INDICATORS OF SUCCESS IN CYBERSECURITY STARTUPS: TOWARDS A COMPETITIVE INDICATORS AND WARNING

ANALYTIC MODEL

ANDREW P. COFFEY

A Thesis

Submitted to the Faculty of Mercyhurst University

In Partial Fulfillment of the Requirements for

The Degree of

MASTER OF SCIENCE IN

APPLIED INTELLIGENCE

RIDGE COLLEGE OF INTELLIGENCE STUDIES AND APPLIED SCIENCES MERCYHURST UNIVERSITY

ERIE, PENNSYLVANIA MARCH 2016

RIDGE COLLEGE OF INTELLIGENCE STUDIES AND APPLIED SCIENCES MERCYHURST UNIVERSITY

ERIE, PENNSYLVANIA

INDICATORS OF SUCCESS IN CYBERSECURITY STARTUPS: TOWARDS THE DEVELOPMENT OF A COMPETITIVE INDICATORS AND

WARNING ANALYTIC MODEL

A Thesis Submitted to the Faculty of Mercyhurst University

In Partial Fulfillment of the Requirements for The Degree of

MASTER OF SCIENCE

IN APPLIED INTELLIGENCE

Submitted By:

ANDREW P. COFFEY

Certificate of Approval: ___________________________________ Shelly Freyn, M.B.A. Assistant Professor The Ridge College of Intelligence Studies and Applied Sciences ___________________________________ Dawn M. Wozneak, Ph.D. Assistant Professor The Ridge College of Intelligence Studies and Applied Sciences ___________________________________ David J. Dausey, Ph.D. Provost and Vice President for Academic Affairs Mercyhurst University

March 2016

iii

Copyright © 2016 by Andrew P. Coffey All rights reserved.

iv

DEDICATION

To all the individuals who have been victimized by a cyber-attack (myself included), maybe

somebody can fix this problem.

v

ACKNOWLEDGEMENTS

My parents, Mary and Dave Coffey, and the rest of my family, who have given me all the

opportunities and tools to succeed, and for their continued support and encouragement.

Professor Shelly Freyn, who ignited my interest in Competitive Intelligence and has always

acted a mentor, resource, and advisor – as well as an excellent educator – throughout my

career at Mercyhurst University.

Professor Dawn Wozneak, who has always made time to provide assistance, feedback, and

encouragement throughout my career at Mercyhurst University.

The faculty and staff of the Ridge College of Intelligence Studies and Applied Sciences, for

all their lessons, guidance, and support that will benefit me throughout my career.

vi

ABSTRACT OF THE THESIS

Indicators of Success in Cybersecurity Startups:

Towards the Development of a Competitive Indicators and Warning Analytic Model

A Critical Examination

By

Andrew P. Coffey

Master of Science in Applied Intelligence

Mercyhurst University, 2016

Assistant Professor Shelly Freyn, Chair

This study analyzes the literature on entrepreneurial efforts and factors contributing to

the success of new companies in order to determine which factors are indicative of likely

success of cybersecurity startups. After determining which factors most directly contribute to

success, the researcher developed a model that can be applied to new cybersecurity startups

in order to estimate the likelihood of the new startup’s success. This research and resulting

model will benefit competitive and market intelligence professionals, potential investors, and

companies seeking to acquire a startup firm.

This thesis will review existing literature covering topics of entrepreneurial efforts,

success factors, and the field of intelligence. Following the literature review, the study

translates the structured analytic technique Indicators and Warning analysis (a national

security and military intelligence method) into a competitive intelligence methodology.

Expansion on the reviewed literature and development of the model will result in a synthesis

vii

of market and business research on startup successes with intelligence and analytic

methodologies that improve an analyst’s forecasting accuracy.

Through a comparative case study of three cybersecurity startups, this thesis will

examine several success factors based on the startups’ funding, firm, and founder attributes

in order to determine which factors are more indicative of success. The study analyzes one

successful case (Palo Alto Networks) and two unsuccessful cases (ISC8, Inc. and Cryptine

Networks) to assess the success factors. The study then tests the developed Competitive

Indicators and Warning model on the three cases to determine the model’s validity, then

analyzes Area 1 Security, a nascent cybersecurity startup, to demonstrated the model’s

estimative capabilities.

viii

TABLE OF CONTENTS

Page

TABLE OF CONTENTS...................................................................................... viii

LIST OF TABLES................................................................................................ xi

LIST OF FIGURES.............................................................................................. xii

LIST OF ABBREVIATIONS............................................................................... xiii

CHAPTER 1: INTRODUCTION......................................................................... 1

Introduction to the Problem...................................................................... 1

Background of the Problem ..................................................................... 2

Statement of the Problem.......................................................................... 4

Purpose of the Study................................................................................. 4

Research Questions................................................................................... 5

Definitions of Terms................................................................................. 5

Nature of the Study................................................................................... 7

Relevance and Significance of the Study.................................................. 8

Assumptions and Limitations.................................................................... 9

Organization of the Study......................................................................... 10

CHAPTER 2: LITERATURE REVIEW.............................................................. 12

Introduction to the Literature Review....................................................... 12

Entrepreneurial Theory Framework.......................................................... 12

Entrepreneurship....................................................................................... 12

Defining Success....................................................................................... 16

Success Factors......................................................................................... 19

Intelligence Theory and Methodological Frameworks............................. 27

Intelligence................................................................................................ 27

Indicators and Warning Analysis.............................................................. 29

Redefining Indicators and Warning Analysis........................................... 32

Chapter 2 Summary.................................................................................. 36

ix

CHAPTER 3: METHODOLOGY........................................................................ 38

Introduction............................................................................................... 38

Research Design........................................................................................ 38

Selection of Cases..................................................................................... 40

Data Collection......................................................................................... 42

Data Analysis Procedures......................................................................... 43

Data Analysis............................................................................................ 49

Limitations of the Research Design.......................................................... 50

Credibility................................................................................................. 51

Transferability........................................................................................... 52

Ethical Issues............................................................................................. 52

Chapter 3 Summary.................................................................................. 52

CHAPTER 4: FINDINGS..................................................................................... 54

Introduction............................................................................................... 54

Palo Alto Networks, Inc. .......................................................................... 55

ISC8, Inc. .................................................................................................. 59

Cryptine Networks.................................................................................... 64

Comparison of Cases................................................................................ 68

Testing the Model..................................................................................... 70

Chapter 4 Summary.................................................................................. 81

CHAPTER 5: CONCLUSION.............................................................................. 83

Introduction............................................................................................... 83

Summary of the Study............................................................................... 83

Discussion of the Findings........................................................................ 85

Implications for Practice........................................................................... 88

Recommendations for Further Research................................................... 90

Conclusions............................................................................................... 94

REFERENCES...................................................................................................... 96

APPENDICES...................................................................................................... 116

x

Appendix A............................................................................................... 116

Appendix B................................................................................................ 117

Appendix C................................................................................................ 118

Appendix D............................................................................................... 119

Appendix E................................................................................................ 121

Appendix F................................................................................................ 123

xi

LIST OF TABLES

Page

Table 1 Terms modified in translation of DOD definition of I&W to Competitive I&W...........................................................................

35

Table 2 The startups to be analyzed through a comparative case study...... 42

Table 3 Success Factors regarding Funding attributes................................ 45

Table 4 Success Factors regarding Firm attributes..................................... 46

Table 5 Success Factors regarding Founder attributes................................ 47

Table 6 Palo Alto Networks’ Indicators of Success – Funding Attributes. 56

Table 7 Palo Alto Networks’ Indicators of Success – Firm Attributes....... 57

Table 8 Palo Alto Networks’ Indicators of Success – Founder Attributes. 59

Table 9 ISC8’s Indicators of Success – Funding Attributes....................... 61

Table 10 ISC8’s Indicators of Success – Firm Attributes............................. 62

Table 11 ISC8’s Indicators of Success – Founder Attributes....................... 64

Table 12 Cryptine Networks’ Indicators of Success – Funding Attributes... 65

Table 13 Cryptine Networks’ Indicators of Success – Firm Attributes........ 67

Table 14 Cryptine Networks’ Indicators of Success – Founder Attributes... 68

Table 15 Comparison of notable Indicators of Success................................ 70

Table 16 Area 1 Security’s Indicators of Success – Funding Attributes....... 77

Table 17 Area 1 Security’s Indicators of Success – Firm Attributes............ 77

Table 18 Area 1 Security’s Indicators of Success – Founder Attributes....... 79

Table 19 Sample representation of a macroenvironmental analysis using STEEP............................................................................................

92

xii

LIST OF FIGURES

Page

Figure 1 Cybersecurity financing history: 2010-2014.................................. 4

Figure 2 Decision stairway indicating the probability of war resulting from A’s actions over time.............................................................

31

Figure 3 Decision stairway depicting Actor B’s possible responses to Actor A’s decisions........................................................................

31

Figure 4 Competitive Indicators and Warning template used to examine startup firms....................................................................................

48

Figure 5 Example of a decision stairway representing the amount of points over a period of time............................................................

50

Figure 6 Competitive Indicators and Warning Analysis of Palo Alto Networks.........................................................................................

73

Figure 7 Competitive Indicators and Warning Analysis of ISC8................. 74

Figure 8 Competitive Indicators and Warning Analysis of Cryptine Networks.........................................................................................

75

Figure 9 Competitive Indicators and Warning Analysis of Area 1 Security 80

Figure 10 Decision Stairway of Area 1 Security’s Indicators of Success...... 81

Figure 11 Proposed model framework for inclusion of macroenvironmental and industrial analysis with Competitive I&W analysis................

91

Figure 12 Sample Porter’s five forces analysis of the cybersecurity industry 92

xiii

LIST OF ABBREVIATIONS

BA Bachelor of Arts

BS Bachelor of Science

DOD US Department of Defense

I&W Indicators and Warning analysis

MIT Massachusetts Institute of Technology

MS Master of Science

NSA National Security Agency

NYSE New York Stock Exchange

PANW Palo Alto Networks’ ticker symbol on the NYSE

SCIP Strategic and Competitive Intelligence Professionals

STEEP Social, Technological, Economic, Ecological, and Political/Legal – five dimensions of macroenvironmental analysis

US United States

VC Venture Capitalists

1

INTRODUCTION

Introduction to the Problem

The cybersecurity industry is experiencing rapid growth prompting entrepreneurs

to found new companies and earn their share of the market. With numerous startups

opening annually, competitive and market intelligence professionals can be overwhelmed

trying to estimate which firms have the potential to be successful. The Kauffman Index

(2015), which measures startup activity in the United States, determined that startup

activity has increased year-over-year from 2014 to 2015, the largest year-over-year

increase of the past 20 years and the first increase since 2010. In the same time frame, the

US Census Bureau’s Business Dynamics Statistics (2014) depict that 677,708

establishments were created in 2013, an increase of just under two percent from the

thirty-year low in 2009. While increasing startup activity and number of new

establishments help drive the US economy, estimates of failure rates suggest that

approximately 90% of these new ventures will likely fail (Carroll, 2014; Graham, 2013).

According to the US Small Business Administration (SBA), nearly 4 million technology

startups exist in the country (Small Business Profiles, 2015); looking specifically at failed

technology startups from 2010 through 2013, 69% of failed companies raised less than $5

million (the median funding raised was $1.3 million) and 71% of companies survived for

less than two years after their last round of funding (CB Insights, 2014a).

Gartner estimated that the cybersecurity market will reach $76.9 billion in 2015

and grow to $101 billion by 2018 (Gartner, 2014; Morgan, 2015). MarketsandMarkets

estimate that by 2020, the cybersecurity market will exceed $170 billion at a Combined

Annual Growth Rate (CAGR) of 9.8% from 2015 (MarketsandMarkets, 2015). Finding

2

success in a growing market requires increasing product differentiation and innovation

(Puspa & Kühl, 2006), a common strategy in such an environment and one that has been

shown to positively affect organizational performance (Antoncic, 2006). One critical

element of successful diversification that can be directly applied to cybersecurity

companies is keeping innovations aligned with demand (Downey, Greenberg, & Kapur,

2003). Determining which cybersecurity startups are likely to be successful depends

heavily on whether their products and services will be valuable to customers, i.e. offering

solutions that will truly change the technology security game (Lemos, 2015), or simply

become another available option on the market.

Background of the Problem

Between November 27 and December 15, 2013, peak holiday shopping season,

Ukrainian hackers victimized Target Corporation in the largest retail attack in US history

(Riley, Elgin, Lawrence, & Matlack, 2014). According to Brian Krebs (2014), who

originally broke the story of Target’s investigation into the breach, hackers stole 40

million credit and debit card numbers and 70 million records, which included the name,

address, email address, and phone number of Target shoppers. Earlier that year, Target

spent $1.6 million installing a malware detection tool manufactured by FireEye, a

cybersecurity and malware protection company; FireEye’s software detected the hacker’s

malware and alerted Target’s Minneapolis-based security team. The alerts occurred

before the hackers started transferring stolen data onto their own servers, but went

ignored by Target’s security team.

The hackers were neither one step ahead of the security team, nor did they use

highly advanced tools. According to Jim Walter, director of threat intelligence operations

3

at McAfee, “the malware utilized [was] absolutely unsophisticated and uninteresting”

(Riley et al., 2014, p. 2). Target could have prevented the attack that impacted roughly 1

in 3 American consumers; however, their failure resulted in hundreds of millions of

dollars in costs to include restitution, lawsuits, and security upgrades – costs that could,

according to analyst estimates, run into the billions (Riley et al., 2014).

In today’s increasingly virtual world, cybercrime threatens companies across all

industries. According to the Ponemon Institute, over the course of 12 months from 2013

to 2014, 110 million Americans (about half of the country’s adults) fell victim to hackers

who exposed their personal information (CNNMoney, 2014). In 2014 alone, the Federal

Bureau of Investigation (FBI) alerted over 3,000 US companies that they had been

victims of cyber-attacks (PwC, 2015). Hackers have utilized attacks encoded on

sophisticated malicious software (malware) in order to steal individuals’ private

information and compromise the integrity of organizations, such as the aforementioned

attack on Target, and other major organizations, notably Sony and the US Office of

Personnel Management (OPM).

In response to these attacks, cybersecurity-specific firms have flooded the market

with products designed to protect networks and safeguard data. Since 2010, more than

$7.3 billion has been invested in 1,208 cybersecurity startups (CB Insights, 2014a).

Figure 1 (below) shows the annual growth of both the value of investments in

cybersecurity startups and the total number of investment deals, both of which have more

than doubled over the past five years. With so many companies and products on the

market (and more starting up every year), potential investors, acquiring companies, and

customers face significant difficulties determining where to spend their money.

4

Statement of the Problem

Competitive and market intelligence professionals – those not directly involved

with venture capitalism – lack a methodology designed to analyze and estimate the

likelihood of success during the formative years of a new startup. In order to accurately

estimate the likelihood of success of a startup, an analyst must assess numerous factors

regarding the startup – factors that are frequently unstructured or difficult to

conceptualize – in addition to economic and market conditions, forthcoming political

regulations, and future technological advances. The objective model that will be refined

and tested through this study will also help to reduce the analyst’s personal biases,

decreasing the likelihood of an uninformed and inaccurate judgment.

Purpose of the Study

The purpose of this study is to analyze cybersecurity startups in order to

determine factors that can be attributed to the success or failure of the companies through

$941 $936

$1,311

$1,764

$2,394

133

155

213

258269

0

50

100

150

200

250

300

$0

$500

$1,000

$1,500

$2,000

$2,500

$3,000

2010 2011 2012 2013 2014

Number of Investmen

t Deals

US Dollars, M

illions

Cybersecurity Financing History: 2010‐2014

Investments Deals

Figure 1. Value and number of investments in cybersecurity startups from 2010 to 2014. Data obtained from CB Insights (2015).

5

a comparative case study. The study will expand on research conducted on

entrepreneurship and intelligence theories, success, and success factors. Additionally, this

study seeks to develop and test a model, based on Indicators and Warning analysis, a

military intelligence technique, which can be applied to new startup firms (in this case,

cybersecurity startups) in order to estimate their likelihood of success. This model can be

another tool utilized by competitive intelligence professionals, or it can be used by

potential investors, acquiring companies, and customers as a method to increase their

confidence in determining where to invest their time and money.

Research Questions

Much of the research on startups focuses on success ex post facto without any

attempt to develop or apply an ex ante model to analyze new startups. This study seeks to

answer two primary research questions. First, what factors have increased survival rates

and influenced growth of US cybersecurity startups? Second, after determining those

factors, what are the fundamental themes of success factors that must be included in a

competitive intelligence analytic model in order to improve estimates of success of a new

startup? These two questions will be answered through the collection and analysis of

literature, a qualitative case study of cybersecurity startups, and the application of

Indicators and Warning (I&W) analysis, a structured analytic technique.

Definition of Terms

This thesis uses the following terms and their associated definitions:

Startup. According to Schumpeter (1942) “the function of entrepreneurs is to

reform or revolutionize the pattern of production by exploiting an invention or, more

generally, an untried technological possibility for producing a new commodity or

6

producing and old one in a new way, by opening up a new source of supply of materials

or a new outlet for products, by reorganizing an industry and so on” (p. 132). Therefore,

we can define a startup as an organization founded as a result of such entrepreneurial

activity.

Success. While there is no agreed-upon definition of success in terms of

entrepreneurship, a concept which will be discussed in more detail in the literature review

following this chapter, the definition this study will use is derived from the CB Insights

(2014a) statistics presented in the Introduction to the Problem. CB Insights (2014a) have

shown that 97% of technology startups that failed between 2010 and 2013, failed within

five years of their final round of funding. We can say, therefore, that a successful startup

is one that survives for more than five years after its last round of funding (in this

definition, funding refers to venture capitalist investments through specific funding

rounds and does not include funds raised through initial public offerings – IPOs).

Implications and nuance of this definition will be discussed in the Literature Review.

Success factors. Rockart (1979) defines success factors as “the limited number of

areas in which results, if they are satisfactory, will ensure successful competitive

performance for the organization” (p. 85). In other words, success factors are the areas

that a business must get right, and should therefore receive persistent and calculated

attention from leaders.

Failure. Shepherd (2003) considers a business venture to be a failure “when a fall

in revenues and/or a rise in expenses are of such a magnitude that the firm becomes

insolvent and is unable to attract new debt or equity funding; consequently, it cannot

continue to operate under the current ownership and management” (p. 318).

7

Cybersecurity. According to the US Department of Homeland Security’s (DHS)

National Initiative for Cybersecurity Careers and Studies (NICCS) and adopted from the

National Institute of Standards and Technology (NIST), cybersecurity is “the activity or

process, ability or capability, or state whereby information and communications systems

and the information contained therein are protected from and/or defended against

damage, unauthorized use or modification, or exploitation” (DHS, 2009).

Nature of the Study

This study will use a comparative case study to determine which factors have

directly contributed to the success or failure of cybersecurity startups. The case study will

examine one successful cybersecurity company, Palo Alto Networks, and two

unsuccessful cybersecurity companies, ISC8, Inc. and Cryptine Networks. Palo Alto

Networks, a publicly traded cybersecurity company (NYSE: PANW), was founded in

2005, and recorded $928 million in revenue for the year ending July 31, 2015 – a 134%

increase from 2013 and a 55% from 2014. Palo Alto Networks held their initial public

offering (IPO) on July 20, 2012. ISC8, Inc., a cybersecurity company that targeted

attackers after infiltration of a system, started their cybersecurity business in January

2012 and declared Chapter 11 Bankruptcy less than four years later on September 14,

2015. Cryptine Networks was founded in 2001 as a security consulting firm, but shifted

focus to cybersecurity software development. The shift in focus fractured the team of

founders and drove away potential investors, ultimately resulting in its closure in 2006.

After extensively reviewing entrepreneurial literature, most research is based on

quantitative methodologies; therefore, this study will utilize the qualitative methodology

of comparative case studies to develop an I&W model for use in competitive and market

8

analysis. The model does incorporate quantitative measures through the accounting of

scores for each of the indicators. While there is significant research into the success

factors of existing startups, there is a lack of research, and resulting models and

methodologies, regarding assessment of startups and potential for success during their

formative early years.

Relevance and Significance of the Study

In the first half of 2015 there were 604 cyber-attacks – approximately 23 attacks

each week (Hackmageddon, 2015). Due to the frequency of these cyber-attacks, many

companies are exploring and evaluating ways to protect the information stored on their

networks. In response to this demand, the cybersecurity market has ballooned, growing at

a rate of nearly 10% annually (MarketsandMarkets, 2015), with more than 500 firms

offering various products and services on the market (Cybersecurity Ventures, 2015). As

some companies seek to purchase security products, other companies look to purchase

cybersecurity firms, and venture capitalists look to invest their money in promising

startups. The cybersecurity market is providing an essential product and filling a need

that will likely persist through the coming years. However, despite predicted growth of

the market through 2020, some investors are becoming wary of a potential bubble

forming in the cybersecurity market that may decrease valuations and drive down overall

funding. This study, therefore, seeks to determine which factors are most indicative of

entrepreneurial success and develop a model that can be used to estimate the likelihood of

success of new cybersecurity startups.

This study will add to the body of knowledge in the intelligence and analytic

fields in three ways. First, this study will provide some clarity as to which factors

9

contribute to a cybersecurity startup that is likely to experience success in the

aforementioned crowded cybersecurity market. Second, there is an absence of

entrepreneurial and business literature examining market opportunities through I&W

analysis, primarily due to the lack of national security or military intelligence

methodologies that can be used in a competitive intelligence setting. This study will

convert a predominantly military analytic technique that is used to identify and warn of

potential threats into a competitive and market analytic technique that can be used to

identify and notify practitioners of potential threats and opportunities in the market. The

primary challenge in converting any methodology from military intelligence to

competitive intelligence is the translation of terminology and targets, a concept that will

be addressed, with the focus of translation on I&W analysis, in the second chapter.

Finally, the developed I&W analytic model can be generalized and applied to the broader

field of technology startups, of which there are currently 4 million in existence.

Assumptions and Limitations

This thesis contains an assumption and several limitations. The assumption is that

the examined unsuccessful companies failed due to their own mismanagement, lack of

abilities, or unfavorable market conditions, and not due to any illegal or fraudulent

activities or significant factors outside their control.

The first limitation is that the researcher only has access to open source

information and does not have any access to private, insider information on any of the

studied cases. This thesis is also limited in that it does not assess all firms whose

offerings include cybersecurity solutions; firms such as IBM or Intel offer cybersecurity

products, but the product is not its primary endeavor, nor can companies such as these be

10

considered startups. Additionally, while some of the literature on entrepreneurial efforts

includes teams or divisions that were started inside a larger company, this study will not

include such startup programs. Due to the proprietary information involved in developing

products that are distinct within the market, much of the creative, thought, and

development processes of these startups are unavailable to the public. Finally, due to the

limited number of cases analyzed, the overall validity will need to be corroborated

through further research.

