How I Started A $45K/Month Cybersecurity Consulting Firm For Startups

Taylor Hersom

•

Published: October 11th, 2020

save

Taylor Hersom

Founder, Eden Data

$230K

revenue/mo

Founders

Employees

Eden Data

edendata.co

from Austin

started March 2020

$230,000

revenue/mo

Founders

Employees

Discover what tools Taylor recommends to grow your business!

G Suite

productivity tool-icon

Google Suite tool-icon

Slack

other

Typeform

Discover what books Taylor recommends to grow your business!

📗

Principles: Life and Work Ray Dalio

Want more updates on Eden Data? Check out these stories:

1. Eden Data Update: How We Grew Our Team From 4 To 20 Staff (2022) ➜

Hello! Who are you and what business did you start?

Hey there! My name is Taylor Hersom and I am the founder of Eden Data. Eden Data is a cybersecurity consulting firm focused on helping startups build better security as they grow.

Our main service offering is our Virtual CISO subscription, which allows companies to outsource their cybersecurity and compliance needs for a flat, monthly cost. We are pretty non-traditional from other professional services firms in that we don’t charge by the hour, don’t demand long-term commitments, and our prices are lower than the cost of bringing in a cyber professional full time or hiring a firm on a project basis.

Since starting the company in March of 2020, we have scaled to four team members and an MRR of $45k, all through remote services and nearly no startup costs.

how-i-started-a-40k-month-cybersecurity-consulting-firm-for-startups

What's your backstory and how did you come up with the idea?

In terms of my background, I started my career at Deloitte as an IT Auditor and cybersecurity professional. It was such an incredible experience for me at a young age to be exposed to so many different clients and IT environments. Deloitte also made a significant investment in my training and development, which allowed me to develop myself professionally at a much faster pace.

In 2018, I received a really cool opportunity to become the Chief Information Security Officer (CISO) at an Austin-based consulting firm. Admittedly, at 28 years old, this was a ‘trial by fire’ experience for me, as there were many aspects of being a C-Suite that I hadn’t learned yet. However, I soon was allowed to build my department in my own vision, so I began working on building professional services offering to offer to clients rather than just focus on my employer’s internal security.

This is where the inspiration for the virtual CISO role came into play: we began offering the ability for our clients to hire me as their outsourced CISO so that they could get the cybersecurity help that they needed without the ridiculously expensive price tag of hiring a CISO (average salary in the US was $204K at the time). I quickly realized as I interacted with these clients and prospects that cybersecurity was a very real problem in the SMB market.

As I was building out this practice, it became clear that I was putting in all the effort and brainpower on something that I didn’t have ultimate control over, since I didn’t have ownership. I started hitting roadblocks where management didn’t agree with the direction I wanted to take the vCISO offering, which ended up being a blessing in disguise for me, as it served as my validation that I needed to just build something on my own. What’s more, I was becoming so frustrated by how detrimental cybersecurity vulnerabilities were becoming to organizations. I felt like the traditional firms were not giving companies the warm, fuzzy feeling that they needed in order to take that leap of faith and invest in security, which in turn exposed these businesses needlessly.

At the end of February 2020, I decided to resign as a CISO and start my own consulting firm. Due to the fact that consulting is largely based on experience, I had pretty much everything I needed to break away and hit the ground running! The main challenge would be building a service that was truly different than what others were offering.

Describe the process of launching the business.

The first week that I started Eden Data was the first week of March when COVID-19 began ramping up. I was facing a pandemic and so all the money I had planned to put towards building the company had to instead go towards planning for an uncertain future. However, it challenged me to think outside the box. As such, I started landing clients by applying for jobs on UpWork of all places. This was what got me deep insight and exposure to startups specifically, and it allowed me to connect with some really cool companies that I otherwise would have never crossed paths with.

Stop thinking about your next destination as your final destination! Start a side hustle, such as consulting on UpWork, and set that cash aside for building a prototype of your product idea.

