infrastructure is absolutely critical in the eyes of investors, according to Jesse Nash, a partner at leading VC law firm Reitler Kailas & Rosenblatt LLC and our guest on a recent episode of The Virtual CISO Podcast. Jesse represents SaaS firms as well as investors, so he knows both sides of these issues.

“If they [the SaaS] don’t have the right investment and they have to do it with your money, it’s a different growth trajectory than if they already had done the investment. This is an important issue in all venture capital and private equity investing,” Jesse states. “If you have an early stage company, nobody wants to give you money so you can deal with the stuff that you should have already done, right? They want to give you money so you could take that money and invest in R&D and sales and marketing and scale the crap out of that business model and grow to the stratosphere. So they can get multiples for the fund’s investors. That’s what it’s about.”

Jesse continues: “One of the upsides to some of the market corrections over the past few years is that VC is significantly more selective in terms of investing in companies that have approached the marketplace and there’s some sort of indication that the marketplace is picking up what they’re throwing down, right? That they have a product-market match and that they have a proven revenue stream.”
“Well, that means if you have a bunch of deals already out there in the world and you’re not in compliance with those deals, that’s going to be a gating issue for an investor, right?,” Jesse stresses. “You’ve got to have that nailed down before you come to me for a check, rather than take my money so you can backfill in the data security and privacy infrastructure after the fact and hope you don’t have a breach in the interim.”

For SaaS firms that boast a robust security posture that can pave the way to attracting new customers, what are the benefits?

“So if I’m an investor and I see that a company has hurdled that data and security and privacy challenge and has an infrastructure in place, I have a belief that there’s going to be a better product-market match than would otherwise be the case,” Jesse notes.

This is because the number one concern in the SaaS market is security and privacy, far and away.

Besides impressing investors, stronger security and a better product-market match means competitive leverage, more customers, shorter time to revenue, higher revenue, less drag on getting contracts signed and all those good things.
If you work for a SaaS or want to invest in a SaaS, you should hear this entire podcast. You can listen to the full show with Jesse Nash here.
If you don’t use Apple Podcasts, click here.

ISO 27001

ISO 27001 is manageable and not out of reach for anyone! It’s a process made up of things you already know – and things you may already be doing.
Get your ISO 27001 Roadmap – Downloaded over 4,000 times