Organization of the Study

This thesis is organized into five chapters. The first chapter introduces and

provides background to the problem that the study addresses and the research questions

that the study seeks to answer. The first chapter also includes the purpose and nature,

significance to the body of knowledge in the intelligence and analytics field, and the

assumptions and limitations of the study. The second chapter is a review of the literature

which covers previous research conducted on startups and entrepreneurial efforts,

success, and success factors. The literature review will also examine the practice of

intelligence and the analytic methodology Indicators and Warning analysis. The second

chapter concludes with a revised definition of I&W analysis that is applicable to the use

of the methodology in competitive intelligence. The third chapter outlines the

methodology used to collect, measure, and analyze the data. This chapter will also

include a brief discussion of methodological limitations and their impact on the validity

of this study. The fourth chapter studies the three selected cases (Palo Alto Networks,

ISC8, Inc., and Cryptine Networks) in order to determine key success factors. Area 1

Security, a recently-founded cybersecurity startup, will be analyzed through the

11

Competitive Indicators and Warning model. The fifth chapter concludes the thesis with a

summarization of the study, a discussion of the results and implications, and

recommendations for future research.

12

LITERATURE REVIEW

Introduction

This review and synthesis of existing literature will cover entrepreneurial and

intelligence theories. The entrepreneurial theory and framework includes the act and

psychology of entrepreneurship, various definitions of success, and an examination of

factors that increase the probabilities of success. The intelligence theory and framework

section focuses on the definition and purpose of the intelligence profession, the military

intelligence methodology of Indicators and Warning (I&W) analysis, and the translation

to Competitive I&W.

In this study, the reviewed concepts will be tied together through the development

of a competitive intelligence methodology, based on I&W analysis, which can be used to

estimate the likelihood of success of a new cybersecurity startup. This review will also

examine three gaps in the literature: the absence of an agreed-upon definition of success,

the dearth of competitive intelligence methodologies derived from the national security or

military intelligence disciplines, and the lack of an available and user-friendly tool to

estimate the likelihood of startup success for use by competitive intelligence

professionals. While remedying the first gap is beyond the scope of this study, the final

two gaps will be addressed through the remainder of this thesis.

Entrepreneurial Theory and Framework

Entrepreneurship

Sharma and Chrisman’s (1999) review of entrepreneurship included one of the

earliest usages of the term – Richard Cantillion’s 1734 definition of entrepreneurship as

13

self-employment with an uncertain return. Entrepreneurship has been defined and

developed in a variety of way since Cantillion first used the term nearly three centuries

ago; as such, the lack of a commonly agreed upon definition has impaired the theoretical

development of the concept (Gartner, 1990; Low & MacMillan, 1988; McMullan &

Long, 1990; Shane & Venkataraman, 2000; Venkataraman, 1997).

Schumpeter (1934), one of the more popular theorists of entrepreneurship, posited

that an entrepreneur was an individual who carries out new combinations and creates

discontinuity (or sharp characteristic differences) in the market. These new combinations

could be the introduction of a new good (either completely unique or new quality),

introducing of a new method of production, opening of a new market, use of a new

source of raw materials or components, or the reorganization of an industry. Instead of

viewing the entrepreneur as a force of discontinuity, Kirzner (1979) suggested that

entrepreneurs actually stabilize the market by responding to the tensions resulting from

untapped opportunities. Schumpeter (1942) viewed entrepreneurship as an act reserved

for brilliant and daring innovators who “reform or revolutionize the pattern of production

by exploiting an invention or, more generally, and untried technological possibility” (p.

132). While Kirzner (1979) believed that entrepreneurship existed even when a market

participant discovered a way of doing things that was a little different, but utilized

available opportunities. Both theorists supported the notion that entrepreneurs drive up

the level of economic well-being through the creation of profits. While Schumpeter’s

(1934, 1942) theory focused on exploiting opportunities, Kirzner (1979) was more

concerned with the discovery of market opportunities. Reynolds et al. (2005) fused these

two views by indicating that entrepreneurship can be thought of as the discovery of

14

opportunities and subsequent creation of new economic activity – or exploitation of the

opportunity – frequently done so through the foundation of a new organization.

Expanding on the concept of opportunities central to entrepreneurship, Stevenson,

Roberts, Grousbeck, and Bhidé (1999) termed entrepreneurship as “the process of

creating value by bringing together a unique package of resources to exploit an

opportunity” (as cited by Brizek & Khan, 2008, p. 227); essentially, entrepreneurs create

value where there previously was none. Shane and Venkataraman (2000) submitted that

without the discovery, assessment, and exploitation of opportunities, the entrepreneurial

process and the creation of new goods, methods, markets, and organizations would not

exist. As entrepreneurship does not necessarily require the creation of a new firm and can

be initiated by more than a single actor, the act of entrepreneurship may actually begin

with opportunities (Murphy, 2009; Murphy & Coombes, 2008). While the identification

of opportunities depends on both the entrepreneur and the context of the opportunity

(Dew, Velamuri, & Venkataraman, 2004; Shane, 2000; Venkataraman & Harting, 2005),

Eckhardt and Shane (2003) defined entrepreneurial opportunities as “situations in which

new goods, services, raw materials, markets, and organizing methods can be introduced

through the formation of new means, ends, or means-ends relationships” (p. 336).

Economic profit is produced through entrepreneurship by individuals who are able to

detect and exploit these market opportunities (Vranceanu, 2014).

Cuervo, Ribiero, and Roig (2007) developed three basic ideas that explain the

presence of entrepreneurial activity: individual, economic, and institutional function. The

individual view described entrepreneurship as a human attribute that includes need-based

traits such as the need for achievement (McClelland, 1961), for autonomy, dominance,

15

high-energy, and persistence (Neider, 1987), or self-efficacy (Chen, Green, & Crick,

1989). Bull and Willard (1991) theorized that entrepreneurship will occur under four

conditions, three of which are individualistic. The entrepreneur must have task-related

motivation (a vision that motivates the entrepreneur to act), expertise of both present and

future needs, and expectation of gain (economic and/or psychological) for themselves.

Entrepreneurship also revolves around the acceptance of risk, which Caruana, Morris,

and Vella (1998) suggested is essential in the entrepreneurial creation of wealth. As

Cantillion noted in 1734, entrepreneurs must be willing to face uncertainty (Kihlstrom &

Laffont, 1979). Building upon this idea, Miller (1983) suggested that entrepreneurial

behavior is defined by the management of risk, innovation, and proactivity. Herron and

Robinson (1993) developed a model that examined the impact of factors such as

personality traits and motivations on entrepreneurial behavior; however, they concluded

that entrepreneurship is most affected by the structure of the external environment in

which the act was commenced and the entrepreneur’s strategy.

The second aspect of entrepreneurial activity is the economic view, specifically

the environmental factors that result in entrepreneurship. Bull and Willard’s (1991) fourth

condition of entrepreneurship is a supportive environment, or settings that provide

comfort and support for a new activity or minimize discomfort from a previous initiative.

Additionally, the dynamics of technological change (Tushman & Anderson, 1986) and

the size and structure of the market (Acs & Audretsch, 1990) influence entrepreneurial

activity. The third factor of entrepreneurial activity involves the functions of institutions,

cultures, and societal values. Sharma and Chrisman (1999) agreed with this view of

16

entrepreneurship, defining the phenomenon as “acts of organizational creation, renewal,

or innovation” (p. 17).

From a resource-based point of view, entrepreneurship can be said to occur as a

result of varying beliefs regarding the value of resources (Alvarez & Busenitz, 2001).

Several other authors found that innovative produces, processes, and organizations occur

through the combination of resources in new ways (Alterowitz & Zonderman, 1988;

Jennings & Young, 1990; Kanter, 1986; Schollhammer, 1982). Beyond the resource

view, Damanpour (1991) and Drucker (1985) suggested that entrepreneurship is based

solely on the innovation, development, and implementation of new ideas, behaviors, or

goods. While these authors provided a broad range of theories and definitions of

entrepreneurship, from opportunities to individual traits to external environments, two

overarching themes in theoretical development are innovation – the development of a

new, value-creating product, service, or method – and discontinuity – a sharp difference

in characteristics of organizations, activities, or processes. Entrepreneurs must take

advantage of opportunities, employ their traits and experiences, and do so in a supportive

environment in order to successfully innovate and create discontinuity.

Defining Success

The literature regarding success in business, and entrepreneurial success in

particular, is vast and lacking consensus (Fielden, Davidson, & Makin, 2000; Headd,

2003; Maidique 1985; Maidique & Zirger, 1985; Mansfield & Wagner, 1975; Stuart &

Abetti, 1987; Walker & Brown, 2004). Stuart and Abetti (1987) provided four

dimensions of success: (1) subjective versus objective, (2) bimodal, multimodal versus

continuous, (3) financial versus nonfinancial, and (4) meeting versus not meeting

17

expectations. Examining subjectivity in determining success, Cooper (1979) studied raw

judgment of the perceived success of a product. Maidique and Zirger (1984), on the other

hand, assessed product success or lack thereof based solely on the cash flows generated

by the product. This study utilizes statistical objectivity to define success. According to

data obtained from CB Insights (2014a), 97% of technology startups that failed between

2010 and 2013, failed within five years of their final round of funding; therefore, a

successful startup is one that survives for more than five years after its last round of

funding. This is the definition of success that this study will use. Funding rounds

(typically termed Series A, Series B, Series C, and so on) refer to the efforts by

entrepreneurs to raise money through investments from venture capitalists, business

angels, and general investors (Gil, 2011).

Bimodal models of success, or dichotomous classifications as either successful or

unsuccessful, and multimodal studies, such as Litvak and Maule’s (1980) three-point

scale (unsuccessful, marginal success, or successful) or Maidique and Zirger’s (1984)

seven-level scale based on returns, evolved into continuous measures of success, mainly

using figures such as sales growth, cash flows over time, or return on investments or

equities (Meyer & Roberts, 1986; Weiss, 1981).

Walker and Brown (2004) explored financial and nonfinancial criteria

determining success. Traditional measures of success center on either employee numbers

or financial performance, such as profit, turnover, or return on investment. Hall and

Fulshaw (1993) stated that “the most obvious measure of success are profitability and

growth” (p. 229), which Greenbank (1999) termed profit maximization. Financial

performance criteria are ‘hard’ measures of success, meaning they can be easily

18

administered and applied to nearly all organizations, thus increasing their popularity

(Barkham, Gudgin, Hart, & Hanvey, 1996; Gibb & Davies, 1992). Additionally, Marlow

and Strange (1994) stated, somewhat obviously, that businesses must be financially

sound in order to continue to exist. Headd (2003) examined business closings and posits

that while some entrepreneurs seek to continue and grow their business, others might

want to close and sell their business to make a profit before they start experiencing losses.

Not all small business owners want or need to grow their businesses. In situations

where financial gain is not their primary or only motivation, success must be measured

using other, nonfinancial criteria. Some small businesses even avoid hiring employees,

despite links to success and the potential detriment to profits, because growth and job

creation are not the entrepreneur’s primary motivations or goals (Gray, 1998). Fielden,

Davidson, and Makin (2000) found that while 88% of small business owners listed

money as a motivator of entrepreneurial activity, 71% of surveyed individuals recorded

that job satisfaction, greater independence, new opportunities and challenges, and the

ability to pursue their own interests were very important to them. Wheelock and Baines

(1998) suggested that these subjective benefits, or what they call psychological income,

are primarily enjoyed by individuals who have not been very successful financially, but

are satisfied with other types of rewards. These nonfinancial and subjective measure of

success, such as autonomy, job satisfaction, and work-life balance can be difficult to

define (Buttner & Moore, 1997; Green & Cohen, 1995) and, therefore, are difficult to

measure.

The final dimension, meeting or not meeting expectations, can be either an

objective or subjective measure. Maidique and Zirger (1985) assessed success to be the

19

achievement of a desired, planned, or attempted end goal. This goal could be financial,

but financial success is far from the only important goal, and it could also be any of the

other subjective measures. While ‘hard’ measures of success are more easily used to

compare organizational performances and are better tools for benchmarking, the

subjective ‘soft’ measures are not useless, with many commonalities occurring amongst

small business owners.

While these measures can be used for general business success, Stuart and Abetti

(1987) also quantified initial success through objective and subjective measures.

Objectively, initial success could be determined with the same financial measures

discussed earlier. Mansfield and Wagner (1975) defined success very strictly through

these objective measures, stating that a venture or product (what they call a

commercialized R&D project) can be considered successful if the “project will yield a

rate of return in excess of what was available from other (non-R&D) investment

alternatives” (p. 180). Subjectively, initial success can be measured through combinations

of achieving expectations, survival, ability to attract investors, and societal contributions.

While initial success confirms that the entrepreneur’s early efforts will be rewarded and

is essential to develop a customer base and maintain a steady flow of capital, it in no way

guarantees long-term success.

Success Factors

Watson, Hogarth-Scott, and Wilson (1998) developed a theoretical and analytical

framework for examining success factors in entrepreneurship consisting of internal and

external factors. The success factors related to the internal environment can be broken

down into four categories: funding attributes, firm attributes, founder attributes, and

20

market attributes. While the market has been deemed an important factor in the success

of new ventures (Chandler & Hanks, 1994; Holmes, Hunt, & Stone, 2010; Littunen &

Niittykangas, 2010; Miettinen & Littunen, 2013; Porter, 1985; Stuart & Abetti, 1987),

assessment of market attributes and their relationship with entrepreneurial success is a

massive undertaking and beyond the scope of this study, but it is a topic that should be

considered for future research. This study is limited to cybersecurity startups entering the

same (US) market. The market impact, therefore, on any one firm’s success should

equally impact any other firms’ success; as such, the market’s impact on any individual

startup will be disregarded for the purposes of this study.

Funding attributes. According to Miettinen and Littunen (2013), “sufficient

finance when starting up a new firm” is a key factor in determining success (p. 475).

Duchesneau and Gartner (1990) suggested that greater equity share is a strong indicator

of greater probabilities of success, where equity share is the amount of capital provided

by the entrepreneur(s) related to the total assets. This serves as a proxy for the founder’s

commitment, an important aspect that lenders value. Duchesneau and Gartner’s study,

however, was performed on startups in the food and beverage industry, which may rely

on equity share differently than startups in other industries. Cooper, Gimeno-Gascon, and

Woo (1994) found that greater financial capital not only allows for the undertaking of

more ambitious strategies, potential changes in direction, and increased capability to deal

with the demands of growth, but it also likely reflects better training and more robust and

detailed planning. In terms of loans, the average amount among the successful firms was

greater than the average loan amount of the total number of firms (Miettinen & Littunen,

2013). Multiple studies agreed that greater funds in the startup phase is strongly

21

associated with increased probability of success (Becchetti & Trovato 2002; Cooper et

al., 1994; Lussier & Halabi, 2010). In one study, a 75,000 Euro (about $85,762 – $94,335

when controlled for inflation) seed capital had a very significant positive correlation to

the success and growth of European startup businesses (Groenewegen & de Langen,

2012). In another, Lasch, Le Roy, and Yami (2007) suggested that capital greater than the

75,000 Euro threshold results in greater growth. However, according to data from CB

Insights (2014b), technology startups have averaged just over $1 million in seed capital

since the beginning of 2011.

In addition to seed capital, venture capitalists and business angels can have a

profound effect on a new venture’s success. Particularly in highly competitive industries,

startups that have been financed by larger and more active investors are likely to

dominate their competitors in terms of capital, growth, and market shares (Inderst &

Mueller, 2009). Despite this potential, Bygrave, Hay, Ng, and Reynolds (2003) estimated

that venture capitalists and business angels invest in less than 0.5% of nascent ventures.

Such a small percentage is most likely due to investors seeking either established,

profitable enterprises, or larger-scale ventures with high potential (Bhide, 2000). CB

Insights (2014a) analyzed failed technology companies from 2010 through 2013 and

found that 69% of the failed companies raised less than $5 million. The average funding

of these companies was $11.3 million, but the median (a more applicable figure) was

only $1.3 million. Finally, 13% of these technology startups raised more than $20 million

and still failed, indicating that while financing may have a strong correlation to success, it

is by no means a guarantee.

22

Firm attributes. The level of innovation of a startup’s product or service has a

very significant positive correlation to organization growth (Groenewegen & de Langen,

2012). Stuart and Abetti (1987) included unique innovations as factor contributing to

initial success, suggesting that innovations that increase probability of success are unique

products, processes, systems, or services that are “specialized or customized, beyond the

state-of-the-art, based on proprietary and patentable technology or on complex systems

engineering, and R&D requirements are high” (p. 219). Equally as important is the value

of this innovation to the customer. Greater benefits for less costs, such as improved

functionality, efficiency, or savings, will increase the value. According to Abetti (2000),

this is the degree in which the innovation offers a unique advantage compared to other

existing possibilities. In other words, innovative products increase a company’s

competitive advantage, thereby increase probability of survival and growth

An organization’s business plan and competitive strategy are integral and must be

thorough and robust in order to grow and succeed (Salomo, Weise, & Gemünden, 2007).

Stuart and Abetti (1987) suggested that a highly aggressive strategy, one that is clear and

proactive, first to the market, and includes strong efforts in R&D, sales, and marketing,

will increase a company’s likelihood of success. Watson, Hogarth-Scott, and Wilson

(1998) suggested that the underlying business concept would increase or decrease the

likelihood of success. Additionally, despite some anecdotal success within simplistic and

loosely-controlled organizations, it has been shown that a company’s business plan, at

least in the early stages, should allow for the entrepreneur to exert a fairly tight control of

the organization to increase the probability of success (Stuart & Abetti, 1987).

23

Firms that have been founded by teams (multiple founders) can take advantage of

a wider array of skills and resources, increased access to capital, and more sophisticated

systems of support and organization – all factors that increase the probability of growth

and success (Cooper et al., 1994; Friar & Meyer, 2003; Lafuente & Rabetino, 2011;

Littunen, 2000; Littunen & Niittykangas, 2010; Lussier & Halabi, 2010; Schutjens &

Wever, 2000). While teams do significantly contribute to high growth, those that break

up under hostile conditions or due to non-amicable relationships severely threaten the

survival of the business (Thurston, 1986).

Founder attributes. The skills and experiences of the entrepreneur(s) themselves

compose this family of attributes. Unger, Rauch, Frese, and Rosenbusch (2011) defined

human capital as “skills and knowledge that individuals acquire through investments in

schooling, on-the-job training, and other types of experience” (p. 343); a definition

derived from Becker’s (1964) Human Capital. This study will use the term ‘human

capital’ to refer to the founder’s attributes – i.e., the entrepreneur’s individual skills and

knowledge. Becker’s (1964) theory of human capital suggested that individuals expect

compensation for their human capital, and therefore invest in their human capital in order

to maximize their economic compensation.

Cassar (2006) tied this theory to entrepreneurship by positing that, of the

individuals engaged in entrepreneurial activity, those who have invested more in their

human capital are more likely to strive for higher growth and profits in their endeavors,

primarily because they want to receive greater compensation for their greater human

capital investments. Ray (1993) and Stanworth and Gray (1991) suggested that successful

entrepreneurship is related to an infinite variety of complex and interrelated personal

24

attributes, in which the probability of success increases when an individual’s positive

attributes outweigh their negative attributes. Entrepreneurs can increase their positive

attributes through investments in their own human capital, including education and

knowledge, work experience, skills, and competencies (Reuber & Fisher, 1994; Unger et

al., 2011). If the compensation does not equal the investments, entrepreneurs with high

human capital are likely to shut down their firms and seek more lucrative employment

opportunities (Gimeno et al., 1997). Therefore, according to human capital theory, an

entrepreneur who invests highly in their own human capital increases their likelihood of

entrepreneurial success. Some researchers (Miettinen & Littunen, 2013; Storey &

Wynarczyk, 1996) found that, due to a weak correlation with success, the founder’s

attributes are not a unique determinant of performance; however, many authors

(Barringer & Jones, 2004; Bonet, Amengot, & Martín, 2011; Bosma, Van Praag, Thurik,

& de Wit, 2004; Cooper et al., 1994; Haber & Reichel, 2005; Van der Sluis, Van Praag,

& Vijverberg, 2005) agreed that there is a strong positive relationship between the

entrepreneur’s attributes (or human capital) and success.

Human capital and entrepreneurial success. Unger et al. (2011) developed four

applications of human capital that should increase entrepreneurial success. First, greater

human capital should increase the capability of an individual to perform the

entrepreneurial task of discovering and exploiting opportunities (Shane & Venkataraman,

2000). This use of human capital harkens back to Schumpeter’s (1934, 1942) and

Kirzner’s (1979) theories on entrepreneurship. Second, according to Baum, Locke, and

Smith (2001) and Frese, et al. (2007), human capital is correlated with planning and

venture strategy, two organizational abilities that positively impact success. Brush,

25

Greene, and Hart (2001) asserted that knowledge is useful in the acquisition of other

necessary resources, such as financial and physical capital, and can even compensate for

a lack of financial capital, which has been noted as the most important factor in the

success of a new firm (Chandler & Hanks, 1998). Finally, human capital in necessary for

further learning and to acquire new knowledge and skills (Ackerman & Humphreys,

1990; Hunter, 1986). Entrepreneurs who harness all four applications of human capital

should be able to operate their organizations more effectively and efficiently than an

owner with lower human capital. Stuart and Abetti’s (1987) research found that the

entrepreneur (or entrepreneurial team) is integral to the success of new ventures.

Additionally, entrepreneurs who are driven by opportunity, exhibit persistence and

persevere, are dynamic and enthusiastic, and possess high quality networking and

communication skills are more likely to increase the probability of success.

Previous entrepreneurial experience. While authors agree that the entrepreneur’s

human capital is related to success, the magnitude of that relationship varies across

situations and studies and, therefore, remains unknown. Studies such as Duchesneau and

Gartner (1990) and Van der Sluis, Van Praag, and Van Witteloostuijn (2007) showed a

moderate to high relationship, whereas Davidsson and Honig (2003) and Gimeno, Folta,

Cooper, and Woo (1997) reported a low correlation. Personal business experience,

particularly resulting from founding or owning a business, has shown to be a critical

success factor for small firms (Coleman, 2007; Harada, 2003; Yusuf, 1995). In their

evaluation of a firm’s potential, investors have traditionally attached great importance to

the entrepreneur’s experiences (Stuart & Abetti, 1990). However, this attribute is not

agreed upon unanimously; Bosma et al. (2004) and Van Praag (2003) argued that

26

previous entrepreneurial experience does not have an influence on the performance of

small businesses. Blumberg and Letterie (2008) noted that banks do not value this type of

experience during the loan application phase.