Once I got a few clients under my belt, I began toying with my pricing by giving UpWork clients the option to transition to a ‘subscription’ model I had devised, where I covered their security needs in exchange for one flat monthly price. We didn’t bother with tracking every meeting, every email, every hour worked, and it ended up being a lot more effective for both parties than I could have envisioned.

This model, coupled with my connection to some great clients via UpWork, began a snowball effect of referrals and new network contacts that allowed Eden Data to expand from UpWork. At that point, I worked really hard to build our intellectual property in the form of playbooks, best practices, deliverable templates, etc. in order to further differentiate the firm. I was (and still am) terrified of being like every other consulting firm and so a good portion of my efforts went into modeling new workflows and using my clients as guinea pigs! I think this is one of the coolest things about working with other entrepreneurs in that they are so extremely supportive of innovation and new ideas, even when they are your paying client!

The beauty of this business model is that there was very little investment required to start and maintain momentum. I invested in a website, some basic productivity tools, and an email domain to start. Once Eden Data started landing clients, I began investing in better SaaS tools that increased productivity for myself and/or created a better experience for the client.

Although Eden Data launched in March 2020, we already have had over 20 clients. We landed multiple clients during our first two weeks in business and then maintained a cadence of about 1 client per week. In terms of lessons learned, I really wish I had had more faith in my pricing model much earlier, as it caused me to take on clients at a heavy discount and caused us to waste months doing ad-hoc projects instead of having those clients on the long term subscription model. However, it was such a valuable lesson early on and I wouldn’t trade the experience for anything!

Since launch, what has worked to attract and retain customers?

Once Eden Data grew out of UpWork, I pivoted to leveraging my network for warm leads. I was very fortunate to have come from a prominent consulting firm and from a prominent master agent community, which connected me with so many great people that had seemingly endless connections to startups looking to enhance their security posture.

In addition to leveraging my network, I got really involved with entrepreneur communities, started blogging, and began accepting invites to various podcasts and webinars. These actions also drummed up business for the firm and gave me fantastic ideas for more non-traditional sales channels to leverage in the future. For starters, LinkedIn is an amazing platform to connect with business leaders and simply connect with them so that they see what I or my firm are doing. I also get a TON of value from my subscription to The Hustle Trends, which is a paid newsletter and an amazing Facebook group of entrepreneurs. I’ve organically landed a couple of clients from that group simply by interacting and sharing my experience!

Admittedly, because Eden Data is so new, I have put zero dollars into sales and have moved methodically on gaining new clients. Each of the virtual CISO’s that I’ve hired can only take on so many clients each, and so I have to be meticulous in how quickly we onboard new clients. This is obviously a problem because it limits growth potential and it is something that I’ve been obsessing over recently.

How are you doing today and what does the future look like?

I’m so fortunate to have started a company that stayed relevant during such an awful world event and am happy to say that the firm is thriving. I’ve brought on three security professionals that have absolutely been pivotal in the success of this firm. I have multiple security professionals in the docket ready to onboard and take on clients. We have 11 active clients with 4 more in various stages of onboarding and have served 23 clients total.

In terms of profitability, the firm is profitable and generating about $45K MRR as of September 2020. In terms of cost, we have very little outside of paying our employees. We took on a radically different approach than other consulting firms in that we automated or outsourced as many of our operational processes as possible. HR, Payroll, and Accounting are all streamlined via SaaS applications and are just insanely affordable.

We plan on investing more heavily in marketing and sales in the coming months, so our costs will see an uptick of $3-5K monthly.

Through starting the business, have you learned anything particularly helpful or advantageous?

Oh my goodness, where do I start? The amount of experience I’ve learned from starting Eden Data is absolutely priceless. I think one of the most valuable things I learned was that you do NOT have to have things figured out, you just simply have to start. It is so easy to put things off and say that the success of others is dependent on their intelligence, or their upbringing, or a million other things. But in reality, most successful business owners simply have an idea that they are passionate about enough to pursue.

I’ve been a wantrepreneur for my entire adult years, but the only thing that is different about Eden Data is that I actually started it rather than thought about it. I can’t tell you how many times I’ve had to Google things or watch Youtube videos or call a mentor in order to figure out how to move forward.