Relevant social networks and previous managerial experience. Groenewegen

and de Langen (2012) demonstrated the importance of a relevant social network to an

entrepreneur, a factor that is positively correlated to business growth. Prior business

experience tends to increase the size of these social networks, which are therefore more

robust and developed than the social network of a beginner, who likely has fewer skills to

diversify their network team (Mosey & Wright, 2007; Zolin, Kuckertz, & Kautonen,

2011). Additionally, prior business and managerial experience and knowledge increase an

entrepreneur’s alertness, helping them find and take advantage of market opportunities

that would likely remained hidden from novices (Shane, 2000; Venkataraman, 1997;

Westhead, Ucbasaran, & Wright, 2005). According to Watson, Hogarth-Scott, and

Wilson (1998), previous managerial experience can improve the founder’s ability to

overcome common business problems. Venture capitalists often use management skills

and experience as evaluation and selection criteria in identifying promising investment

targets (Zacharakis & Meyer, 2000).

Previous industrial experience. Reuber and Fischer (1999) reported that

industrial knowledge and experience increase the probability of success. Multiple studies

have shown the positive effect of industrial experience on a new firm’s performance

(Blumberg & Letterie, 2008; Bosma et al., 2004; Cooper et al., 1994; Harada, 2003;

Lussier & Halabi, 2010; Van Praag, 2003). Previous work experience in the same

industry as the entrepreneurial effort is typically associated with skillsets, knowledge, and

27

abilities that would benefit a small business, particularly an in-depth understanding of

markets, customers, and technologies (Reuber & Fischer, 1999). Venture capitalists

greatly value and are more likely to finance entrepreneurs that are compatible with the

venture, meaning that the new endeavor aligns with the entrepreneur’s previous

experience, knowledge base, and skills (Stuart & Abetti, 1987).

Level of education. Educated entrepreneurs are perceived to have a greater

capability to adapt to and develop knowledge of a constantly changing environment

(Haber & Reichel, 2005). Additionally, entrepreneurs with higher levels of education are

more likely to prosper in their business ventures than those with less education (Bosma et

al., 2004; Cassar, 2006; Lussier & Halabi, 2010; Lussier & Pfeifer, 2001). Both Almus

(2002) and Van der Sluis et al. (2005) showed a positive relationship between the

entrepreneur’s education level and growth of their business. Almus (2002) and Cooper et

al. (1994) suggested that founders with a university degree or higher have a better chance

of rapidly growing their business. The level of formal education is correlated with, and

can therefore be used as a proxy for, an entrepreneur’s drive, energy, motivation, and

dedication to the business – attributes that lead to better business performance (Cooper et

al., 1994; Kim, Aldrich, & Keister, 2006; West & Noel, 2009). Watson, Hogarth-Scott,

and Wilson (1998) suggested additional founder attributes that could be considered,

including the founder’s motivation to start a business, specifically examining “push” and

“pull” motivations. Push motivations refer to necessity, in order to make a living, and a

pull motivation is the desire for independence, to use creative skills or work in an area

that they enjoy. Their findings suggested that startups formed due to “pull” motivations

were more likely to succeed.

28

Intelligence Theory and Methodological Frameworks

Intelligence

Between the National Security Act of 1947, the Intelligence Reform and

Terrorism Prevention Act of 2004, the seventeen US intelligence agencies, and the US

Department of Defense, there does not exist an agreed-upon, appropriate definition of

intelligence. As the official governmental definitions do not suffice to adequately define

intelligence, multiple experts have undertaken the task. Lowenthal (2002) defined

intelligence as “the process by which specific types of information important to national

security are requested, collected, analyzed, and provided to policymakers; the products of

that process; the safeguarding of these processes and this information by

counterintelligence activities; and the carrying out of operations as requested by lawful

authorities” (p. 8). Warner (2002) examined nearly 20 varying definitions of intelligence

and arrived at intelligence as a “secret, state activity to understand or influence foreign

entities” (p. 21). Clark (2003) stated that, “intelligence is about reducing uncertainty by

obtaining information that the opponent in a conflict wishes to deny you” and “can be

thought of as the complex process of understanding meaning in available information” (p.

13). These definitions improve on what the government offers, but they do not apply to

the competitive intelligence discipline.

The Strategic and Competitive Intelligence Professionals association (SCIP,

2015) defined competitive intelligence as “a necessary, ethical business discipline for

decision making based on understanding the competitive environment” (p. 1). While

SCIP’s definition depicted intelligence as a professional discipline with an external focus

and a clear customer, it fails to acknowledge the intelligence process. Fleisher and

29

Bensoussan (2003) defined competitive intelligence as a “value-added product resulting

from the collection, evaluation, analysis, integration, and interpretation of all available

information that pertains to one or more aspects of an executive’s needs, and that is

immediately or potentially significant to decision making” (p. 6). This definition, while

focused specifically on competitive intelligence and ignoring the customer of the process,

adequately acknowledges both the intelligence product and process, the customer, and the

necessary actionable nature of intelligence.

In order to resolve the discrepancies amongst the many definitions and to develop

a comprehensive definition of intelligence, Wheaton and Beerbower (2006) posited the

definition of intelligence as “a process, focused externally and using information from all

available sources, that is designed to reduce the level of uncertainty for a decision maker”

(p. 329). Wheaton and Beerbower (2006) ensured that their definition of intelligence is

applicable to national security, law enforcement, and competitive intelligence

professionals. This study will use Wheaton and Beerbower’s definition of intelligence

based on the definition’s disciplinary flexibility. The definition incorporates the focus of

intelligence, includes open and confidential sources of information, and acknowledges

the process and the customer of intelligence.

Indicators and Warning Analysis

Indicators and Warning analysis is a military intelligence methodology in which a

warning analyst detects and reports information on foreign or adversarial activities that

could threaten the United States, its interests, or their allies (Joint Military Intelligence

College, 2001). Growing into prominence after World War II, I&W analysis developed

as a response to the fear that America’s adversaries might once again engage in

30

devastating military actions without any conventional warning, such as a declaration of

war (Grabo, 2002). Warnings could be based on almost any development, or indicator, in

any part of the world, and should, therefore, be the responsibility of the entire

Intelligence Community. There is an important distinction between indications and

indicators: according to the Department of Defense (2015), indications are any piece of

information that reflects a potential enemy’s intent to select a particular course of action,

and are therefore inherently ambiguous or uncertain. An indicator, on the other hand, is

“a known or theoretical step which the adversary should or may take in preparation for

hostilities” (Grabo, 2002, p. 3).

The warning analyst is broad in scope and focuses on strategic-level intelligence

analysis. Davis (1969) discussed the warning analyst’s role as one who seeks and

assesses information that could indicate preparation for a military offensive. Specifically,

the analyst focuses on strategic threats, actual or potential, to the US. The warning

analyst must always consider the worst-case scenario or the unlikely, outside

possibilities. Swanson, Astrich, and Robinson (2012) suggested that preventing surprise

requires creative and diverse predictive estimates, stemming from intensive and rigorous

collection and analysis activities. To facilitate identification of potential warnings,

analysts develop a list of indicators, both supporting and refuting their judgment, in order

to provide “a rough estimate as to how ready a country may be to launch an attack”

(Davis, 1969, p. 39). These indicator lists are frequently developed by warning analysts,

current intelligence analysts, and regional analysts in advance of any hostilities in order

to identify anomalies as early as possible. Grabo (2002) discussed three sources of

knowledge that are used to develop the indicator lists: 1) logic or longtime historical

31

precedent, 2) specific knowledge of the military doctrine or practices of the nations

concerned, and 3) lessons learned from previous behaviors during recent wars or

international crises. Regardless of the amount of analysis, development, and knowledge

that is used to compile the indicator list, no list can possibly be exhaustive or include

every action in every contingency (Grabo, 2002).

While Indicators and Warning analysis can help identify strategic threats,

communicating these threats to a decision maker in a concise, logical manner completes

the action of warning. According to Belden (1977), the results of I&W analysis, the

adversary’s probability of war, can be visualized with a decision stairway. He described

the basic process of warning analysis as a cycle that begins when an adversary’s actions

(indicators to the warning analyst) are analyzed. This analysis, once conveyed to a

decision maker, leads to a decision and then an action. The conveyance of the warning is

an important step, as Grabo (2002) stated, “warning does not exist until it has been

Figure 2. Decision stairway indicating the probability of war resulting from A's actions over time.

32

conveyed to the policymaker, and that he must know that he has been warned. Warning

that exists only in the mind of the analyst is useless” (p. 14). The analysis-decision-action

process creates a number of indicators to the adversary (assuming they are conducting

their own intelligence), who then would engage in their own analysis-decision-action

process, completing the first round of the cycle and beginning a new cycle (Belden,

1977). The decision stairway (as seen in Figure 2), depicts an actor (A) and how their

decisions have increased their probability of war (y-axis) over time (x-axis). This model

can also be used to depict a second actor (B) and their potential responses to Actor A.

Figure 3 represents three different response options for Actor B: pre-emptive action,

defense action, or surprise. The short, vertical dashed line indicates a situation in which

Actor B is monitoring Actor A’s decisions, and decides to preemptively attack Actor A.

The most common situation depicts Actor B’s solid stairway, a situation in which Actor

B tracks Actor A’s actions but does not act pre-emptively. Therefore, Actor B is in a

Figure 3. Decision stairway depicting Actor B’s possible responses to Actor A’s decisions.

33

strong defensive position when Actor A attacks. Surprise, noted by the dashed line that

extends horizontally then turns completely vertical, is a situation in which Actor B is not

tracking any of Actor A’s decisions, and is therefore completely surprised by Actor A’s

actions. (Belden, 1977). This analytic methodology is used primarily in the national

security and military intelligence fields, but in order to utilize I&W as a competitive

intelligence technique, some modifications must be made.

Redefining Indicators and Warning Analysis

In order for Indicators and Warning analysis to be used as a competitive

intelligence methodology, its definition must be translated to one that incorporates the

terms and targets used by competitive intelligence professionals. According to the US

Department of Defense (2010/2015), warning intelligence is “an activity intended to

detect and report time-sensitive intelligence information on foreign developments that

forewarn of hostile actions or intentions against US entities, partners, or interests” (p.

259). This definition will serve as a base for I&W analysis as used in this study, however,

the definition needs to be refined and translated to be used in a competitive environment.

For the purposes of this study, Competitive Indicators and Warning analysis will be

defined as: activities intended to prevent surprises through the detection and reporting of

time-sensitive intelligence information on competitor or market developments that

forewarn of potential threats or opportunities that will likely affect an organization's

strategy, competitive advantage, or revenue. The process resulting in this translated

definition follows (definitional changes are noted in italics; a table of the modified

aspects, Table 1, can be found at the end of this section).

34

The first area that needs to be refined is the intention of the activities. One of

Herring’s (1996) five basic types of intelligence, preventing surprise by providing early

warning, should be stated at the beginning of the definition. This changes the definition

to: activities intended to prevent surprises through the detection and reporting of time-

sensitive intelligence information on foreign developments that forewarn of hostile

actions or intentions against US entities, partners, or interests.

Next, the focus of the activities must be changed because this methodology, as a

competitive analysis, is not designed to examine foreign activities that may lead to hostile

actions (these developments, if they are of interest to the company, would be reflected in

a STEEP analysis); therefore, “foreign” developments can be translated to “competitor or

market” developments. Porter (2008) defined competitors as established industry rivals

competing for profits. He also summarized markets as industries bounded by the

similarities between products and services and the geographic scope of the competitors.

This translation changes the definition to: activities intended to prevent surprises through

the detection and reporting of time-sensitive intelligence information on competitor or

market developments that forewarn of hostile actions or intentions against US entities,

partners, or interests.

The third part of this definition that needs to be translated is the “hostile actions or

intentions.” While I&W is traditionally concerned with military hostilities, companies

utilize early warnings to prevent surprises and detect threats and opportunities. Therefore,

“hostile actions or intentions” will be replaced with “potential threats or opportunities.”

Jackson and Dutton (1988) surveyed managers to determine how threats and

opportunities are identified. Their findings indicated that threats and opportunities are not

35

necessarily opposites; the two concepts are similar in terms of urgency, difficulty, and the

stakes associated with acting. However, threats and opportunities have characteristics that

clearly distinguish the two. Threats are clearly negative and cause feelings of under-

qualification and lack of control in decision makers. Threats also usually involve the

likelihood of loss with minimal possibility of gain. Opportunities, on the other hand, are

clearly positive, resulting in confidence in individual or organizational qualifications, the

autonomy and freedom to act, and the likely successful resolution of the issue.

Opportunities usually have a high likelihood of gain with minimal possibility of loss.

After this change, the competitive I&W definition is: activities intended to prevent

surprises through the detection and reporting of time-sensitive intelligence information

on competitor or market developments that forewarn of potential threats or opportunities

that could affect US entities, partners, or interests.

Finally, the object of the definition, “US entities, partners, or interests” must be

changed from a military focus, defending the United States, to a competitive focus,

preventing surprises to the company. Here, we can substitute “an organization’s strategy,

competitive advantage, or revenues” as the potential target of the indicated developments.

Porter (1996) discussed strategy as the core duty of an organization's leadership,

consisting of "defining and communicating the company's unique position, making

tradeoffs, and forging fit among activities" (p. 77). Leaders must make difficult strategic

decisions to develop and maintain competitive advantage despite pressures to

compromise vision or emulate rivals. An organization’s competitive advantage is

developed and maintained through what Barney (1991) termed a “value creating

strategy,” one which is not being utilized by any current or potential competitors (p. 102).

36

Table 1. Terms modified in translation of DOD definition of I&W to Competitive I&W

Therefore, the final definition of Competitive I&W is: activities intended to prevent

surprises through the detection and reporting of time-sensitive intelligence information

on competitor or market developments that forewarn of potential threats or opportunities

that will likely affect an organization's strategy, competitive advantage, or revenue.

Chapter 2 Summary

This review highlighted three key gaps in the entrepreneurial and intelligence

literature. The first gap identified is the lack of a definition of success, particularly in

terms of entrepreneurial activity. Despite the previously mentioned difficulties in coming

to an agreement on the success of startups, a definition of success should be present in

order to evaluate these new businesses. This thesis will use an objective statistical

definition, derived from CB Insights (2014a): a successful startup is one that survives for

more than five years after its last round of funding.

DOD Terms Competitive Terms

- Prevent surprises

Foreign developments Competitive and market developments

Hostile actions or intentions Potential threats or opportunities

Against Will likely affect

United States An organization’s

Entities Strategy

Partners Competitive advantage

Interests Revenue

37

Second, there have been very few attempts to convert military and national

security intelligence, a field that has historically been the focus of intelligence

professionals, to techniques that are usable in the competitive intelligence sphere. In

abstaining from taking advantage of these historical intelligence methodologies,

competitive intelligence practitioners are ignoring centuries of experience. Finally,

although there are many analytic tools and techniques for evaluating competitors,

industries, and general environments, there is an opportunity to combine tools to create a

synergistic effect and minimize some the individual methodological weaknesses.

This study seeks to fill the final two gaps with the conversion and development of

Indicators and Warnings Analysis (a traditionally national security and military

intelligence methodology) to a competitive intelligence methodology – Competitive

Indicators and Warning Analysis – that can be used by competitive intelligence

professionals, in conjunction with traditional CI tools, to estimate the likelihood of

success of a new cybersecurity startup. The next chapter will discuss the cases that were

selected and how the data was collected and analyzed, which will lead to the

development of the Competitive I&W model.

38

METHODOLOGY

Introduction

This study sought to develop an analytic model that can be used to aid in

estimating the likelihood of success of new startups; this thesis will test the model on

cybersecurity startups. This chapter will discuss this model which incorporates several

success factors as indicators that increase a startup’s likelihood of success. These success

factors, as identified in the literature review, are funding attributes (consisting of the

startup’s seed capital, the founders’ equity share, and the presence of investor financing),

firm attributes (including the startup’s business plan, the innovativeness of the product,

and whether the startup was founded by a team), and founder attributes (which assesses

the founder’s personal human capital, including previous entrepreneurial, industrial, and

management experience, educational background, and the relevancy of their social

network). This chapter will identify which cases will be examined and how each case was

selected, how the data was collected and analyzed, and the limitations, credibility, and

transferability of the study.

Using a qualitative case study, this study seeks to identify the specific success

factors that contributed to Palo Alto Networks’ success and, alternatively, contributed to

ISC8’s eventual bankruptcy and Cryptine Networks’ failure. Determination of these

success factors will signify greater importance of several success factors over the rest of

the factors, which, when applied to the model, will increase the model’s robustness.

Research Design

To determine which factors are indicative of success, this chapter assesses three

cybersecurity companies, Palo Alto Networks, ISC8, Inc., and Cryptine Networks. Palo

39

Alto Networks was well-funded from its inception, was founded by a team that developed

an innovative product, and was established by experienced and educated founders –

attributes that resulted in the startup’s success. ISC8, despite being well-funded, was

unable to develop the innovative product that they had promised, leading to a dissolution

of the founding team and, ultimately, bankruptcy. Cryptine Networks was founded by

individuals with no previous entrepreneurial experience, leading to several complications

which fractured the founding team and drove away potential investors. The results of

these three cases will be presented in Chapter Four. Following the case study, the

developed Competitive Indicators and Warning model will be applied to a nascent

startup, Area 1 Security, to demonstrate its use as an estimative and predictive tool.

This study utilizes a qualitative comparative case study to analyze cybersecurity

startups. Many studies (Stuart & Abetti, 1987; Watson, Hogarth-Scott, & Wilson, 1998;

Walker & Brown, 2004; Unger, Rauch, Frese, & Rosenbusch, 2011; Groenewegen & de

Langen, 2012; Miettinen & Littunen, 2013) have utilized quantitative methodologies to

determine entrepreneurial success factors (or indicators of success), but a quantitative

methodology would not be appropriate in using these factors to assess current businesses.

According to King, Keohane, and Verba (1994), qualitative studies can approach a small

amount of cases with intensive and in-depth analysis and, therefore, tend to unearth a

large amount of information. Using this theory, a qualitative methodology can be used

effectively to conduct deeper analyses and derive a large amount of information on

individual firms and processes. Because of the qualitative design, this study can also

discuss attributes that may not be easily expressed quantitatively.

40

The key focus of this study is examining the effect that entrepreneurial success

factors have on startups; specifically, the success of cybersecurity startups. Through a

review of the literature, several factors were identified that increase the likelihood of

success in a startup. This thesis will compare three cases to determine if any of the

identified factors are more indicative of success and then develop a model (based on

Indicators and Warning analysis) to estimate the likelihood of startup success. The model

will be tested against the three cases to determine the validity of the model (whether or

not the identified success factors hold true) and will be used to analyze a nascent

cybersecurity startup to demonstrate its estimative capabilities.

Selection of Cases

In order to objectively analyze the entrepreneurial success factors and develop a

valid model, this study sought three startup cybersecurity companies, one successful

startup and two unsuccessful startups. As defined, a successful startup is one that survives

for more than five years after its last round of funding (CB Insights, 2014); therefore, the

unsuccessful startups are those which did not survive five years past their last round of

investor funding. Two unsuccessful cases were necessary due to the lack of information

on individual failed startups. While ISC8 was founded within a larger organization, it

began to operate as a startup and was divested. Cryptine Networks was founded and

operated as a startup, but there is a lack of information regarding the company’s finances.

The two unsuccessful cases are both necessary and will complement each other to form a

complete picture of an unsuccessful cybersecurity startup. The cases were identified

through internet searches related to lists of successful and unsuccessful startups (such as

CB Insights’ Startup Failure Post-Mortems and lists from Inc. and Business Insider),

41

databases such as CrunchBase (a database of startups, investors, timelines, and startup

news), articles on cybersecurity (from sources such as Information Week’s Dark Reading

and Fortune Magazine), and articles and blogs on startups and venture capitalists (from

sources such as VentureBeat and Brad Feld’s FeldThoughts blog).

Based on the criteria for success, Palo Alto Networks was chosen as the

successful case and ISC8 and Cryptine Networks were chosen as the unsuccessful cases,

as found in table 2. Palo Alto Networks fits this study’s definition of a successful startup;

their last funding round took place in November, 2008, and the company has thrived

since then – the company’s revenue has increased since 2011 by an average annual

growth rate of 69% ($928 million recorded revenue for the year ending July 31, 2015)

(Palo Alto Networks, 2015) and the stock price (NYSE: PANW) has nearly quadrupled

since their initial public offering (IPO) on July, 20, 2012 (trading at $190.08 as of

December 9, 2015) (Google Finance, 2015).

ISC8, founded in November 2011, was chosen as an unsuccessful case because it

did not survive for five years following its last funding round in November, 2013. In

September, 2014, less than a year after their final round of funding, ISC8 filed for

Chapter 11 bankruptcy protection (Turnaround Letter, 2014). Despite receiving more

than $70 million of invested funds, ISC8 was never able to deliver on their product and

sold all of their assets for approximately $8 million in January, 2015 (PR Newswire,

2015).

Cryptine Networks was selected because the startup failed before ever holding a

funding round (Fife, 2006). Cryptine was founded in 2001 as a cybersecurity consulting

firm, but began developing cybersecurity software in late 2004. Cryptine sold their

42

consulting assets in 2005, which provided an undisclosed amount of seed capital, but

splintered the team of founders (PR Newswire, 2005). The split resulted in complications

redistributing equity which stalled the promising software production and drove away

potential investors.

Table 2. The startups to be analyzed through a comparative case study.

Startup Firm Palo Alto Networks ISC8 Cryptine Networks

Last Funding Round

November, 2008 ($10 million, total funding: $65 million)

November, 2013 ($5.14 million, total funding: $70 million)

November, 2005. (Sale of Consulting Services for undisclosed amount)

Status Public Company (IPO July, 2012)

Bankrupt (Filed September, 2014)

Closed (June, 2006)

Data Collection

Data collection focused on three main attribute families: the funding that the

startup received (not including funds raised from an initial public offering), the startup as

an organization, and the entrepreneur(s) who founded the startup. The data collection

time periods vary based on the cases and individuals involved. A majority of the data

collection focuses on early funding and the founders before they founded the startup. The

collection period ends in 2013 for Palo Alto Networks (five years after their last round of

funding), in early 2015 for ISC8 (at which time the company sold their assets), and in

mid-2006 for Cryptine Networks (when the startup closed).

Information collection on funding occurred through open sources including:

databases on startups (such as CrunchBase);

industry sources (such as VentureBeat and Fortune Magazine);

news articles (from sites including PR Newswire and MarketWired)

state bankruptcy court proceedings;

43

Securities and Exchange Commission (SEC) financial filings; and

Google services (such as Scholar and Finance).

Information on the startup as a firm came from the following open sources:

databases on startups (such as CrunchBase and PrivCo);

industry and news articles (from sources such as Business Insider, PR Newswire, VentureBeat, and Fortune Magazine); and

state bankruptcy court proceedings.

Information on the founders came from the following open sources:

databases on startups (such as CrunchBase and PrivCo);

the professional social media site LinkedIn; and

industry articles and interviews (such as VentureBeat, Andrew Fife’s Entrepreneurship Blog, and local news interviews with founders).

In order to increase validity and reliability of the data, sources with high

reliability were preferred and corroborating sources were used when possible. Norman’s

(2001) credibility criteria was used to determine the reliability of sources. Of the 15

criteria that signify credibility, the strongest criteria include whether the content can be

corroborated with other sources, the source was recommended by a subject-matter expert,

the author is reputable and is associated with a reputable organization, the content is

perceived as being accurate, a peer or editor reviewed the content, and the publisher or

web host is reputable. Norman’s full list of credibility criteria can be found in Appendix

A.

Data Analysis Procedures

The data was collected and analyzed according to the Success Factors on

Funding, Firm, and Founder attributes, as presented in the tables below. In order to be

indicative of success, evidence of the success factor (as listed in the ‘Indicators of

Success’ column in the tables below) must be present through the open sources as listed

44

in the previous section. In the ‘Indicators of Success’ column in the tables below, the

final bullet point of a row is the evidence that the researcher sought in order to affirm or

deny the presence of that success factor; earlier bullet points in the same row briefly

describe why the given success factor is an indicator of success. Several of the indicators

are subjective or difficult to collect information on, therefore, the methods used to

measure or evaluate the more complex indicators will be explained prior to the

corresponding table.

Funding Attributes

Both Seed Capital and Investor Financing were identified simply and objectively.

Financing for startups is well-documented in databases such as CrunchBase and PrivCo,

and it also frequently published in news articles from sources such as Fortune Magazine,

Business Insider, and Venture Beat. Seed Capital, provided by the founder(s) or

individual financiers, is typically reported separately from an official funding round in

which venture capitalists invest in the startup. Equity Share, or the amount of capital

provided by a founder related to the startup’s total assets prior to investor financing, was

a much more difficult indicator to identify. This may be due to the founder not wanting to

disclose their contributions to the startup’s capital, privacy regarding the startup’s total

assets (and therefore, potentially, the startup’s worth), or simply a lack of reporting on the

factor. These factors, and a brief description can be found in Table 3. Evidence of this

indicator may be identified through databases reporting on startups, news outlets, or

interviews with the startup’s founder(s).

45

Table 3. Success Factors regarding Funding attributes and the reasons and evidence required to indicate success.

Success Factors Indicators of Success

Fu

nd

ing

Seed capital

Seed capital greater than $1 million to start the business increases the likelihood of success

Evidence of seed capital either up to or greater than $1 million

Equity share

The amount of capital provided by the entrepreneur(s) related to the total assets

Equity share serves as a proxy; greater equity share means greater founder commitment

Evidence of equity share greater than 50 percent

Investor financing

Funding from venture capitalists (VC) or business angels (BA) in designated rounds

Startups financed by larger investors are likely to dominate their competitors

Evidence of VC or BA financing

Firm Attributes

Evidence of a team of founders and, if present, the fracture of the team, is simple

to objectively identify through news reports, social media sites such as LinkedIn, and

databases on startups and their founders such as CrunchBase. While a hostile break-up

may be more difficult to identify, there are likely interviews or news releases describing

tensions or relationships that were less than amicable. Additionally, a startup’s product

can be measured as innovative or not based on third-party evaluations from the same

industry or organizations that recognize and award innovation, such as the International

Consumer Electronics Show (CES), the Economist, or Pipeline Magazine.

The organization of a startup’s business plan can be more difficult to identify or

subjectively measure. In some instances, there is no information regarding the startup’s

strategic plans due to privacy concerns or simply a lack of reporting on the plan.

According to Gil (2011), one of the main uses for funds from the first round of investor

financing (Series A) is determining a business plan. Therefore, this study used the

46

presence of a second funding round (Series B) to represent increased investor confidence

in the startup and the business plan. These factors, and a brief description, can be found

in Table 4.

Table 4. Success Factors regarding the Firm attributes and the reasons and evidence required to indicate success.

Founder Attributes

Previous entrepreneurial experience, industrial work experience, and management

experience can all be objectively identified from sources such as LinkedIn’s

“Experience” section, news articles about the startup and founder(s), or interviews with

the founder(s). These attributes, which are summarized in Table 5, reflect the founder’s

ability to operate a firm in its infancy, knowledge of the industry actors and products, and

ability to effectively use employees. The founder’s highest level of education attained is

also usually represented on social media sites such as LinkedIn or Facebook, or published

as background or biographical information in a news article or interview. The relevancy

of a founder’s social network can be difficult to identify and subjective to measure, but

Success Factors Indicators of Success

Fir

m

Organized business plan Aggressive, robust, and proactive strategies

increase the likelihood of success Evidence of an organized business plan

Innovative product

Unique products, processes, systems, or services increase probability of success

Innovations must be of value to the customer Evidence of third-party evaluation of product

Team founding

Access to wide array of skills and resources Increases likelihood of success as long as the

entrepreneurial team remains intact Evidence of several founders influencing the

startup

Fracture of the founding team

While a team founding increases the likelihood of success, a team that fractures threatens the survival of the startup

Evidence that the broke apart under unfavorable circumstances

47

can be determined based on the ways in which a founder can leverage their social

network. This study identified connections between founders and key individuals (outside

the organization) who helped the startup in any of the other indicators, such as investor

financing or industrial work experience. If such a connection was present, such as

previous employment with the same employer or a degree from the same university, and

the connection was used to improve the standing of the startup, then the social network

was deemed to be relevant.

Table 5. Success Factors regarding the Founder’s attributes and the reasons and evidence required to indicate success.

Pilot Study

After conducting a preliminary examination of the success factors, previous

entrepreneurial experience and the fracture of the founding team (and therefore the team

founding) were identified as having a greater impact on success than the other indicators

and are, therefore, worth two points in the Competitive I&W model. These results will be

Success Factors Indicators of Success

Fou

nd

er

Previous entrepreneurial experience

Investors traditionally assign high importance to individuals who have previous entrepreneurial or business ownership experiences

Evidence of a founder’s previous entrepreneurial ventures

Previous industrial work experience

Associated with applicable skillsets and knowledge of the markets, customers, and technologies

Evidence of previous jobs held by a founder in the same industry

Previous management experience

Increases an entrepreneur’s ability to identify and take advantage of market opportunities

Evidence of previously held managerial positions

Education Increases adaptability, is a proxy for energy,

motivation, and dedication to the business Evidence of a Bachelor’s degree or higher

Relevant social network Increases access to relevant skills and resources Evidence of founders using their social network to

increase likelihood of success

48

discussed in more detail in the next chapter. Additionally, due to the emphasis in the

reviewed literature on investor financing, it was weighted double as well. As can be seen

in figure 4 (and Appendix B), three indicators (investor financing, team founding, and

previous entrepreneurial experience) are worth two points, and one indicator (founding

team fracture) reduces the score by two points.

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) 0$1 million or greater (1) 0

Equity Share50% or more (1) 0

Investor Financing (2) 0Firm Attributes (4 possible points )

Organized business plan (1) 0Innovative product (1) 0Team founding (2) 0

If team fractures (-2) 0Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) 0Previous industrial work experience (1) 0Previous management experience (1) 0Education

Bachelor's degree or above (1) 0Relevent social network (1) 0

Funding 0Firm 0Founder 0

Total Score 0 /15

Indications & Warning Analysis - Startups

Figure 4. Competitive Indicators and Warning template used to examine startup firms

49

Data Analysis

The first variables analyzed in each case study were those related to the

company’s funding attributes. When evidence was found of one of the indicators of

success, it was recorded along with the month and year that the indicator occurred (not

necessarily the date that evidence of the indicator is found). The variables for firm

attributes and founder attributes were analyzed using the same process. Once evidence of

an indicator of success was collected, its presence and the date were recorded. If no

evidence was collected, the indicator was recorded as negative. Alternatively, if evidence

that is contrary to an indicator of success is collected, then it was also be recorded as a

negative. After determining whether each indicator existed or not for each case, a table

was compiled to compare all cases and determine which success factors were of greater

importance to the startup’s success or failure. The complete table can be found in

Appendix C and will be discussed in greater detail in the Findings chapter.

The developed model was completed in the same manner as the case studies, but

is accompanied by a scoring system. The Competitive Indicators and Warning analysis

has a scoring system that is based out of a total of 15 possible points, where most

indicators are worth a single point; however, due to the emphasis on investor financing in

the reviewed literature, its presence is worth two points. After conducting the

Competitive I&W analysis, a decision stairway was built to visualize the likelihood of

success of the analyzed startup, an example of which can be seen in figure 5.

In this model, the more points a startup scores, the more likely it is that the startup

will be successful. However, scoring a perfect 15 out of 15 is not a guarantee of success;

a perfect score only indicates that the startup has achieved all of the factors that increase

50

the probability of success. Additionally, a low-scoring startup will not necessarily be a

failure; the low-scoring startup could increase their score over time and potentially

survive for the five years post-funding required to be successful.

Figure 5. Example of a decision stairway representing the amount of points over a period of time.

Limitations of the Research Design

The research design is limited in several ways. First, only public cybersecurity

companies were considered in the selection of the successful case. Not all successful

companies are public, and not all public companies are successful; however, the

prevalence of information available on public companies is beneficial in this type of

exploratory research. This methodology can become complex when analyzing some

organizations due to the lack of transparency and information available on various

success factors, particularly the founder’s equity shares and the startup’s business plan –

51

thus the need for two unsuccessful cases. Additionally, because data was collected from

different time periods, the startups could have been impacted by different market

conditions.

This research design does not cover all the factors that may influence a startup’s

success. As mentioned in the previous chapter, the inclusion of market attributes would

be too great of an undertaking for this study, but is an area that is worthy of future

research. Additionally, this study is limited because only three cases are analyzed. The

findings, while deep and thorough, are not as broad or generalizable without an

assessment of the model using several case studies or examining startups across a number

of different industries. Finally, there is a degree of subjectivity (and therefore bias) in the

determination of several of the indicators and the measurements of these indicators.

Credibility

The findings of this study are credible due to the sources used. Scholarly journals

and peer-reviewed literature were used to identify the success factors and develop a

model of Indicators and Warning analysis appropriate for competitive intelligence.

Reliable and corroborating sources were used in the collection of information and

evidence of indicators of success for the studied cases. Credibility is somewhat weakened

because, as mentioned in the previous section, there is a degree of subjectivity in this

study. Individual researchers may interpret or analyze the information differently than in

this study; however, this slight decrease in credibility is not significant enough to degrade

the credibility of the findings as a whole. This study has not only begun the process of

developing indicators of success, but also the methods of evaluating these criteria. As this

52

development is in its exploratory stage, this is an area that would benefit greatly from

additional application of case studies and future research.

Transferability

Despite focusing only on the cybersecurity industry, the concepts behind the

framework of this model are broad enough that they are applicable to startups in

industries other than cybersecurity. The model may need to be slightly altered or added to

in order to be used successfully, but it is designed to be transferable to startups in other

industries. If the model is used to compare startups across different industries, market and

industrial attributes should be incorporated to increase the robustness and validity of the

model for these purposes – a subject that would benefit from future research.

Ethical Issues

There are no ethical concerns throughout this study. The author worked alone and

did not use any participants to collect data or conduct research. The author does not have

any conflicts of interest or relationships, whether professional, commercial, or financial,

with any of the companies analyzed in this study.

Chapter 3 Summary

This study will analyze Palo Alto Networks, ISC8, Inc., and Cryptine Networks’

success factors as identified in the previous chapter and developed in this chapter. Data

will be collected and analyzed, as discussed in the previous sections of this chapter, to

determine which success factors are more indicative of success and assess each

company’s score in order to demonstrate the validity of the developed model.

While the study is limited in several ways, the findings are credible and

transferable to entrepreneurial activity in other industries. There were no ethical concerns

53

throughout this study. The results of these three cases will be presented in the next

chapter, followed by a test of the developed model on the same three cases, and the

application of the Competitive Indicators and Warning model to a nascent startup, Area 1

Security, so as to demonstrate its validity use as an estimative and predictive tool.

54

FINDINGS

Introduction

As stated in the first chapter, this study seeks to identify factors that increase the

likelihood of startup success, then test these factors with the proposed Competitive

Indicators and Warning analytic model. This chapter presents and compares the findings

for the successful case (Palo Alto Networks) and the two unsuccessful cases (ISC8, Inc.,

and Cryptine Networks), in order to determine which factors are more indicative of

success. As laid out in the methodology chapter, the funding, firm, and founder attributes

of each case were examined to determine which indicators of success were present and

which were lacking. The results are compiled in a table at the end of each section, as well

as a column regarding the complexity of the factor (based on the subjectivity of

measurement or difficulty finding open source information).

The findings of the case studies are followed by a test of the developed

Competitive Indicators and Warning (I&W) model on Palo Alto Networks, ISC8, and

Cryptine Networks (in order to validate the model), and finally the analysis of Area 1

Security. Area 1 Security is a nascent cybersecurity startup that has recently held its

second round of investor financing. The funding, firm, and founder attributes were

collected and presented in the same manner as the case studies. Area 1 Security’s

indicators were then assessed through the Competitive I&W model and visualized

through a decision stairway to demonstrate the model’s estimative capabilities.

Palo Alto Networks, Inc.

Palo Alto Networks was selected as the successful case for this study because it

not only survived, but thrived for at least five years after its final round of funding. The

55

startup was founded in January 2005 by Nir Zuk, Dave Stevens, Yuming Mao, and Rajiv

Batra, and held their first round of investor financing a year later. In November 2008,

Palo Alto Networks held their final round of investor financing (Series C) and has

survived for more than seven years since that round (CrunchBase, 2016a). On July 9,

2012, Palo Alto Networks held its initial public offering (IPO) of 6.2 million shares

(NYSE: PANW) (PANW, 2012). As of January 2016, PANW stock was being traded at

$146.56 per share, a nearly 180% increase from its post-IPO price of $53.13 per share

(Google Finance, 2016). Evidence and dates regarding Palo Alto Networks’ indicators of

success across funding attributes, firm attributes, and founder attributes can be found in

table 6, table 7, and table 8, respectively.

Funding Attributes

Nir Zuk first developed his idea for an advanced, traffic-focused firewall after

noticing deficiencies in the firewall sold by Juniper Technologies (which had acquired

NetScreen Technologies, which had acquired Zuk’s first startup, OneSecure). Juniper

Networks ignored his funding request to improve the firewall, so Zuk left the company

and approached contacts of his at Greylock Partners and Sequoia Capital to request

funding for his concept. In May 2005, both Greylock and Sequoia added funds to Zuk’s

own capital, totaling $250,000 of seed capital (PrivCo, 2014). Zuk has stated in an

interview that he only owns about 5-10% of the company because he preferred to highly

compensate his employees and engineers early in the company’s existence, for which he

sacrificed his equity (Mitra, 2010). While equity share was determined to be a complex

indicator in the last chapter, Zuk’s statement regarding his equity in the company made

the indicator easily identifiable.

56

Shortly after the acquisition of seed capital, Palo Alto Networks held a Series A

funding round, during which Greylock Partners and Sequoia Capital invested a combined

$10 million. Investors (including Lehman Brothers, Icon Ventures, and Northgate Capital

in addition to Greylock and Sequoia) financed Palo Alto Networks to the tune of

approximately $65 million over the course of four funding rounds, ending in November

2008 (CrunchBase, 2016a).

Table 6. Evidence and Date of Palo Alto Networks’ Indicators of Success – Funding Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Seed Capital up to $1M No Yes – May 2005 Seed Capital Greater than $1M No No Equity Share Greater than 50% Yes No Investor Financing No Yes – January 2006

Firm Attributes

As stated in the previous chapter, the presence of a second funding round (Series

B) served as a proxy measurement for an organized business plan for this study. Palo

Alto Networks held their Series B funding in June 2007 (PrivCo, 2014). Additionally,

Zuk has also stated that they did not devise a go-to-market strategy until April 2007,

shortly after they completed a beta version of their product (Mitra, 2010). Palo Alto

Networks’ advanced next-generation firewall technology has been certified by the

International Computer Security Association (ICSA, an independent testing division of

Verizon), which stated that the product utilized several innovative technologies in

providing a better firewall (ICSA Labs, 2014). Palo Alto Networks was founded by a

team consisting of Nir Zuk, Dave Stevens, Yuming Mao, and Rajiv Batra (PrivCo, 2014).

57

Dave Stevens left the company after three years in order to pursue another opportunity,

but there was no evidence that the split was anything less than amicable (Stevens, n.d.).

Table 7. Evidence and Date of Palo Alto Networks’ Indicators of Success – Firm Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Organized Business Plan Yes Yes – August 2007 Innovative Product No Yes – August 2007 Team Founding No Yes – February 2005 Founding Team Fracture No No

Founder Attributes

Nir Zuk founded OneSecure, a network security company that developed an

intrusion prevention system, in early 2000. OneSecure was acquired by Netscreen

Technologies in 2002, where Zuk was retained and held the managerial position of Chief

Technical Officer (CTO). Juniper Networks acquired NetScreen Technologies in April

2004 where Zuk was again retained, albeit only for 11 months, as the Chief Security

Technologist. Noting deficiencies in Juniper Networks’ product, Zuk began formulating

the product that would eventually be sold by Palo Alto Networks. Industry-wise, Zuk

held computer security jobs while completing his mandatory service in the Israeli military

from 1990 to 1994 (Mitra, 2010; CrunchBase, n.d.).

Of the other founders, Dave Stevens had significant previous management

experience, holding several Vice President (VP) and executive-level positions primarily

in the telecommunications industry (Stevens, n.d.). Yuming Mao had both previous

industrial work experience and management experience as the Chief Architect of

NetScreen Technologies (Mao, n.d.). Rajiv Batra held a managerial position and two

58

Vice President positions in the telecommunications and software industries prior to

founding Palo Alto Networks (Batra, n.d.).

Zuk graduated from Tel Aviv University in 1995 with a Bachelor of Science (BS)

in Mathematics (CrunchBase, n.d.). Stevens earned both a BS and Master of Science

(MS) in Electrical Engineering from the University of Virginia and received an education

in public board governance from Stanford University’s law school (Stevens, n.d.). Mao

earned an MS in Computer Science from Stanford University in 1995, and Batra received

a Bachelor of Technology in Electrical Engineering and Computer Science from the

Indian Institute of Technology, as well as an unnamed later degree from University of

Wisconsin (Mao, n.d.; Batra, n.d.).

While the relevancy of a founder’s social network can be difficult to determine, it

was made slightly easier in this case study thanks to a statement Zuk made in an

interview. Zuk responded to a question regarding raising money to start Palo Alto

Networks with: “Of course I had connections and background, and I was dealing with

top-tier VCs [Venture Capitalists]. When I look at VCs, I prefer to work with ones who

have been entrepreneurs” (Mitra, 2010, p. 4). Not only was Zuk able to leverage these

connections to raise capital for his new startup, but he was also astute enough to connect

with the VCs who had previous entrepreneurial experience – which Zuk could tap into

and increase his own likelihood of success. Additionally, connecting with Yuming Mao

at NetScreen Technologies, where their employment dates overlapped, could be

considered an indication of a relevant social network but it is fairly inferential, whereas

Zuk has outright stated that his connections with VCs helped fund Palo Alto Networks.

59

Table 8. Evidence and Date of Palo Alto Networks’ Indicators of Success – Founder Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Previous Entrepreneurial Experience

No Yes – January 2000

Previous Industrial Work Experience

No Yes – January 1990

Previous Management Experience

No Yes – February 2002

Bachelor’s Degree or Above No Yes – May 1995

Relevant Social Network Yes Yes – March 2005

Conclusion

The only indicators of success that Palo Alto Networks lacked were the startup

capital greater than $1 million and an equity share of at least 50%. However, neither of

these deficiencies seemed to interfere with Palo Alto Networks’ growth and success.

Despite raising less than $1 million in seed capital, the startup received nearly $10

million in investor financing eight months later. Zuk stated that he did not own much of

the company because he preferred to reinvest that money in his employees and engineers

early on.

ISC8, Inc.

Irvine Sensors Corporation was founded in 1974 by John C. Carson. Initially,

Irvine Sensors developed optical technologies used in space surveillance, a development

from Carson’s time working with missile detection systems. The company conducted

research and development into high-density electronics and began producing similar

products for use in space and military applications, such as miniature sensors and

cameras, space-based navigational equipment, miniature gyroscopes and accelerometers.

In the mid-2000s, Irvine Sensors also became involved with internet security. In 2010,

60

Irvine Sensors was rebranded ISC8, Inc., with a renewed focus on anti-malware and

cybersecurity products (Werner, 2013).

In 2013, ISC8 divested their space and military ventures to the newly-reformed

Irvine Sensors Corporation, reestablished by Carson so he could continue his work. ISC8,

Inc. became a pure cybersecurity company and began operating as a startup (4-Traders,

2013). While it did not begin as a pure startup, once ISC8 began separating from Irvine

Sensors, ISC8 took on the qualities and requirements of a startup, including the necessary

factors to increase their likelihood of success. In September 2014, ISC8, Inc. filed for

Chapter 11 protection with the US Bankruptcy Court in California, and sold all of its

assets four months later for less than $8 million. Evidence and dates regarding ISC8’s

indicators of success across funding attributes, firm attributes, and founder attributes can

be found in table 9, table 10, and table 11, respectively.

Funding Attributes

In December 2010, Costa Brava Partnership III LP and The Griffin Fund invested

a combined $11.4 million dedicated to developing Irvine Sensors’ cybersecurity products

(PE Hub Network, 2010). This investment served as seed capital (greater than $1 million)

when ISC8 became a cybersecurity-focused startup. Three years later, ISC8, Inc. raised

an addition $5.14 million from investors in their first and only funding round

(CrunchBase, 2016b).