I will be the first to admit that certain factors helped me, including the fact that cybersecurity is its own pandemic in a post-COVID world. I will also say that there were clients who we took on that I should have never signed, as it was clear early on that they were going to be more trouble than the contract was worth.

However, this also taught me an extremely valuable lesson: your network is absolutely everything! This doesn’t just mean the people that you already know, but also the people that you impact and interact with after starting your company. I’ve had clients who were difficult to deal with but then became long-term clients and introduced me to other prospects. I cannot stress this enough: treat respectfully every single person you interact with and ensure that you have a relationship with them that is strong enough for them to think of you when they are needing a service you offer or has a friend/colleague that does.

What platform/tools do you use for your business?

Being a consulting firm, this might be a lame response for some of the more technical founders. At Eden Data, we leverage all SaaS applications to optimizing our business internally (operationally) and externally (with our clients).

We leverage G-Suite for our email and file storage needs.

We use Nifty for our Project Management functions.

We have adopted Typeform for keeping our client interactions organized and in written form.

We use Slack as our preferred communication tool.

Other than that, we leverage tools from our clients and therefore have to be pretty agile in regards to the tools we use.

What have been the most influential books, podcasts, or other resources?

I could make this paragraph a mile long, but will stick to the upper echelon of resources that have changed my life:

Principles by Ray Dalio completely changed my perspective on what it means to be a leader. Ray Dalio looks at leadership completely differently than anyone I have ever been exposed to, and his beliefs are exemplified through the success of his firm, Bridgewater.

Love is the Killer App by Tim Sanders is one of those sleeper books that not many folks know about, but HOLY CRAP it changed my life. In a nutshell, it taught me to share my network (the people I know), my knowledge, and my compassion with everyone that I interact with. More importantly, it taught me to share these things without expecting anything in return!

In terms of podcasts, I am picky as heck, so I promise these are good:

The Tim Ferriss Show: there is literally no better podcast to break down how world-class leaders think.

My First Million: Sam and Shaan just rap for an hour about the craziest business ideas, and it is a high-octane boost of motivation for an entrepreneur.

Advice for other entrepreneurs who want to get started or are just starting?

I realize that the same advice is given over and over again, so I try not to repeat the titans. I think the number one tip I can share is that the best thing you can do for yourself is to expand your network. No matter where you are in life, knowing people and being respected by people will bring you the most benefit.

I realize we live in a day and age where the news makes it seem like we are living through end times where everyone hates each other, but the reality is that most humans are fantastic individuals that want to help others. You can skip a few rungs on the ladder to success simply by knowing the right people, but this doesn’t happen magically: you’ve got to go out of your way to surround yourself with people that can teach you something, and you do everything you can to bring value to those people in return.

For example, I offered my time and advice on cybersecurity best practices to every contact that I could, from business leaders to board members or even college faculty. I treat every interaction as a way to expand my network, NOT to make money or earn some intrinsic benefit.

I think the other big piece of advice is to understand that most successful business leaders have no idea what they are doing. However, they have the drive to actually do something and are resilient enough to either learn the things they don’t know or leverage their network to substitute what they don’t know themselves. If you’re working a job that makes you miserable or you have a lack of direction, start by identifying what skill(s) you have that makes you unique from the general population.

Think about what responsibilities you have in your current job that you’ve been conducting for years, and figure out how you could consult other businesses to leverage what you know. Maybe you want to build a product but don’t have the funds: stop thinking about your next destination as your final destination! Start a side hustle, such as consulting on UpWork, and set that cash aside for building a prototype of your product idea. You are not stuck on one path, or in one job, or with one purpose.

Are you looking to hire for certain positions right now?

I’m always looking for security professionals that are tired of working for corporate conglomerates and want to be a part of the next generation of consulting firms. I’m also looking for a marketing guru that can help take our company to the next level!

Where can we go to learn more?

If you have any questions or comments, drop a comment below!