While John Carson founded Irvine Sensors Corporation in 1974, there was no

information regarding the equity percentage he controlled in 2010 (when Irvine Sensors

rebranded and began producing cybersecurity products). Additionally, once ISC8 spun

off its space and military ventures, Carson resigned from all positions and relinquished all

61

control in order to reform Irvine Sensors and continue his space and military applications,

thus leaving him with no equity share of ISC8 (4-Traders, 2013). There is also no

evidence that the two other individuals integral in the development of cybersecurity

products and “founding” of ISC8, Bill Joll and Joy Randels, had any percentage of equity

share in the company (PR Newswire, 2011).

Table 9. Evidence and Date of ISC8’s Indicators of Success – Funding Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Seed Capital up to $1M No No, seed capital greater than $1M Seed Capital Greater than $1M No Yes – December 2010 Equity Share Greater than 50% Yes No Investor Financing No Yes – November 2013

Firm Attributes

As mentioned previously, John Carson founded Irvine Sensors Corporation in

1974. This, however, cannot be considered the same foundation as ISC8, Inc. because

they are two completely different companies with very different personnel. The founding

date for ISC8 is November 2011, when Irvine Sensors was rebranded as ISC8 and began

to shift their focus to cybersecurity. The rebranding, and, therefore, founding of ISC8 was

led by Carson, Bill Joll, and Joy Randels (PR Newswire, 2011). This founding team

fractured in March 2013 when Carson left ISC8 to resume his work on space and military

applications with the divested and reformed Irvine Sensors Corp (4-Traders, 2013). This

split makes it clear that Carson was not interested in ISC8’s direction and wanted to

revert back to his initial research and development. Additionally, Bill Joll resigned from

his positions in 2013 as ISC8 brought in a new President and CEO (Marketwired, 2014).

62

In 2013, ISC8 won the Pipeline Magazine Innovation Award in the Innovation in

Security and Assurance category. ISC8’s products included a detection system to identify

advanced persistent threats (APTs), big data security analytics, and increased user control

systems (Marketwired, 2013). However, ISC8 was unable to get their game-changing

product to markets, indicating a poorly organized business plan (Wilson, 2015).

Additionally, ISC8 did not receive investor financing beyond their Series A funding

round, which, as mentioned in the methodology chapter, shows that the startup was

unable to develop a sound go-to-market strategy.

Table 10. Evidence and Date of ISC8’s Indicators of Success – Firm Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Organized Business Plan Yes No Innovative Product No Yes – May 2013 Team Founding No Yes – November 2011 Founding Team Fracture No Yes – March 2013

Founder Attributes

John Carson was the only ISC8 founder with any previous entrepreneurial

experience, but that was through his founding of Irvine Sensors Corporation, which was

essentially the same company and spun off ISC8 in 2013 (Werner, 2013). However, when

Carson resigned from all positions with ISC8 after it was officially separated from Irvine

Sensors, the startup team lost the entrepreneurial experience that could have guided the

startup towards success. Joy Randels had studies entrepreneurship at both Harvard

Business School and Massachusetts Institute of Technology’s (MIT) Sloan School of

Management, but evidence of her studies are undated and there is no evidence that she

used these studies to found any companies before ISC8 (Randels, n.d.).

63

Both Randels and ISC8’s other key founder, Bill Joll, had previous management

experience before starting on ISC8. Joll was the Vice President (VP), General Manager,

and eventually President of telecommunications company Nortel Networks from 1982-

2000 and held several other VP, President, and Chief Executive positions in technology

industries (Joll, n.d.). Randels has held several VP positions and Board memberships with

technology companies before moving on to ISC8 (Randels, n.d.). While both Joll and

Randels worked primarily in high-tech fields including telecommunications, software,

and cloud computing, Randel’s experience at WiMetrics from 2004-2009 was the only

position between the two founders in the cybersecurity industry.

Both Joll and Randels had earned at least a bachelor’s degree. Joll earned both his

bachelor’s degree and master’s degree in electrical engineering in 1979 and 1981,

respectively, from the University of Manitoba (Bloomberg, 2016a). Randels, as

mentioned earlier, studied entrepreneurship at both Harvard Business School and MIT’s

Sloan School of Management, but she also studied information technology at Emory

University’s Goizueta Business School (Randels, n.d.). As noted in the previous chapter,

evaluating the relevancy of one’s social network can be a complicated task, however,

evidence of this particular factor was found to contribute to ISC8. From 2009 to 2010,

Joll (President) and Randels (Executive VP, Global Sales and Marketing) worked

together at Velocitude (acquired by Akamai Technologies in June 2010) (Joll, n.d.;

Randels, n.d.). After leaving Akamai Technologies following the merger, Joll went on to

become President and CEO of ISC8, Inc., where he brought in Joy Randels as Executive

VP to help rebrand the company and to “bring this amazing new technology to the

forefront of the information security market” (PR Newswire, 2011).

64

Table 11. Evidence and Date of ISC8’s Indicators of Success – Founder Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Previous Entrepreneurial Experience

No No

Previous Industrial Work Experience

No Yes – January 2004

Previous Management Experience

No Yes – June 1982

Bachelor’s Degree or Above No Yes – May 1979 Relevant Social Network Yes Yes – October 2009

Conclusion

In September 2014, ISC8, Inc. began the process of filing for Chapter 11

bankruptcy and in January 2015, filed for the auction of its assets (worth $70 million) for

approximately $8 million (PR Newswire, 2014; US Bankr. C.D. Ca., 2015). None of

ISC8’s founders had any previous entrepreneurial experience, and the founding team

fractured in 2013. ISC8 was also lacking the 50% equity share and organized business

plan indicators.

Cryptine Networks

Cryptine Networks was founded in 2002 by Nate Underwood and Andrew Fife as

a security consulting firm. After developing cybersecurity software products in 2004 and

divesting their consulting services in 2005, Cryptine Networks encountered several

obstacles stemming from their poorly organized 2002 incorporation. The startup’s

inability to resolve these issues drove away investors which stalled production and, in

2006, Cryptine shut down operations. Evidence and dates regarding Cryptine Networks’

indicators of success across funding attributes, firm attributes, and founder attributes can

be found in table 12, table 13, and table 14, respectively.

65

Funding Attributes

Cryptine Network’s consulting services business unit was acquired by Helio

Solutions, Inc., in November 2005 for an undisclosed amount (PR Newswire, 2005).

According to Fife (2006), the sale “amounted to a small seed investment and allowed the

reaming team members to focus exclusively on software development” (para. 3). This is

evidence of seed capital up to $1 million because of Fife’s explicit statement; however,

because the amount of the acquisition (and therefore seed capital) was undisclosed, it

cannot be definitively used as evidence for seed capital greater than $1 million.

In addition to providing seed capital, the Helio acquisition also split up the

founders. After the sale, founders on both sides of the split worked towards a

capitalization model in which the departed founders retained a small percentage of equity

with the understanding that any investors would dilute the equity and drive that

percentage down (Fife, 2006). As this is the only information regarding Cryptine

Networks’ equity, there is no evidence of equity share greater than 50% by any one

founder. This equity distribution plan backfired; none of the potential investors wanted to

become involved in the complex legal efforts to reduce a founder’s equity. The poorly

formed equity distribution plan completely drove away all six of the interested investors,

resulting in a lack of investor financing for Cryptine Networks (Fife, 2006).

Table 12. Evidence and Date of Cryptine Networks’ Indicators of Success – Funding Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Seed Capital up to $1M No Yes – November 2005 Seed Capital Greater than $1M No No Equity Share Greater than 50% Yes No Investor Financing No No

66

Firm Attributes

As mentioned previously, Cryptine Networks hastily incorporated in 2002,

without any outside or legal consultations. This incorporation created a completely

internal and inexperienced Board of Directors, which became deadlocked and was unable

to resolve the equity redistribution problem. This deadlock and lack of experience

resulted in the company’s inability to prepare for such problems, inability to identify and

pursue all available options, and eventually close down the startup. According to Fife

(2006), an outside board member would have provided objectivity and an experience

corporate attorney would have likely been able to guide the company through these

troubles and possibly even prevent failure. The poorly organized incorporation and lack

of foresight are evidence of an unorganized business plan.

While Cryptine Networks had shown some success with the beta version of their

product (the startup had assembled 12 beta test partners and had received their first

purchase order), their offering was not innovative. Their product amounted to a firewall,

virtual private network (VPN), intrusion detection, and host hardening (Bloomberg,

2016b). Because this is the only third-party mention of Cryptine’s products, it is not

evidence of an innovative product because the source did not discuss innovativeness.

Nate Underwood and Andrew Fife are the only two named founders of Cryptine

Networks (Underwood, n.d.; Fife, n.d.), however, Fife (2016) mentions a team several

times but does not clarify if this team was composed of additional founders or simply

other employees. Even if only the two named founders are considered, this is sufficient

evidence for a team founding indicator. As mentioned previously, the acquisition of

Cryptine’s security consulting services by Helio Solutions in November 2005 fractured

67

the founding team. Underwood’s position was within the acquired business unit and,

following the acquisition, he left to start another company (PR Newswire, 2005;

Underwood, n.d.). Meanwhile, Fife and the software development team remained with

Cryptine Networks to continue work on their cybersecurity product (Fife, n.d.). The

disputes and disagreements regarding the post-split equity redistribution is evidence that

the team did not separate on good terms.

Table 13. Evidence and Date of Cryptine Networks’ Indicators of Success – Firm Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Organized Business Plan Yes No Innovative Product No No Team Founding No Yes – January 2002 Founding Team Fracture No Yes – November 2005

Founder Attributes

Neither Underwood nor Fife possessed any previous entrepreneurial experience

prior to founding Cryptine Networks, although both have since gone on to be active in

entrepreneurial communities (Underwood, n.d.; Fife, n.d.). Underwood had previously

worked in the cybersecurity industry as a network security engineer in August 1999 for

Liquid Audio. He also held security consultant and security project lead positions before

founding Cryptine. As a security project lead with Conxion, Underwood earned previous

management experience with a global security provider (Underwood, n.d.).

Both founders have earned at least a bachelor’s degree. Underwood received an

undated bachelor’s degree in Italian cultural studies from the University of California,

Santa Barbara (Underwood, n.d.). Fife has earned two master’s degrees, one in

international relations (2001) from University of St. Andrews, and one in politics of the

68

world economy (2002) from the London School of Economics and Political Science

(Fife, n.d.). There is no evidence that either founder leveraged their social network to

improve the startup’s likelihood of success, despite opportunities to do so, and therefore

it cannot be indicated that either found had a relevant social network.

Table 14. Evidence and Date of Cryptine Networks’ Indicators of Success – Founder Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Previous Entrepreneurial Experience

No No

Previous Industrial Work Experience

No Yes – August 1999

Previous Management Experience

No Yes – April 2001

Bachelor’s Degree or Above No Yes – May 2001 Relevant Social Network Yes No

Conclusion

While there was a dearth of information on Cryptine Networks, it is clear that the

company’s lack of investor financing, fracture of the founding team, and lack of previous

entrepreneurial experience resulted in a challenging and difficult road to success, despite

the founders’ previous industrial and management experience. When combined with a

poorly organized business plan, non-differentiated product, and inability to leverage their

social network, it is no surprise that Cryptine Networks failed.

Comparison of Cases

When comparing the three cases by the success factors, several indicators of

success become evident. Three indicators were absent in both of the unsuccessful cases:

organized business plan, founding team fracture, and previous entrepreneurial experience,

as seen in Table 15 below (the complete table comparing all indicators of success across

69

the three cases can be found in Appendix C). While equity share greater than 50% was

also missing in both unsuccessful cases, it was not identified in the successful case either.

Equity share, therefore, may either be a victim of its own complexity or lack of

information, or it may not be indicative of increased likelihood of success.

Of the three indicators that were missing in the unsuccessful cases, organized

business plan was considered a complex indicator in the previous chapter due to its

subjectivity and general lack of information. While the organization of a startup can be

inferred from interviews with founders or the presence of numerous funding rounds

(which were used as evaluation tools in this study), rarely – if ever – is the organizational

and strategic plan stated outright.

Both the founding team fracture and previous entrepreneurial experience were

easily and objectively identified through news and industry articles as well as the

professional social media site LinkedIn, reinforcing the non-complex determination

assigned in the methodology chapter. Both of these indicators were present in the

successful case and absent in both the unsuccessful cases. While also being non-complex

indicators, it is evident that the founding team fracture and previous entrepreneurial

experience increased the likelihood of startup success more than the other evaluated

factors. Additionally, because the fracture of the founding team is of greater importance,

then the team founding must be of equal importance to a startup’s likelihood of success.

Because of these results, both previous entrepreneurial experience and a team founding

(because it is equivalent to the fracture) are weighted double in the Competitive

Indicators and Warning analysis model. The fracture of the founding team is weighted as

a negative two points, which would therefore reduce the overall score.

70

Table 15. Comparison of notable Indicators of Success between Palo Alto Networks, ISC8, and Cryptine Networks.

Indicators of Success

Evidence and Date of Indicator

Palo Alto

Networks ISC8, Inc.

Cryptine

Networks F

un

din

g

Equity Share Greater

than 50% No No No

Investor Financing Yes

January 2006

Yes

Nov. 2013 No

Fir

m

Organized Business

Plan

Yes

August 2007 No No

Team Founding Yes

February 2005

Yes

Nov. 2011

Yes

January 2002

Founding Team

Fracture No

Yes

March 2013

Yes

Nov. 2005

Fou

nd

er Previous

Entrepreneurial

Experience

Yes

January 2000 No No

Testing the Model

The developed Competitive Indicators and Warning model was tested on each of

the three cases – Palo Alto Networks, ISC8, Inc., and Cryptine Networks – in order to

validate the accuracy of the model. Area 1 Security, a recently formed cybersecurity

startup, was also analyzed through the Competitive I&W model to demonstrate the

model’s estimative capabilities.

As noted in the methodology chapter and the previous section, investor financing,

team founding, and previous entrepreneurial experience are all weighted two points in the

model, with the fracture of the founding team reducing the score by two points. The

fracture of the founding team (and therefore the team founding) and previous

71

entrepreneurial experience were determined to be more valuable to a startup’s success

through the case study, which is reflected in the model through an indicator that is

weighted heavier than the other factors. Investor financing, despite being present in the

unsuccessful case ISC8, Inc., was weighted equally as heavy due to the importance

imparted on the indicator through the reviewed literature (Bhide, 2000; Bygrave et al.,

2003; CB Insights, 2014a; Inderst & Mueller, 2009).

As was described in the previous chapter, the model presents the indicators of

success, organized by attribute family, in the left column followed by the number of

points corresponding to evidence of that indicator. The ‘Yes/No’ column is used to

represent whether evidence of that particular indicator has been found, with the month

and year of the indicator in the next column to the right, the ‘Date’ column. It must be

noted that the date of the indicator should be the date on which the indicator occurred or

was reported, not necessarily the date the indicator was found by the researcher or

analyst.

In the rightmost ‘Score’ column, the point total corresponding to that indicator is

noted. Most indicators receive one point, except for the fracture of the founding team,

which earns a negative two points, and investor financing, team founding, and previous

entrepreneurial experience, which receive two points each as described earlier. Finally,

the scores are totaled (and can be broken down by attribute family), and the sum is given

at the bottom of the model out of a total possible 15 points. As mentioned in the previous

chapter, the more points a startup scores, the more likely it is that the startup will be

successful. However, scoring a perfect 15 out of 15 is not a guarantee of success; a

perfect score only indicates that the startup has achieved all of the factors that increase

72

the probability of success. Additionally, a low-scoring startup will not necessarily be a

failure; the low-scoring startup could increase their score over time and potentially

survive for the five years post-funding required to be successful.

Following the assessment of a startup through Competitive I&W analysis, the

startups were rated into one of three groups. Startups that scored between zero and five

points were placed into the high risk of failure/low chance of success group. Firms that

scored between six and 10 points were grouped into the moderate risk of failure or

success category. Startups in this category should be monitored closely as any additional

factors or new information could move these firms into a more distinct scoring group.

Finally, startups that scored between 11 and 15 were placed in the high chance of

success/low risk of failure category. This rating system and the point cutoffs for each

group were developed through this study and based on the cases discussed. Since this is

exploratory research, assessments of additional cases would be necessary to strengthen

and validate this rating scale. From there, benchmark grades for success or failure could

be established and defended.

Competitive I&W Analysis of Palo Alto Networks

As can be seen in figure 6, Palo Alto Networks earned 13 out of a possible 15

points towards success. Despite the lack of seed capital greater than $1 million and an

equity share percentage of less than 50%, Palo Alto Networks is a successful

cybersecurity startup. If this analysis was conducted in the early days of the company, an

analyst could have reasonably estimated from the results of the model that Palo Alto

73

Networks has a high chance of success, and therefore a low risk of failure. The model and

correlating decision stairway can be found in Appendix D.

Competitive I&W Analysis of ISC8, Inc.

As can be seen in figure 7, ISC8 earned nine out of a possible 15 points. In

addition to lacking the key indicator of previous entrepreneurial experience, ISC8 also

went through a fracture of the founding team and did not have an organized business

Figure 6. Competitive Indicators and Warning Analysis of Palo Alto Networks

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) yes May-05 1$1 million or greater (1) no 0

Equity Share50% or more (1) no 0

Investor Financing (2) yes Jan-06 2Firm Attributes (4 possible points )

Organized business plan (1) yes Aug-07 1Innovative product (1) yes Aug-07 1Team founding (2) yes Feb-05 2

If team fractures (-2) no 0Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) yes Jan-00 2Previous industrial work experience (1) yes Jan-90 1Previous management experience (1) yes Feb-04 1Education

Bachelor's degree or above (1) yes May-95 1Relevent social network (1) yes Mar-05 1

Funding 3Firm 4Founder 6

Total Score 13 /15

Indications & Warning Analysis - Startups

Palo Alto Networks

74

plan, while also lacking information regarding equity share percentage. Scoring a nine

out of 15 is a middle ground in this model that would place this firm in the moderate risk

of failure or success category, warranting continued monitoring. The model and

correlating decision stairway can be found in Appendix E.

Competitive I&W Analysis of Cryptine Networks

As can be seen in figure 8, Cryptine Networks only scored four out of a possible

15 points. In addition to lacking previous entrepreneurial experience and going through a

Figure 7. Competitive Indicators and Warning Analysis of ISC8, Inc.

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) yes Dec-10 1$1 million or greater (1) yes Dec-10 1

Equity Share50% or more (1) no 0

Investor Financing (2) yes Nov-13 2Firm Attributes (4 possible points )

Organized business plan (1) no 0Innovative product (1) yes May-13 1Team founding (2) yes Nov-11 2

If team fractures (-2) yes Mar-13 -2Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) no 0Previous industrial work experience (1) yes Jan-06 1Previous management experience (1) yes Jun-82 1Education

Bachelor's degree or above (1) yes May-61 1Relevent social network (1) yes Oct-09 1

Funding 4Firm 1Founder 4

Total Score 9 /15

Indications & Warning Analysis - Startups

ISC8, Inc.

75

founding team fracture, the startup received no investor financing, had neither an

organized business plan nor an innovative product, and the founders did not leverage a

relevant social network. Again, there was no information regarding equity share. If this

analysis was conducted in Cryptine Networks’ infancy, the analyst or researcher would

place the startup in the high risk of failure/low chance of success category. While the

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) yes Nov-05 1$1 million or greater (1) no 0

Equity Share50% or more (1) no 0

Investor Financing (2) no - 0Firm Attributes (4 possible points )

Organized business plan (1) no - 0Innovative product (1) no - 0Team founding (2) yes Jan-02 2

If team fractures (-2) yes Nov-05 -2Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) no - 0Previous industrial work experience (1) yes Aug-99 1Previous management experience (1) yes Apr-01 1Education

Bachelor's degree or above (1) yes May-01 1Relevent social network (1) no 0

Funding 1Firm 0Founder 3

Total Score 4 /15

Indications & Warning Analysis - Startups

Cryptine Networks

Figure 8. Competitive Indicators and Warning Analysis of Cryptine Networks

76

unsuccessful ISC8 was in the middle of the spectrum, Cryptine Networks is clearly at the

low end of the point scale. The model’s decision stairway can be found in Appendix F.

Competitive I&W Analysis of Area 1 Security

Area 1 Security was selected as the case on which to test the Competitive

Indicators and Warning model because it is a recently-founded cybersecurity startup that

is still in the early stages of investor financing. Additionally, the startup has been

receiving attention from entrepreneurship- and technology-focused news sources, which

has increased the amount of open-source information available on the company.

Area 1 Security was founded in either late 2013 or early 2014 (sources differ, as

the startup operated in a secretive, non-publicized manner known as stealth mode). The

startup was founded by three public founders, Oren Falkowitz, Blake Darché, and Phil

Syme, and two founders who prefer to remain anonymous. Evidence and dates regarding

Area 1 Security’s indicators of success across funding attributes, firm attributes, and

founder attributes can be found in table 16, table 17, and table 18, respectively.

Funding attributes. In May 2014, Area 1 Security came out of stealth mode with

the announcement that they had secured $2.5 million in seed capital from several

investors, including Ted Schlein, Ray Rothrock, and several VC firms including Kleiner

Perkins Caufield & Byers, Allegis Capital, and Cowboy Ventures, among others (Reilly,

2014; CrunchBase, 2016c). The startup also held a successful Series A funding in

December 2014 and Series B funding in October 2015, where they raised an additional

$23 million of funds from investors such as Icon Ventures, First Round, and Data

Collective, in addition to the previous seed round investors (Marketwired, 2015;

77

CrunchBase, 2015). There was no evidence that any of the founders had equity shares

greater than 50%.

Table 16. Evidence and Date of Area 1 Security’s Indicators of Success – Funding Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Seed Capital up to $1M No Yes – May 2014 Seed Capital Greater than $1M No Yes – May 2014 Equity Share Greater than 50% Yes No Investor Financing No Yes – December 2014

Firm attributes. As mentioned previously, Area 1 Security was founded in either

late 2013 or early 2014 (sources differ) by Oren Falkowitz, Blake Darché, and Phil Syme,

as well as two additional anonymous co-founders (Hackett, 2014; Greenfield, 2014). As

of January 2016, the founding team is still operating cohesively with no evidence of a

pending fracture. The team has successfully held two investor funding rounds, with the

most recent (Series B) held in October of 2015 (CrunchBase, 2015). The presence of a

second funding round serves as evidence of a startup’s organized business plan.

Table 17. Evidence and Date of Area 1 Security’s Indicators of Success – Firm Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Organized Business Plan Yes Yes – October 2015 Innovative Product No Yes – January 2014 Team Founding No Yes – January 2014 Founding Team Fracture No No

Founder Attributes. Of the three known founders, Oren Falkowitz is the only

one with previous entrepreneurial experience. In July 2012, Falkowitz co-founded Sqrrl,

a big data analytics and cybersecurity firm (Falkowitz, n.d.; Alspach, 2012). All three of

78

the known founders have previous industrial work experience primarily with the National

Security Agency (NSA) (Hackett, 2014). Falkowitz worked as an NSA analyst from 2006

until 2012 (Falkowitz, n.d.). Blake Darché worked as a computer network exploitation

analyst for the NSA from 2006 until 2010 (Darché, n.d.). Several sources (Reilly, 2014;

Hackett, 2014; Bort, 2014) group Phil Syme in with Falkowitz and Darché as a former

NSA analyst, but Syme’s LinkedIn profile has no mention of the NSA and claims that he

worked as a chief engineer for Next Century Corporation from 2003 until 2014, which is

experience in the same industry (Syme, n.d.). Marketwired (2015) claims that the two

anonymous co-founders worked in security at MIT and data analytics at Disney, which

demonstrates that the entire team of founders had previous industrial work experience.

Falkowitz and Darché both have previous management experience, with Falkowitz’s

coming from 2010 to 2012 as the Director of Technology and Data Science Programs

with the US Cyber Command, and Darché’s occurring between 2012 and 2014 as

CrowdStrike’s Principal Consultant and Facility Security Officer (Falkowitz, n.d.;

Darché, n.d.).

Two of the three of the known co-founders have earned at least a Bachelor’s

degree. Syme earned his Bachelor of Science (BS) in Mathematics and Computer Science

from Carneigie Mellon University in 1995 (Syme, n.d.). Darché earned a BS in

Information Technology from Rochester Institute of Technology in 2005 and his MS in

Security Informatics from Johns Hopkins University in 2009 (Darché, n.d.). While there

is no evidence of Falkowitz earning a degree, he does follow two George Washington

University groups on LinkedIn, one of which is the official group of students, alumni,

79

faculty and staff of GWU’s Elliot School of International Affairs – a group that requires

approval to join (Falkowitz, n.d.; Elliot School, n.d.).

The Area 1 Security team leveraged their social network by approaching Ted

Schlein and his investing firm, Kleiner Perkins Caufield & Byers, to raise seed and

subsequent capital. Schlein had previously invested in the security firm Synack, which

was founded by two former NSA analysts (Hill & Fox-Brewster, 2014). Schlein has

publicly stated his support for and confidence in cybersecurity firms founded by NSA

alumni, saying that, “NSA engineers are highly talented and smart people with deep

experience with how to battle bad forces” (Hill, 2014). Through their NSA background,

Area 1 Security founders were able to secure early funding and therefore leverage a

relevant social network.

Table 18. Evidence and Date of Area 1 Security’s Indicators of Success – Founder Attributes

Indicators of Success Complex

Indicator? Evidence and Date of Indicator

Previous Entrepreneurial Experience

No Yes – July 2012

Previous Industrial Work Experience

No Yes – February 2006

Previous Management Experience

No Yes – August 2010

Bachelor’s Degree or Above No Yes – May 1995 Relevant Social Network Yes Yes – December 2014

Conclusion. The only indicator of success missing from Area 1 Security’s

founding is the equity share greater than 50%, which, as discussed in the earlier case

comparison, may either be too difficult to find evidence of, or may not be indicative of

success at all. Even without the evidence of equity share, there was evidence of Area 1

Security possessing all of the other 11 positive indicators of success, with the only other

80

‘no’ being attributed to the founding team fracture, which had not occurred as of January

2016. The completed analysis of Area 1 Security through the Competitive Indicators and

Warning model can be seen in figure 9, below, where the startup scores 14 out of a

possible 15 points. Figure 10 shows the decision stairway, a chronological and visual

representation of Area 1 Security’s attainment of each indicator of success. The

Competitive Indicators and Warning analysis indicates that Area 1 Security is in the high

chance of success/low risk of failure category; however, this estimate cannot be

confirmed for five years after their last funding round.

Figure 9. Competitive Indicators and Warning analysis of Area 1 Security

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) yes May-14 1$1 million or greater (1) yes May-14 1

Equity Share50% or more (1) no 0

Investor Financing (2) yes Dec-14 2Firm Attributes (4 possible points )

Organized business plan (1) yes Oct-15 1Innovative product (1) yes Jan-14 1Team founding (2) yes Jan-14 2

If team fractures (-2) no 0Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) yes Jul-12 2Previous industrial work experience (1) yes Feb-06 1Previous management experience (1) yes Aug-10 1Education

Bachelor's degree or above (1) yes May-95 1Relevent social network (1) yes Dec-14 1

Funding 4Firm 4Founder 6

Total Score 14 /15

Indicators & Warning Analysis - Startups

Area 1 Security

81

Figure 10. Decision stairway reflecting Area 1 Security’s attainment of indicators of success.

Chapter 4 Summary

Of the three cases examined (Palo Alto Networks, ISC8, Inc., and Cryptine

Networks), only Palo Alto Networks assembled enough success factors to move on from

investor funding rounds and survive for five years, and in doing so become a successful

cybersecurity startup (as defined by this study). ISC8 assembled a significant number of

success factors, while Cryptine Networks faltered in that regard; however, both were

missing the key indicators of success by lacking previous entrepreneurial experience and

going through a fracture of the founding team. In addition to these two factors identified

through the case study, investor financing was deemed to be a key indicator of success

due to the emphasis in the reviewed literature. Thus, each of these three factors are worth

two points in the developed Competitive Indicators and Warning model, while all other

indicators are worth one point.

After analyzing the three cases with the Competitive Indicators and Warning

analysis, the model can be considered to be valid. The scores that Palo Alto Networks

and Cryptine Networks earned would have resulted in accurate estimations on their

82

chances of success or risks of failure, while ISC8’s score prompts further monitoring of

the startup. The developed scoring and rating system, which was exploratory in nature,

warrants further research into the interpretation and categorization of the results of

Competitive I&W. To demonstrate the model’s estimative capability, Area 1 Security (a

nascent cybersecurity startup) was analyzed and its score (14 out of 15 possible points)

indicates that the startup is likely to be successful; however, this will be impossible to

determine until at least 2020.

The findings from this chapter will be discussed further in the concluding chapter,

as well as a discussion of their implications to practitioners. Additionally,

recommendations for future research, will be made in the next chapter, as well as a

summary of and conclusion to the study as a whole.

83

CONCLUSION

Introduction

This study was conducted to determine whether funding, firm, or founder

attributes increased the likelihood of a startup’s success. The findings were then applied

to the development of the Competitive Indicators and Warning (I&W) model. The

Competitive I&W model was designed to be used by competitive and market intelligence

professionals as a tool to objectively estimate the likelihood of startup companies, which

have become a disruptive force in many industries. This chapter will fully review and

summarize the study followed by a discussion of the findings presented in the previous

chapter. This chapter will also discuss the implications of these findings on the practice

of competitive intelligence, as well as make recommendations for further research, as

identified throughout this thesis.

Summary of the Study

This study was conducted to examine factors that are indicative of success in

startups and develop an analytic model that can be used to estimate a startup’s likelihood

of success. Despite the difficulty and subjectivity in examining numerous complicated

factors and variables, competitive intelligence professionals lack an objective

methodology to analyze and estimate the likelihood of success of a new startup firm

during its formative years. This study transformed Indicators and Warning analysis, a

predominately national security and military intelligence methodology, into a

methodology that can be used in a competitive intelligence setting to estimate the

likelihood of a startup’s success.

84

After a thorough review of the literature regarding success and entrepreneurship,

several factors were identified that influenced entrepreneurial success. In order to test

these factors and determine if any factors were more indicative of success than the others,

this thesis utilized a qualitative case study through the examination of one successful

cybersecurity startup, Palo Alto Networks, and two unsuccessful cybersecurity startups,

ISC8, Inc. and Cryptine Networks. The cybersecurity industry was chosen due to its rapid

market growth and the severity and breadth of recent cyber-attacks, targeting over 3,000

US companies and approximately 110 million Americans. In response to these attacks,

cybersecurity-specific startups have flooded the market; since 2010, more than $7.3

billion has been invested in 1,208 cybersecurity startups.

Using information from the open sources discussed in the methodology chapter,

data on the three cases’ funding, firm, and founder attributes was collected and analyzed.

The result of a comparison of the cases (found in Appendix C) suggests that the absence

of previous entrepreneurial experience and the fracture of the team founding were

indicators that both negatively influenced the likelihood of success of the two

unsuccessful cases, but positively influenced the successful case. The successful

company’s founder had previous entrepreneurial experience and the founding team did

not fracture; therefore, the weighting of these indicators was doubled in the Competitive

I&W model. Additionally, investor financing was also awarded a double weighting due

to its emphasis in the reviewed literature.

In the Results chapter, the Competitive I&W model was tested on the three cases

to prove its validity and accuracy (Appendices D, E, and F), then used to analyze a

nascent cybersecurity startup, Area 1 Security, to demonstrate its capability as an

85

estimative analytic methodology. After data collection on Area 1 Security’s funding,

firm, and founder attributes and analysis of these factors through the Competitive I&W

model, the nascent startup scored 14 points out of a possible 15 points and included the

presence of investor financing, team founding, and previous entrepreneurial experience

(the three weighted indicators), without experiencing a fracture of the founding team as

of January 2016. Area 1 Security, therefore, has a high chance of success and low risk of

failure.

Discussion of the Findings

The findings presented in the previous chapter imply that a founder’s previous

entrepreneurial experience, a team founding, and the fracture of the founding team (if

evident) are more indicative of startup success than the other examined factors. When

comparing these indicative factors with the literature from which they were derived, the

reasons for their importance become evident.

In support of several studies (Cooper et al., 1994; Friar & Meyer, 2003; Lafuente

& Rabetino, 2011; Littunen, 2000; Littunen & Niittykangas, 2010; Lussier & Halabi,

2010; Schutjens & Wever, 2000), teams of founders have the opportunity to take

advantage of a wide array skills and resources, attributes that may not be present in a

single founder. Additionally, the team founding means that more individuals have vested

interests in the success of the startup, which frequently leads to greater access to capital

(both financial and human) and more sophisticated support systems. While teams of

founders increase the probability of startup success, the findings of this study indicate

that the fracture of founding teams due to non-amicable conditions, may not only

86

severely threaten the survival of the business, as Thurston (1986) suggested, but also may

be indicative of failure.

Despite Bosma et al. (2004) and Van Praag’s (2003) denial that previous

entrepreneurial experience positively influences small business success, the importance

of previous entrepreneurial experience to startup success was a clear result of this

comparative case study. Through this type of experience, founders develop a better

understanding of how to organize and recruit investors and talent to a new company.

While the founder is lacking this understanding and experience during their first

entrepreneurial venture, it will likely benefit them in future endeavors. The indicator’s

presence in this study’s findings supports Coleman (2007), Harada (2003), and Yusuf’s

(1995) conclusions that entrepreneurial experience is a critical success factor to startups.

Additionally, Stuart and Abetti (1990) asserted that this previous experience was highly

valued by financial investors, but it was not valued by banks during the loan application

process (Blumberg & Letterie, 2008).

Because evaluating startups is a primary focus of venture capitalist firms, the

presence of investor financing was also determined to be worth weighting. Investor

financing was present in the successful case, as well as one of the two unsuccessful cases.

Despite the results of the case study not supporting this indicator, Inderst and Mueller

(2009) asserted that startups that have been financed by large investors are more likely to

dominate their competition, particularly in highly competitive industries like the

cybersecurity industry. Additionally, because only about a half of a percent of startups

are financed, competition for financing can be fierce (Bygrave et al. 2003), thereby

demonstrating the potential success of those ventures that earn investor financing.

87

While Duchesneau and Gartner (1990) claimed that when the founder contributes

and controls a greater equity share, the startup’s likelihood of success increases, the

findings of this case study did not support their claim. However, these findings do not

necessarily mean that greater equity share does not increase the likelihood of success.

Because this indicator was missing from all three cases (and the new startup Area 1

Security), it may just be difficult to find due to privacy concerns of the founder or a lack

of reporting on the part of news sources and industries. While Nir Zuk, the founder of

Palo Alto Networks, specifically stated that he only controlled about 5-10% of the

company (significantly less than the sought after 50% equity share), he noted that this

was because he preferred to invest his equity into the company, its employees, and its

resources. So despite not possessing a significant equity share, Zuk utilized his shares to

improve his company. As this indicator was neither supported nor refuted through this

study, it should be considered as a topic for further research.

The development of the Competitive I&W model, while including the previously

mentioned success factors, was guided by the goal of intelligence products and activities:

to reduce uncertainty in a decision maker (Wheaton & Beerbower, 2006). This study and

the developed Competitive Indicators and Warning analytic model successfully complete

this objective by determining identifiable factors that are indicative of startup success and

organizing those factors into a manageable, scored model that can assist analysts in

categorizing new startup ventures into distinct groups based on their risk of failure or

chance of success. Additionally, this study and the developed Competitive I&W

methodology builds upon the analytic methodologies common the national security and

military intelligence professions, demonstrating that the competitive intelligence

88

discipline can be expanded and improved, to the benefit of competitive intelligence

professionals, through the conversion and development of methodologies used in other

fields of intelligence, such as military or national security.

The definitional translation of I&W analysis started as a US Department of

Defense (2010/2015) method, define as “an activity intended to detect and report time-

sensitive intelligence information on foreign developments that forewarn of hostile

actions or intentions against US entities, partners, or interests” (p. 259). After a review of

business-focused literature from authors such as Herring (1996), Jackson and Dutton

(1988), Porter (1996, 2008), and Barney (1991), key terms in the DOD definition were

converted to language that can be used in competitive intelligence, resulting in the

definition of Competitive I&W developed through this study: activities intended to

prevent surprises through the detection and reporting of time-sensitive intelligence

information on competitor or market developments that forewarn of potential threats or

opportunities that will likely affect an organization's strategy, competitive advantage, or

revenue.

Implications for Practice

This study has two major implications for practitioners, not only competitive

intelligence analysts and consultants assessing startups in their own industries, but also

for potential investors and companies that may be interested in acquiring a new startup.

While the study identified four factors (previous entrepreneurial experience, team

founding, fracture of the founding team, and investor financing) that were indicative of

the analyzed startups’ chances of success or risks of failure, these cannot be generalized

across industries. It is tempting to argue that a competitive intelligence practitioner could

89

focus their analysis on these four factors, but without further research on these factors,

their generalizability cannot be determined.

The developed analytic methodology, Competitive Indicators and Warning can be

used by practitioners to objectively analyze and compare startups. The tool can be used to

organize information collection activities and identify intelligence gaps because it lists all

the necessary information in one location and can easily be modified to include potential

and actual information sources. Because the model requires that evidence of each factor

be recorded and dated, any factors lacking evidence are prominent and should be

emphasized in future collection efforts. The Competitive I&W model can also be used to

support and defend a practitioner’s analysis by clearly categorizing a startup based on

chances of success or risks of failure and, as mentioned earlier, can be easily modified to

include sources. The scoring system and source lists can be used to support the analysis

and serve as an auditing tool to show how the analysis or decisions were founded. When

analyzed through Competitive I&W, analysts should be able to identify blind spots, such

as unexpected potential new entrants or competitors, and reduce surprises in the market.

Second, the results of this study demonstrate the importance of the four identified

factors to future studies and the potential for the developed Competitive I&W model to

be generalizable to startups beyond the cybersecurity industry. This study did not use any

factors that were specific to the cybersecurity industry itself. However, the model could

be easily expanded to include industry-specific factors, thus increasing the level and

detail of the analysis. Additionally, macroenvironmental factors could be incorporated in

order to improve the robustness of analysis when comparing startups across different

90

industries. Any expansion or alteration of the model would require an alteration of the

categories resulting from the final scores.

Recommendations for Further Research

This study uncovered several topics that would benefit from further research.

Because an organization’s environment is divided into three distinct levels (internal,

industry, and macroenvironment), the impact of market and industrial factors could be

very significant and influential on the success or failure of a startup venture. Utilizing an

analytic framework such as STEEP1 to assess the macroenvironment may help to reveal

potential indicators that are broad in scope or outside the founder’s control (Fleisher &

Bensoussan, 2003). Macroenvironmental analysis can be complex, due to varying

interpretations, misperceptions, inaccuracy, and uncertainty can mar the results of

macroenvironmental analysis (Diffenbach, 1983). To determine factors that are industry

specific and may impact a startup, Porter’s (2008) five forces2 analysis can be used to

assess industrial factors. In volatile industries with multiple competitors, demanding

customers, and powerful suppliers, companies must improve their strategy and become

more entrepreneurial in order to survive, let alone thrive (Birkinshaw, Hood, & Young,

2005). While this analysis is intended to estimate how attractive an industry is by

examining its profitability, the analysis would also reveal factors that may increase or

decrease the chance of success of a startup in that industry. These additional

methodologies increase the thoroughness of analysis and the likelihood of producing an

accurate estimate. When combined with macroenvironmental and industrial analyses,

1 STEEP is an acronym which stands for Social, Technological, Economic, Ecological, and Political/Legal – the five dimensions to analyze the macroenvironment. 2 Porter’s five forces are composed of the threat of new entrants, bargaining power of suppliers, bargaining power of buyers, threat of substitute products or services, and the rivalry amongst existing competitors.

91

Competitive I&W would become a more robust, powerful, and all-encompassing analytic

model.

A proposed framework for the inclusion of STEEP and Porter’s Five Forces

analysis can be found in Figure 11. Macroenvironmental factors can be represented

through STEEP analysis as in Table 19 and industrial factors can be depicted through

Porter’s Five Forces analysis as in Figure 12. Studies that research methods of combining

macroenvironmental and industrial analysis with Competitive I&W will have to develop

scoring or evaluation systems to determine the impact of individual factors and the

overall favorability of the macroenvironment and industry into which the startup is

entering. While the proposed model uses a high, moderate, or low impact or threat level,

greater development and refinement of the evaluation system will increase the accuracy

of analysis and provide greater value to decision makers.

Figure 11. Proposed model framework for inclusion of macroenvironmental and industrial analysis with Competitive Indicators and Warning analysis.

92

Table 19. Sample representation of a macroenvironmental analysis using STEEP.

STEEP Categories Primary Macroenvironmental Factors Impact

Social

Number of American internet users expected

to increase to 87% by 2020 Moderate

Increasing fear of cybercrime likely to

motivate investments in security products High

Technological

200 billion ‘smart’ devices will require

advanced cybersecurity solutions High

Shortage of talent in security fields will lead to

recruiting competition Moderate

Figure 12. Sample Porter’s five forces analysis of the cybersecurity industry.

The indicators of success used in the Competitive I&W model could be refined

through further research. Specifically, the four factors identified through this study

(previous entrepreneurial experience, team founding, fracture of the founding team, and

93

investor financing) should be the focus of future quantitative and qualitative research on

the subject of startup success. Another particular indicator is equity share; because equity

share was missing in all three cases, it warrants the question of whether or not equity

share is indicative of success. Equity share greater than 50% was a proxy for founder

commitment, but because of the lack of information on this factor, future research should

determine if there is a proxy that is more easily identifiable than equity share. The next

indicator deserving of further research is the educational indicator. Education was used as

a proxy for knowledge development capabilities, adaptability, and several other qualities

such as motivation and dedication. This study used a founder’s bachelor’s degree as

evidence of education, but the founders of Cryptine Networks, one of the unsuccessful

cases, had earned degrees in Italian cultural studies and international relations, which

raises the question of whether degrees in subjects radically different from the startup’s

industry may hinder the likelihood of success. Future studies could research and analyze

any correlations between specific degrees and entrepreneurial success.

The system for measuring and evaluating the indicators developed in this was

exploratory in nature; techniques for indicator evaluation could be improved on through

further research. Additionally, the scoring and categorical ranking system were developed

through this study. Well-defined categories and benchmarks or cutoff scores for risks of

failure or chances of success could likely be determined and specified through further

research utilizing more case studies. Because this was a qualitative study, the key

indicators would likely benefit by the addition of quantitative statistical testing. This type

of research could identify to what magnitude these key factors are more indicative of

success than the other indicators, thus refining the scoring system. Because quantitative

94

studies can evaluate a larger sample size than qualitative studies, the key indicators can

be analyzed in hundreds of companies across a multitude of industries. While a

quantitative study would help refine the scoring system, the Competitive I&W model,

which was developed to be generalizable beyond the cybersecurity industry, should be

qualitatively and quantitatively tested across additional industries and environments in

order to validate the model and increase its robustness.

Conclusions

This study qualitatively identified four success factors that were more indicative

of success in cybersecurity startups than several other examined indicators. The

implications of these findings for practitioners and recommendations for future research

to improve on these finding were discussed in this final chapter. Through the study, the

Competitive Indicators and Warning analytic model was converted from a primarily

military intelligence methodology (Indicators and Warning analysis) to a competitive

intelligence methodology, validated through analysis of the three studied cases, and its

estimative capabilities were demonstrated through the analysis of a nascent cybersecurity

startup. The Competitive I&W assists intelligence professionals analyze startups by

organizing success factors into funding, firm, and founder attribute families while

providing a structured, tested model for more objective analysis.

This study adds to the body of knowledge and literature on competitive

intelligence and analytic methodologies, with particular focus of the scarce research area

of competitive intelligence with relation to entrepreneurship. Additionally, this study has

demonstrated significant opportunities to continue to expand competitive intelligence

literature and develop methodological tools based on the techniques used in the more

95

established intelligence disciplines of national security and military intelligence. The

cybersecurity market is experiencing rapid growth and entrepreneurs are attempting to

earn their share of the increasing venture capital finances. As disruptive technologies

continue to advance, the markets for related products and services will experience rapid

shifts, resulting in more startups designed to meet the newest customer need. Without a

valid, objective, analytic methodology such as Competitive I&W, competitive

intelligence professionals, investors, and companies may be blind to the opportunities and

threats that these startups present.

96

REFERENCES

4-Traders. (2013, 19 March). Irvine Sensors Corp: ISC8 transforms into a pure play global cybersecurity company. Retrieved from: http://www.4-traders.com/IRVINE-SENSORS-CORP-10088052/news/IRVINE-SENSORS-CORP-ISC8-Transforms-Into-a-Pure-Play-Global-Cybersecurity-Company-16558565/

Abetti, P.A. (2000). Critical success factors for radical technological innovation: a five case study. Creativity and Innovation Management, 9(4), 208-221.

Ackerman, P.L., & Humphreys, L.G. (1990). Individual differences theory in industrial and organizational psychology. Handbook of Industrial and Organizational Psychology, 1, 223-282.

Acs, Z.J., & Audretsch, D.B. (1990). Small firm entry in US manufacturing. Economica, 56(222). 255–265

Almus, M. (2002). What characterizes a fast-growing firm? Applied Economics, 34(12), 1497-1508.

Alspach, K. (2012, 23 October). Database startup sqrrl aims to set ‘big data’ free, for biz & society. Retrieved from: http://www.bizjournals.com/boston/blog/startups/2012/10/database-startup-sqrrl-big-data.html

Alterowitz, R., & Zonderman, J. (1988). New corporate ventures: How to make them work. New York, NY: Wiley.

Alvarez, S.A., & Busenitz, L.W. (2001). The entrepreneurship of resource-based theory. Journal of Management, 27(6), 755-775.

Antoncic, B. (2006). Impacts of diversification and corporate entrepreneurship strategy making on growth and profitability: A normative model. Journal of Enterprising Culture, 14(1), 49-63.

Barkham, R., Gudgin, G., Hart, M. & Hanvey, E. (1996). The Determinants of Small Firm Growth. London: Jessica Kingsley

Barney, J. (1991). Firm resources and sustained competitive advantage. Journal of Management, 17(1), 99-120

97

Barringer, B.R., & Jones, F.F. (2004). Achieving rapid growth: revisiting the managerial capacity problem. Journal of Developmental Entrepreneurship, 9(1), 73.

Batra, R. [Rajiv]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/rajiv-batra-95b2528

Baum, J.R., Locke, E.A., & Smith, K.G. (2001). A multidimensional model of venture growth. Academy of Management Journal, 44(2), 292-303.

Becchetti, L., & Trovato, G. (2002). The determinants of growth for small and medium sized firms. The role of the availability of external finance. Small Business Economics, 19(4), 291-306.

Becker, G.S. (1964). Human capital. Chicago, IL: The University of Chicago Press.

Belden, T. G. (1977). Indications, warning, and crisis operations. International Studies Quarterly, 21(1), 181-198.

Bennett, C. (2015, 16 December). Long-delayed cyber bill included in omnibus. Retrieved from: http://thehill.com/policy/cybersecurity/263403-long-delayed-cyber-bill-included-in-omnibus

Birkinshaw, J., Hood, N., & Young, S. (2005). Subsidiary entrepreneurship, internal and external competitive forces, and subsidiary performance. International Business Review, 14, 227-248.

Bloomberg Business. (2016a). Executive profile: Bill Joll. Retrieved from: http://www.bloomberg.com/research/stocks/private/person.asp?personId=438392&privcapId=233754551

Bloomberg Business. (2016b). Company overview of Cryptine Networks, Inc. Retrieved from: http://www.bloomberg.com/research/stocks/private/snapshot.asp?privcapid=24585775

Blumberg, B.F., & Letterie, W.A. (2008). Business starters and credit rationing. Small Business Economics, 30(2), 187-200.

Bonet, F.P, Armengot, C.R., & Martín, M.Á.G. (2011). Entrepreneurial success and human resources. International Journal of Manpower, 32(1), 68-80.

Bort, J. (2014, 12 December). Former NSA guys just launched this startup to stop hackers’ favorite trick. Retrieved from: http://www.businessinsider.com/area-1-

98

security-former-nsa-employees-launch-startup-to-stop-social-engineering-2014-12

Bosma, N., Van Praag, M., Thurik, R., & De Wit, G. (2004). The value of human and social capital investments for the business performance of startups. Small Business Economics, 23(3), 227-236.

Bhide, A. (2000). The origin and evolution of new businesses. New York, NY: Oxford University Press.

Brizek, M.G., & Khan, M.A. (2008). Understanding corporate entrepreneurship theory: A literature review for culinary/food service academic practitioners. Journal of Culinary Science & Technology, 6(4), 221-255. doi: 10.1080/15428050802516002

Brush, C.G., Greene, P.G., & Hart, M.M. (2001). From initial idea to unique advantage: The entrepreneurial challenge of constructing a resource base. The Academy of Management Executive, 15(1), 64-78.

Bull, I. & Willard, G.E. (1991). Towards a theory of entrepreneurship. Journal of Business Venturing, 8, 183-195.

Buttner, E.H., & Moore, D.P. (1997). Women’s organizational exodus to entrepreneurship: self-reported motivations and correlates with success. Journal of Small Business Management, 35(1), 34-46.

Bygrave, W., Hay, M., Ng, E., & Reynolds, P. (2003). Executive forum: a study of informal investing in 29 nations composing the Global Entrepreneurship Monitor. Venture Capital: An International Journal of Entrepreneurial Finance, 5(2), 101-116.

Cantillion, R. (1734). Essai sur la nature du commerce en general. [Essay on the nature of general commerce] (Translated by Henry Higgs). London: MacMillan.

Carroll, R. (2014, June 28). Silicon Valley’s culture of failure… and ‘the walking dead’ it leaves behind. Retrieved from: http://www.theguardian.com/technology/2014/jun/28/silicon-valley-startup-failure-culture-success-myth

Caruana, A, Morris, M.H, and Vella, A. (1998). The effect of centralization and formalization on entrepreneurship in export firms. Journal of Small Business Management, 36(1), 16–29.

99

Cassar, G. (2006). Entrepreneur opportunity cost and intended venture growth. Journal of Business Venturing, 21, 610-632.

CB Insights. (2014a, January 18). The R.I.P. report – Startup death trends. Retrieved from: https://www.cbinsights.com/blog/startup-death-data/

CB Insights. (2014b). The US venture capital year in review – 2014. Retrieved from: https://www.cbinsights.com/venture-capital-2014

CB Insights. (2015, February 24). Cybersecurity startups raise $7.3 billion over 1028 deals. Retrieved from: https://www.cbinsights.com/blog/cybersecurity-startup-financing/

Chappell, B. (2015, 18 December). Obama signs $1.8 trillion tax and spending bill into law. Retrieved from: http://www.npr.org/sections/thetwo-way/2015/12/18/460281572/congress-sends-1-8-trillion-tax-and-spending-bill-to-president-obama

Chandler, G.N., & Hanks, S.H. (1994). Market attractiveness, resource-based capabilities, venture strategies, and venture performance. Journal of business venturing, 9(4), 331-349.

Chandler, G.N., & Hanks, S.H. (1998). An examination of the substitutability of founders human and financial capital in emerging business ventures. Journal of Business Venturing, 13(5), 353-369.

Chen, C., Greene, P., & Crick, A. (1998). Does entrepreneurial self-efficacy distinguish entrepreneurs from managers? Journal of Business Venturing, 13, 295–316.

Clark, R.M. (2003). Intelligence analysis: A target-centric approach. Washington, DC: Congressional Quarterly Press.

CNNMoney. (2014, May 28). Half of American adults hacked this year. Retrieved from: http://money.cnn.com/2014/05/28/technology/security/hack-data-breach/

Colby, S.L., & Ortman, J.M. (2015, March). Projections of the size and composition of the US population: 2014 to 2060. Retrieved from: https://www.census.gov/content/dam/Census/library/publications/2015/demo/p25-1143.pdf

Coleman, S. (2007). The role of human and financial capital in the profitability and growth of women-owned small firms. Journal of Small Business Management, 45(3), 303-319.

100

Cooper, A.C., Gimeno-Gascon, F.J., & Woo, C.Y. (1994). Initial human and financial capital as predictors of new venture performance. Journal of Business Venturing, 9(5), 371-395.

Cooper, R.G. (1979). The dimensions of industrial new product success and failure. Journal of Marketing, 43, 93-103.

Corera, G. (2015, 24 September). Cyber-suspicion strains US-China relations. Retrieved from: http://www.bbc.com/news/world-34333469

Cox, R., & Martinez, J. (2012, 2 August). Cybersecurity Act fails Senate vote. Retrieved from: http://thehill.com/policy/technology/241851-cybersecurity-act-fails-to-advance-in-senate

CrunchBase. (2015). Area 1 Security. Retrieved from: https://www.crunchbase.com/organization/area-1-security#/entity

CrunchBase. (2016a, 21 January). Palo Alto Networks. Retrieved from: https://www.crunchbase.com/organization/palo-alto-networks#/entity

CrunchBase. (2016b). ISC8. Retrieved from: https://www.crunchbase.com/organization/isc8#/entity

CrunchBase. (n.d.). Nir Zuk: Overview. Retrieved from: https://www.crunchbase.com/person/nir-zuk#/entity

Cuervo, A., Ribeiro, D., & Roig, S. (2007). Entrepreneurship: Concepts, theory and perspective. Berlin: Springer.

Cybersecurity Ventures. (2015). Cybersecurity 500. Retrieved from: http://cybersecurityventures.com/cybersecurity-500/

Damanpour, F. (1991). Organizational innovation: A meta-analysis of effects of determinants and moderators. Academy of Management Journal, 34(3), 555-590.

Davidsson, P., & Honig, B. (2003). The role of social and human capital among nascent entrepreneurs. Journal of Business Venturing, 18(3), 301-331.

Davis, E.G. (1969). A watchman for all seasons. CIA Center for the Study of Intelligence, 13(2), 37-43.

Dew, N., Velamuri, S.R., & Venkataraman, S. (2004). Dispersed knowledge and an entrepreneurial theory of the firm. Journal of Business Venturing, 19(5), 659-679.

101

Diffenbach, J. (1983). Corporate environmental analysis in larges US corporations. Long Range Planning, 16(3), 107-116.

Drucker, P.F. (1985). The discipline of innovation. Harvard Business Review, 63(3), 67-72.

Duchesneau, D.A., & Gartner, W.B. (1990). A profile of new venture success and failure in an emerging industry. Journal of Business Venturing, 5(5), 297-312.

Eckhardt, J.T., & Shane, S.A. (2003). Opportunities and entrepreneurship. Journal of Management, 29(3), 333-349.

Elliot School of International Affairs, The George Washington University. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/groups/86248/profile

Evans, N.D. (2015, August 26). How digital business disrupts the five forces of industry competition. Retrieved from: http://www.computerworld.com/article/2976572/emerging-technology/digital-disruption-from-the-perspective-of-porters-five-forces-framework.html

Ewing Marion Kauffman Foundation. (2015). The Kauffman index: Startup activity – national trends. Retrieved from: http://www.kauffman.org/~/media/kauffman_org/research%20reports%20and%20covers/2015/05/kauffman_index_startup_activity_national_trends_2015.pdf

Falkowitz, O. [Oren]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/orenjfalkowitz

Fielden, S.L., Davidson, M.J. and Makin, P.J. (2000). Barriers encountered during micro and small business start-up in north-west England. Journal of Small Business and Enterprise, 7(4), 295–304.

Fife, A. (2006, 3 July). Key lessons from Cryptine Network’s failure. Retrieved from: http://andrewbfife.blogspot.com/2006/07/key-lessons-from-cryptine-networks.html

Fife, A. [Andrew]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/andrewfife

Fleisher, C.S., & Bensoussan, B.E. (2003). Strategic and competitive analysis: Methods and techniques for analyzing business competition. Upper Saddle River, NJ: Pearson Education, Inc.

102

Frese, M., Krauss, S.I., Keith, N., Escher, S., Grabarkiewicz, R., Luneng, S.T., ... & Friedrich, C. (2007). Business owners' action planning and its relationship to business success in three African countries. Journal of Applied Psychology, 92(6), 1481.

Friar, J.H., & Meyer, M.H. (2003). Entrepreneurship and start-ups in the Boston region: Factors differentiating high-growth ventures from micro-ventures. Small Business Economics, 21(2), 145-152.

Gartner. (2014, August 22). Gartner says worldwide information security spending will grow almost 8 percent in 2014 as organizations become more threat-aware. Retrieved from: http://www.gartner.com/newsroom/id/2828722

Gartner. (2015, 7 October). Top 10 technology trends signal the digital mesh. Retrieved from: http://www.gartner.com/smarterwithgartner/top-ten-technology-trends-signal-the-digital-mesh/

Gartner, W.B. (1990). What are we talking about when we talk about entrepreneurship? Journal of Business Venturing, 5(1), 15-28.

Gibb, A.A., & Davies, L. (1992). Methodological problems in the development of a growth model of business enterprise. The Journal of Entrepreneurship, 1(1), 3-25.

Gil, E. (2011, March 15). How funding rounds differ: Seed, Series A, Series B, and C… Retrieved from: http://blog.eladgil.com/2011/03/how-funding-rounds-differ-seed-series.html

Gimeno, J., Folta, T.B., Cooper, A.C., & Woo, C.Y. (1997). Survival of the fittest? Entrepreneurial human capital and the persistence of underperforming firms. Administrative Science Quarterly, 41(4), 750-783.

Google Finance. (2016, 22 January). Palo Alto Networks, Inc. (NYSE:PANW). Retrieved from: https://www.google.com/finance?q=NYSE:PANW

Grabo, C. (2002). Anticipating surprise: Analysis for strategic warning. Washington, DC: Joint Military Intelligence College.

Graham, P. [paulg]. (2013, May 26). As of now, 37 YC cos have valuations of or sold for at least $40m. [Tweet]. Retrieved from: https://twitter.com/paulg/status/338805881972080641

Gray, J.H. (1998). Self-employment as a career option for redundant worker. Faculty of Business & Economics Working Paper 51/98. Victoria: Monash University.

103

Green, E., & Cohen, L. (1995). Women’s business: Are women entrepreneurs breaking new ground or simply balancing the demands of “women’s work” in a new way? Journal of Gender Studies, 4(3), 297-314.

Greenbank, P. (1999). The pricing decision in the micro-business: A study of accountants, builders, and printers. International Small Business Journal, 17(3), 60-73.

Greenfield, R. (2014, 6 May). Antivirus is dead. Meet the next generation of anti-hacker tools. Retrieved from: http://www.fastcompany.com/3030075/whos-next/antivirus-is-dead-meet-the-next-generation-of-anti-hacker-tools

Grinyer, P.H., & Norburn, D. (1977/1978). Planning for existing markets: An empirical study. International Studies in Management and Organization, 7, 99-122.

Groenewegen, G., & de Langen, F. (2012). Critical success factors of the survival of start-ups with a radical innovation. Journal of Applied Economics and Business Research, 2(3), 155-171.

Grundy, T. (2006). Rethinking and reinventing Michael Porter’s five forces model. Strategic Change, 15, 213-229.

Haber, S., & Reichel, A. (2005). Identifying performance measures of small ventures – the case of the tourism industry. Journal of Small Business Management, 43(3), 257-286.

Hackett, R. (2014, 10 December). Can three ex-NSA snoops stop the worst hacks before they start? Retrieved from: http://fortune.com/2014/12/10/area-1-security/

Hackmageddon. (2015, August). 2015 Cyber attacks timelines master index. Retrieved from: http://www.hackmageddon.com/2015-cyber-attacks-timeline-master-index/

Hall, G., & Fulshaw, S. (1993). Factors associated with the relative performance amongst small firms in the British instrumentation sector. In H. Klandt (Ed.) Entrepreneurship and business development. (pp. 227-237). Aldershot: Avebury.

Harada, N. (2003). Who succeeds as an entrepreneur? An analysis of the post-entry performance of new firms in Japan. Japan and the World Economy, 15(2), 211-222.

Headd, B. (2003). Redefining business success: Distinguishing between closure and failure. Small Business Economics, 21, 51-61.

104

Herring, J. (1996). Creating the intelligence system that produces analytical intelligence. In B. Gilad & J. Herring (Eds.), The art and science of business intelligence analysis. (pp. 53-81). Greenwich, CT: JAI Press.

Herron, L., & Robinson, Jr., R.B. (1993). A structural model of the effects of enterprise characteristics on venture performance. Journal of Business Venturing, 8(3), 281-294.

Hill, K. (2014, 10 September). The NSA gives birth to start-ups. Retrieved from: http://www.forbes.com/sites/kashmirhill/2014/09/10/the-nsa-gives-birth-to-start-ups/#12458f563e08

Hill, K., & Fox-Brewster, T. (2014, 29 September). Meet the ex-NSA and ex-Unit 8200 spies cashing in on security fears. Retrieved from: http://www.forbes.com/sites/kashmirhill/2014/09/10/meet-the-ex-nsa-and-ex-unit-8200-spies-cashing-in-on-security-fears/#44d34e67276e

Holmes, P., Hunt, A., & Stone, I. (2010). An analysis of new firm survival using a hazard function. Applied Economics, 42(2), 185-195.

Hunter, J.E. (1986). Cognitive ability, cognitive aptitudes, job knowledge, and job performance. Journal of Vocational Behavior, 29(3), 340-362.

ICSA Labs. (2014, 24 April). Network firewall certification report: Palo Alto Networks Next-Generation Firewalls Family. Retrieved from: https://www.icsalabs.com/sites/default/files/Palo_Alto_PA_Firewall_Report_20140424.pdf

Inderst, R., & Mueller, H.M. (2009). Early-stage financing and firm growth in new industries. Journal of Financial Economics, 93(2), 276-291.

Intel. (n.d.). A guide to the Internet of Things: How billions of online objects are making the web easier. Retrieved from: http://www.intel.com/content/www/us/en/internet-of-things/infographics/guide-to-iot.html#

Intelligence Reform and Terrorism Prevention Act of 2004, Pub. L. 108-458, 118 Stat. 3662, codified as amended at 50 USC § 403-4a.

Jackson, S.E., & Dutton, J.E. (1988). Discerning threats and opportunities. Administrative Science Quarterly, 33, 370-387.

105

Jennings, D.F., & Young, D.M. (1990). An empirical comparison between objective and subjective measures of the product innovation domain of corporate entrepreneurship. Entrepreneurship Theory and Practice, 15(1), 53-66.

Joint Military Intelligence College. (2001). Intelligence warning terminology. Retrieved from http://www.higginsctc.org/intelligence/intelwarnterminology.pdf

Joll, B. [Bill]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/billjoll

Kanter, R. (1986). Supporting innovation and venture development in established companies. Journal of Business Venturing, 1(1), 47-60.

Kelleher, D. (2015, 26 February). Cyber security survey: Fear of cybercrime up 66 percent in US. Retrieved from: http://www.gfi.com/blog/cyber-security-survey-fear-of-cybercrime-up-66-percent-in-us/

Kihlstrom, R.E., & Laffont, J.J. (1979). A general equilibrium entrepreneurial theory of firm formation based on risk aversion. The Journal of Political Economy, 87(4), 719-748.

Kim, P.H., Aldrich, H.E., & Keister, L.A. (2006). Access (not) denied: The impact of financial, human, and cultural capital on entrepreneurial entry in the United States. Small Business Economics, 27(1), 5-22.

King, G., Keohane, R., & Verba, S. (1994). Designing social inquiry: Scientific inference in qualitative research. Princeton, NJ: Princeton University Press.

Kirzner, I.M. (1979). Perception, opportunity and profit. Chicago, IL: University of Chicago.

Krebs, B. (2014, May 6). The Target breach, by the numbers. Retrieved from: http://krebsonsecurity.com/2014/05/the-target-breach-by-the-numbers/

Lafuente, E., & Rabetino, R. (2011). Human capital and growth in Romanian small firms. Journal of Small Business and Enterprise Development, 18(1), 74-96.

Lasch, F., Le Roy, F., & Yami, S. (2007). Emergence of high-tech ventures in France: How do regional, individual and organizational factors influence birth and sustainability of new firms? In J. Ulijn, D. Drillon, & F. Lasch (Eds.), Entrepreneurship, cooperation and the firm: The emergence and survival of high-technology ventures in Europe. (pp. 187-218). Northampton, MA: Edward Elgar Publishing, Inc.

106

Lemos, R. (2011, August 1). Investors search for IPO ‘unicorns’ among cyber-security startups. eWeek. Retrieved from: http://www.eweek.com/security/investors-search-for-ipo-unicorns-among-cyber-security-startups.html

Lenz, R., & Engledow, J. (1986). Environmental analysis: The applicability of current theory. Strategic Management Journal, 7, 329-346.

Littunen, H. (2000). Networks and local environmental characteristics in the survival of new firms. Small Business Economics, 15(1), 59-71.

Littunen, H., & Niitykangas, H. (2010). The rapid growth of young firms during various stages of entrepreneurship. Journal of Small Business and Enterprise Development, 17(1), 8-31.

Litvak, J.A., & Maule, C.J. (1980). Entrepreneurial success of failure – Ten years later. Government of Canada: Office of Industrial Innovation.

Low, M.B., & MacMillan, I.C. (1988). Entrepreneurship: Past research and future challenges. Journal of Management, 14(2), 139-161.

Lowenthal, M.M. (2002). Intelligence: From secrets to policy. Washington, DC: Congressional Quarterly Press.

Lussier, R.N., & Halabi, C.E. (2010). A three‐country comparison of the business success versus failure prediction model. Journal of Small Business Management, 48(3), 360-377.

Lussier, R. N., & Pfeifer, S. (2001). A cross-national prediction model for business success. Journal of Small Business Management, 39(3), 228-239.

Lyne, J. (2015). Security threat trends 2015: Predicting what cybersecurity will look like in 2015 and beyond. Retrieved from: https://www.sophos.com/en-us/threat-center/medialibrary/PDFs/other/sophos-trends-and-predictions-2015.pdf

Mao, Y. [Yuming]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/yuming-mao-8404984

Marlow, S., & Strange, A. (1994). Female entrepreneurs: Success by whose standards? In M. Tanton (Ed.). Women in management: A development presence. (pp. 172-184). London: Routledge.

107

Maidique, M.A. (1985). Key success factors in high-technology new ventures. In D.L. Sexton & R.W. Smilor (Eds.), The art and science of entrepreneurship. (pp. 169-180). Cambridge, MA: Ballinger.

Maidique, M.A., & Zirger, B.J. (1984). A study of success and failure in product innovation: The case of the US electronics industry. IEEE Transactions on Engineering Management, 31, 192-203.

Maidique, M.A., & Zirger, B.J. (1985). The new product learning cycle. Research Policy, 14, 299-313.

Mansfield, E., & Wagner, S. (1975). Organizational and strategic factors associated with probability of success in industrial R&D. Journal of Business, 48(2), 179-198.

MarketsandMarkets. (2015). Cyber security market worth $170.21 billion by 2020. Retrieved from: http://www.marketsandmarkets.com/PressReleases/cyber-security.asp

Marketwired. (2013, 17 May). ISC8 wins Innovation in Security and Assurance Award: Global cybersecurity leader recognized at 2013 Pipeline Innovation Awards. Retrieved from: http://www.marketwired.com/press-release/isc8-wins-innovation-in-security-and-assurance-award-otcbb-isci-1792437.htm

Marketwired. (2014, 25 March). ISC8 announces CEO succession. Retrieved from: http://www.marketwired.com/press-release/isc8-announces-ceo-succession-otcbb-isci-1892374.htm

Marketwired. (2015, 14 October). Area 1 Security announces $25.5 million of total funding led by Icon Ventures & Kleiner Perkins Caufield & Byers. Retrieved from: http://www.marketwired.com/press-release/area-1-security-announces-255-million-total-funding-led-icon-ventures-kleiner-perkins-2063706.htm

McClelland, D.C. (1961). The achieving society. Princeton, NJ: Van Nostrand.

Meyer, M.H., & Roberts, E.B. (1986). New product strategy in high technology firms: A pilot study. Management Science, 32, 806-821.

Morgan, S. (2015, July 9). Worldwide cybersecurity market continues its upward trend. Retrieved from: http://www.csoonline.com/article/2946017/security-leadership/worldwide-cybersecurity-market-sizing-and-projections.html

108

Mosey, S., & Wright, M. (2007). From human capital to social capital: A longitudinal study of technology‐based academic entrepreneurs. Entrepreneurship Theory and Practice, 31(6), 909-935.

Miettinen, M.R., & Littunen, H. (2013). Factors contributing to the success of startu-up firms using two-point or multiple-point scale models. Entrepreneurship Research Journal, 3(4), 449-481. doi:10.1515/erj-2012-0012

Miller, D. (1983). The correlates of entrepreneurship in three types of firms. Management Science, 29(7), 770-791.

Miller, D., & Friesen, P. (1977). Strategy making in context: Ten empirical archetypes. Journal of Management Studies, 14(3), 253-280.

Mitra, S. (2010, 3 October). 9.4M dollars in concept financing to 100M in bookings: Palo Alto Networks founder Nir Zuk. Retrieved from: http://www.sramanamitra.com/2010/09/27/9-4-million-concept-financing-to-100m-in-bookings-palo-alto-software-founder-nir-zuk-part-1/

Murphy, P. J. (2009). Entrepreneurship theory and the poverty of historicism. Journal of Management History, 15(2), 109-133.

Murphy, P.J., & Coombes, S.M. (2008). A model of social entrepreneurial discovery. Journal of Business Ethics, 87(3), 325-336.

Neider, L. (1987). A preliminary investigation of female entrepreneurs in Florida. Journal of Small Business Management, 25(3), 22.

Norman, D.R. (2001). How to identify credible sources on the web. Retrieved from: https://sites.google.com/site/daxrnorman2/analysis

Palo Alto Networks, Inc. (2012, 9 July). Amendment No. 3 to Form S-1. Retrieved from: http://www.sec.gov/Archives/edgar/data/1327567/000119312512296699/d318373ds1a.htm

Palo Alto Networks, Inc. (2015). 2015 annual report of Palo Alto Networks, Inc. Retrieved from: http://investors.paloaltonetworks.com/phoenix.zhtml?c=251350&p=irol-sec

PE Hub Network. (2010, 27 December). Irvine Sensors inks $11.4 million from investors. Retrieved from: https://www.pehub.com/2010/12/irvine-sensors-inks-114m-from-investors/

109

Perrin, A., & Duggan, M. (2015, 26 June). Americans’ internet access: 2000-2015. Retrieved from: http://www.pewinternet.org/2015/06/26/americans-internet-access-2000-2015/

Pew Research Center. (2015, 22 October). Three-in-ten US jobs are held by the self-employed and the workers they hire. Retrieved from: http://www.pewsocialtrends.org/2015/10/22/three-in-ten-u-s-jobs-are-held-by-the-self-employed-and-the-workers-they-hire/

Porter, M.E. (1979). How competitive forces shape strategy. Harvard Business Review, 137-145.

Porter, M.E. (1985). Competitive advantage: Creating and sustaining superior performance. New York, NY: Free Press.

Porter, M.E. (1996). What is strategy? Harvard Business Review, 61-78.

Porter, M.E. (2008). The five forces that shape strategy. Harvard Business Review, 1-18.

PR Newswire. (2005, 4 November). Helio Solutions acquires Cryptine Networks’ professional services. Retrieved from: http://www.prnewswire.com/news-releases/helio-solutions-acquires-cryptine-networks-professional-services-55369427.html

PR Newswire. (2011, 8 November). Irvine Sensors, now ISC8 unveils new logo and branding. Retrieved from: http://www.prnewswire.com/news-releases/irvine-sensors-now-isc8-unveils-new-logo-and-branding-133417893.html

PR Newswire. (2015, 9 January). Proposed Chapter 11 363 sale of innovative cyber security company ISC8 Inc. subject to overbid at auction. Retrieved from: http://www.prnewswire.com/news-releases/proposed-chapter-11-363-sale-of-innovative-cyber-security-company-isc8-inc-subject-to-overbid-at-auction-300018727.html

PricewaterhouseCooper. (2011, Novemeber). Cyber security M&A: Decoding deals in the global cyber security industry. Retrieved from: https://www.pwc.com/gx/en/aerospace-defence/pdf/cyber-security-mergers-acquisitions.pdf

Pricewaterhouse Cooper. (2015). US cybercrime: Rising risks, reduced readiness. Retrieved from: https://www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/2014-us-state-of-cybercrime.pdf

110

PrivCo. (2014). Palo Alto Networks VC/funding activity. Retrieved from PrivCo Subscription Database.

Pupsa, J., & Kühl, R. (2006). Building consumer’s trust through persuasive interpersonal communication in a saturated market: The role of market mavens. Prepared for presentation at the 99th EAAE Seminar, Bonn, Germany.

Randels, J. [Joy]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/joyrandels

Ray, D.M. (1993). Understanding the entrepreneur: Entrepreneurial attributes, experience and skills. Entrepreneurship & Regional Development, 5, 345-357.

Reilly, R.B. (2014, 5 May). Former NSA teammates launch Area 1 Security, snag $2.5 million. Retrieved from: http://venturebeat.com/2014/05/05/former-nsa-teammates-launch-area-1-security-snag-2-5-million/

Reuber, A.R., & Fischer, E.M. (1994). Entrepreneurs' experience, expertise, and the performance of technology-based firms. Engineering Management, IEEE Transactions on, 41(4), 365-374.

Reuber, A.R., & Fischer, E.M. (1999). Understanding the consequences of founders' experience. Journal of Small Business Management, 37(2), 30.

Reynolds, P., Bosma, N., Autio, E., Hunt, S., De Bono, N., Servais, I., … Chin, N. (2005). Global entrepreneurship monitor: Data collection design and implementation 1998–2003. Small Business Economics, 24(3), 205-231.

Riley, M., Elgin, B., Lawrence, D., & Matlack, C. (2014, March 13). Missed alarms and 40 million stolen credit card numbers: How Target blew it. Retrieved from: http://www.bloomberg.com/bw/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data#p1

Robinson, P. B., & Sexton, E. A. (1994). The effect of education and experience on self-employment success. Journal of Business Venturing, 9(2), 141-156.

Rockart, J.F. (1979, March-April). Chief executives define their own data needs. Harvard Business Review, 81-93.

Rollins, J.W. (2015 16 October). US-China cyber agreement. Retrieved from: https://www.fas.org/sgp/crs/row/IN10376.pdf

111

Rosenthal, R., & Rubin, D.B. (1982). A simple, general purpose display of magnitude of experimental effect. Journal of Educational Psychology, 74(2), 166-169.

Rosenzweig, P. (2015, 16 December). The Cybersecurity Act of 2015. Retrieved from: https://www.lawfareblog.com/cybersecurity-act-2015

Salomo, S., Weise, J., & Gemünden, H.G. (2007). NPD planning activities and innovation performance: the mediating role of process management and the moderating effect of product innovativeness. Journal of Product Innovation Management, 24(4), 285-302.

Schollhammer, H. (1982). Internal corporate entrepreneurship. Encyclopedia of Entrepreneurship, 209, 223.

Schumpeter, J.A. (1934). The theory of economic development: An inquiry into profits, capital, credit, interest, and the business cycle. Cambridge: Harvard University Press.

Schumpeter, J. A. (1942). Capitalism, Socialism, and Democracy. New York, NY: Harper & Brothers.

Schutjens, V.A., & Wever, E. (2000). Determinants of new firm success. Papers in Regional Science, 79(2), 135-159.

Shane, S.A. (2000). A general theory of entrepreneurship: The individual-opportunity nexus. Northampton, MA: Edward Elgar Publishing.

Shane, S., & Venkataraman, S. (2000). The promise of entrepreneurship as a field of research. Academy of Management Review, 25(1), 217-226.

Sharma, P., & Chrisman, J.J. (1999). Toward a reconciliation of the definitional issues in the field of corporate entrepreneurship. Entrepreneurship Theory and Practice, 23, 11-27.

Shepherd, D.A. (2003). Learning from business failure: Propositions of grief recovery for the self-employed. Academy of Management Review, 28(2), 318-328.

Singh, S. (2014, 12 May). The 10 social and tech trends that could shape the next decade. Retrieved from: http://www.forbes.com/sites/sarwantsingh/2014/05/12/the-top-10-mega-trends-of-the-decade/#77758bc7570a

112

Stanworth, J., & Gray, C. (1991). Bolton 20 years on: The small firm in the 1990s. London: Paul Chapman Publishing Ltd.

Statista. (2016a). Number of worldwide internet users from 2000 to 2015 (in millions). Retrieved from: http://www.statista.com/statistics/273018/number-of-internet-users-worldwide/

Statista. (2016b). Share of global B2C e-commerce sales in the United States from 2010 to 2016. Retrieved from: http://www.statista.com/statistics/243699/share-of-global-b2c-e-commerce-sales-in-the-united-states/

Stevens, D. [Dave]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/stevensdave

Stevenson, H.H., Grousbeck, H.I., Roberts, M.J., & Bhide, A. (1999). New business ventures & the entrepreneur (5th ed.). Boston, MA: McGraw-Hill

Storey, D.J., & Wynarczyk, P. (1996). The survival and non-survival of micro firms in the UK. Review of Industrial Organization, 11(2), 211-229.

Strategic and Competitive Intelligence Professionals. (2015). Competitive intelligence frequently asked questions. Retrieved from: https://www.scip.org/re_pdfs/1395928684_pdf_FrequentlyAskedQuestions.pdf

Stuart, R.W., & Abetti, P.A. (1987). Start-up ventures: Towards the prediction of initial success. Journal of Business Venturing, 2, 215-230.

Stuart, R.W., & Abetti, P.A. (1990). Impact of entrepreneurial and management experience on early performance. Journal of Business Venturing, 5(3), 151-162.

Stubbart, C. (1982). Are environmental scanning units effective? Long Range Planning, 15(3), 139-145.

Swanson, S., Astrich, C., & Robinson, M. (2012). Cyber threat indications & warning: predict, identify and counter. Small Wars Journal. Retrieved from: http://smallwarsjournal.com/jrnl/art/cyber-threat-indications-warning-predict-identify-and-counter

Syme, P. [Phil]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/philsyme

113

The Turnaround Letter. (2014, 23 September). ISC8 Chapter 11 petition filed. Retrieved from: http://www.turnaroundletter.com/blogs/15-bankruptcy-news/post/29282-isci-bankruptcy-court-documents

Thurston, P.H. (1986). When partners fall out. Harvard Business Review,64(6), 24.

Tushman, M.L., & Anderson, P. (1986). Technological discontinuities and organizational environments. Administrative Science Quarterly, 31(3), 439–465.

Underwood, N. [Nate]. (n.d.). Profile [LinkedIn]. Retrieved from: https://www.linkedin.com/in/nateunderwood

Unger, J.M., Rauch, A., Frese, M., & Rosenbusch, N. (2011). Human capital and entrepreneurial success: A meta-analytical review. Journal of Business Venturing, 26, 341-358.

US Bankruptcy Court, Central District of California. (2015, 8 January). Case 8:14-bk-15750-SC, Chapter 11, Form F-6004-2.NOTICE.SALE. Notice of sale of estate property. Retrieved from: http://www.cacb.uscourts.gov/sites/cacb/files/documents/notice-of-sales/SA14-15750SC.pdf

US Census Bureau. (2014). Business dynamics statistics: Establishments born during the last 12 months. Retrieved from: http://thedataweb.rm.census.gov/TheDataWeb_HotReport2/bds/bds.hrml?year=2013&fdata=estabs_entry&xaxis=1&size=m&fage4=m

US Census Bureau. (2015). Quick facts: United States. Retrieved from: http://www.census.gov/quickfacts/table/PST045215/00

US Department of Defense. (2010, November/2015, June). Joint publication 1-02: Department of Defense dictionary of military and associated terms. Retrieved from http://www.dtic.mil/doctrine/new_pubs/jp1_02.pdf

US Department of Defense. (2014, June). Terms & definitions of interest for counterintelligence professionals. Retrieved from: https://fas.org/irp/eprint/ci-glossary.pdf

US Department of Homeland Security. (2009). NICCS explore terms: A glossary of common cybersecurity terminology. Retrieved from: https://niccs.us-cert.gov/glossary#letter_c

114

US Small Business Administration. (2015). Small business profiles for the states and territories. Retrieved from: https://www.sba.gov/advocacy/small-business-profiles-states-and-territories-2014

Van der Sluis, J., Van Praag, M., & Van Witteloostuijn, A. (2007). Why are the returns to education higher for entrepreneurs than for employees? IZA Discussion Papers, 3058.

Van der Sluis, J., Van Praag, M., & Vijverberg, W. (2005). Entrepreneurship selection and performance: A meta-analysis of the impact of education in developing economies. The World Bank Economic Review, 19(2), 225-261.

Van Praag, C.M. (2003). Business survival and success of young small business owners. Small Business Economics, 21(1), 1-17.

Venkataraman, S. (1997). The distinctive domain of entrepreneurship research. Advances in Entrepreneurship, Firm Emergence and Growth, 3(1), 119-138.

Venkataraman, S., & Harting, T. (2005). Entrepreneurial opportunity. In: M. A. Hitt & R. D. Ireland (Eds), The Blackwell Encyclopedia of Management, Entrepreneurship, (2nd ed.) (pp. 100–103). Malden, MA: Blackwell Publishing.

Vranceanu, R. (2014). Corporate profit, entrepreneurship theory and business ethics. Business Ethics: A European Review, 23(1), 50-68.

Walker, E., & Brown, A. (2004). What success factors are important to small business owners? International Small Business Journal, 22(6), 577-594. doi:10.1177/0266242604047411

Warner, M. (2002). Wanted: A definition of “intelligence.” Studies in Intelligence: Journal of the American Intelligence Professional, 46(3), 15-22.

Watson, K., Hogarth-Scott, S., & Wilson, N. (1998). Small business start-ups: Success factors and support implications. International Journal of Entrepreneurial Behavior & Research, 4(3), 217-238.

Weiss, L.A. (1981). Start-up businesses: A comparison of performances. Sloan Management Review, 22, 37-53.

Werner, D. (2013, 22 April). Spotlight: Irvine Sensors Corp. Retrieved from: http://spacenews.com/34993spotlight-irvine-sensors-corp/

115

West, G.P., & Noel, T.W. (2009). The impact of knowledge resources on new venture performance. Journal of Small Business Management, 47(1), 1-22.

Westhead, P., Ucbasaran, D., & Wright, M. (2005). Decisions, Actions, and Performance: Do Novice, Serial, and Portfolio Entrepreneurs Differ? Journal of Small Business Management, 43(4), 393-417.

Wheaton, K.J., & Beerbower, M.T. (2006). Towards a new definition of intelligence. Stanford Law and Policy Review, 17, 319-330.

Wheelock, J., & Baines, S. (1998). Dependency or self-reliance? The contradictory case of work in UK small business families. Journal of Family and Economic Issues, 19(1), 53-73.

Wilson, B. (2015, 13 January). 2015: The year of the security startup – or letdown. Retrieved from: http://www.darkreading.com/vulnerabilities---threats/vulnerability-management/2015-the-year-of-the-security-startup-andndash-or-letdown/a/d-id/1318584

Yusuf, A. (1995). Critical success factors for small business: Perceptions of south Pacific entrepreneurs. Journal of Small Business Management, 33(2), 68-73.

Zacharakis, A.L., & Meyer, G.D. (2000). The potential of actuarial decision models: Can they improve the venture capital investment decision?. Journal of Business Venturing, 15(4), 323-346.

Zolin, R., Kuckertz, A., & Kautonen, T. (2011). Human resource flexibility and strong ties in entrepreneurial teams. Journal of Business Research, 64(10), 1097-1103.

116

APPENDICES

Appendix A

Norman’s (2001) Trust Scale and Web Site Evaluation Worksheet

Score: Trust Scale:

Criteria Tips Value Enter Y or N 0

60.9-46.75 High

Content can be  

corroborated?

Check some  of the  s i te's  

facts

5.17

46.74-35.06 Moderate

Recommended by subject 

matter expert?

Doctor, biologis t, country 

expert

4.94

35.05-7.47 Low

Author i s  reputable? Google  for opinions , ask 

others

4.64

7.46-0 Not Credible

You perceive  s i te  as  

accurate?

Check with other 

sources ; check 

affi l ia tions 4.56

Information was  reviewed 

by an editor or peers?

Science  journa ls , 

newspapers

4.52

Author i s  associated with 

a  reputable  org?

Google  for opinions , ask 

others .

4.42

Publ i sher i s  reputable? Google  for opinions , ask 

others .4.02

Authors  and sources  

identi fied?

Trustworthy sources  

want to be  known 3.78

You perceive  s i te  as  

current?

Last update?3.78

Severa l  other Web s i tes  

l ink to this  one?

Si tes  only l ink to other 

s i tes  they trust3.68

Recommended by a  

genera l i s t?

Librarian, researcher3.65

Recommended by an 

independent subject 

guide?

A travel  journa l  may 

suggest s i tes

3.56

Domain includes   a  

trademark name?

Trademark owners  

protect their marks 3.45

Site's  bias  in clear? Bias  i s  OK i f not hidden3.06

Site  has  profess iona l  

look?

It should look l i ke  

someone  cares 2.86

Total 60.09 0

19 Dec 2001: The criteria and weighted values are based on a survey input from 66 analysts. For 

details see: http://daxrnorman.googlepages.com/analysis

3 Feb 2012: Excel Spreadsheet which adds auto‐sum was produced  by Bill Welch, Deputy Director, 

Center for Intelligence Research Analysis and Training, Mercyhurst College.

26 Jan 2013: Trust Scale and Web Site Evaluation Worksheet is in the  PUBLIC DOMAIN . 

Enter URL:

117

Appendix B

Competitive Indicators and Warning Analysis Template

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) 0$1 million or greater (1) 0

Equity Share50% or more (1) 0

Investor Financing (2) 0Firm Attributes (4 possible points )

Organized business plan (1) 0Innovative product (1) 0Team founding (2) 0

If team fractures (-2) 0Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) 0Previous industrial work experience (1) 0Previous management experience (1) 0Education

Bachelor's degree or above (1) 0Relevent social network (1) 0

Funding 0Firm 0Founder 0

Total Score 0 /15

Indications & Warning Analysis - Startups

118

Appendix C

Comparison of Indicators of Success: Palo Alto Networks, ISC8, and Cryptine Networks.

Indicators of Success

Evidence and Date of Indicator

Palo Alto

Networks ISC8, Inc.

Cryptine

Networks

Fu

nd

ing

Seed Capital up to $1M Yes

May 2005

Yes

Dec. 2010

Yes

Nov. 2005

Seed Capital Greater than

$1M No

Yes

Dec. 2010 No

Equity Share Greater than

50% No No No

Investor Financing Yes

January 2006

Yes

Nov. 2013 No

Fir

m

Organized Business Plan Yes

August 2007 No No

Innovative Product Yes

August 2007

Yes

May 2013 No

Team Founding Yes

February 2005

Yes

Nov. 2011

Yes

January 2002

Founding Team Fracture No Yes

March 2013

Yes

Nov. 2005

Fou

nd

er

Previous Entrepreneurial

Experience

Yes

January 2000 No No

Previous Industrial Work

Experience

Yes

January 1990

Yes

January 2006

Yes

August 1999

Previous Management

Experience

Yes

February 2004

Yes

June 1982

Yes

April 2001

Bachelor’s Degree or Above Yes

May 1995

Yes

May 1961

Yes

May 2001

Relevant Social Network Yes

March 2005

Yes

October 2009 No

119

Appendix D

Palo Alto Networks – Competitive Indicators and Warning analysis

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) yes May-05 1$1 million or greater (1) no 0

Equity Share50% or more (1) no 0

Investor Financing (2) yes Jan-06 2Firm Attributes (4 possible points )

Organized business plan (1) yes Aug-07 1Innovative product (1) yes Aug-07 1Team founding (2) yes Feb-05 2

If team fractures (-2) no 0Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) yes Jan-00 2Previous industrial work experience (1) yes Jan-90 1Previous management experience (1) yes Feb-04 1Education

Bachelor's degree or above (1) yes May-95 1Relevent social network (1) yes Mar-05 1

Funding 3Firm 4Founder 6

Total Score 13 /15

Indications & Warning Analysis - Startups

Palo Alto Networks

120

Palo Alto Networks – Decision Stairway

121

Appendix E

ISC8, Inc. – Competitive Indicators and Warning analysis

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) yes Dec-10 1$1 million or greater (1) yes Dec-10 1

Equity Share50% or more (1) no 0

Investor Financing (2) yes Nov-13 2Firm Attributes (4 possible points )

Organized business plan (1) no 0Innovative product (1) yes May-13 1Team founding (2) yes Nov-11 2

If team fractures (-2) yes Mar-13 -2Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) no 0Previous industrial work experience (1) yes Jan-06 1Previous management experience (1) yes Jun-82 1Education

Bachelor's degree or above (1) yes May-61 1Relevent social network (1) yes Oct-09 1

Funding 4Firm 1Founder 4

Total Score 9 /15

Indications & Warning Analysis - Startups

ISC8, Inc.

122

ISC8, Inc. – Decision Stairway

123

Appendix F

Cryptine Networks – Competitive Indicators and Warning analysis

Firm:

Indicators Yes/No Date Score

Funding Attributes (5 possible points )Seed Capital

Up to $1 million (1) yes Nov-05 1$1 million or greater (1) no 0

Equity Share50% or more (1) no 0

Investor Financing (2) no - 0Firm Attributes (4 possible points )

Organized business plan (1) no - 0Innovative product (1) no - 0Team founding (2) yes Jan-02 2

If team fractures (-2) yes Nov-05 -2Founder Attributes (6 possible points )

Previous entrepreneurial experience (2) no - 0Previous industrial work experience (1) yes Aug-99 1Previous management experience (1) yes Apr-01 1Education

Bachelor's degree or above (1) yes May-01 1Relevent social network (1) no 0

Funding 1Firm 0Founder 3

Total Score 4 /15

Indications & Warning Analysis - Startups

Cryptine Networks

124

Cryptine Networks – Decision Stairway