IriusRisk’s Journey from Y2K to AI: How Market Evolution Shapes Product Strategy
Few technology evolutions better illustrate the transformation of enterprise software than the journey from Y2K to AI. In a recent episode of Category Visionaries, IriusRisk CEO Stephen de Vries shared how his experience fixing Y2K bugs in the late 1990s provided crucial insights into how market needs shape product strategy.
The Y2K Perspective
“Imagine how scared everyone is right now, that AI is going to steal your jobs and the world’s going to collapse. Y2K was like that, but for everything else,” Stephen explains. This early experience fixing date calculations in banking software provided a crucial lesson: technical problems often mask deeper business challenges.
The Rise of Network Security
As companies began connecting to the internet, security needs evolved rapidly. “Linux was just becoming a thing back then and I was extremely intrigued by how it worked,” Stephen recalls. “When you did that, you needed to install this thing called a firewall to protect you from the big bad world out there on the Internet where people were going to attack you.”
The Application Security Shift
A more fundamental shift occurred as companies moved from protecting infrastructure to securing applications. “Companies were still sending us IP addresses, but increasingly they were sending us URLs,” Stephen notes. “They said, yeah, I don’t care about my infrastructure, I’ve got that protected…But we’ve written this unique application. It’s now live on the Internet. What are the security problems in this application?”
Expanding Beyond Web Applications
IriusRisk’s product strategy evolved to match expanding enterprise needs. “When we started off, went for let’s allow people to build middle of the road software applications, which at that time was web applications and mobile applications, and that was kind of it,” Stephen explains.
The market demanded more: “Over time, we’ve been expanding that knowledge base and following the market, and the market needs the big changes that we’ve added there have been cloud.”
The Device Security Imperative
Regulatory requirements drove further evolution. “Currently, the FDA will not license medical devices in the US unless they’re accompanied by a threat model,” Stephen notes. This led to expanding their capabilities: “We’ve added a lot of content that’s very kind of device specific…protocols like a Bluetooth and maybe even older technologies like rs two three two ports and rs four eight five and can bus.”
The AI and Low-Code Future
Looking ahead, Stephen sees another fundamental shift: “The act of writing little bits of code, little units of computation, microservices, functions, all of those things are going to become commoditized. What’s going to become less commoditized and where the interesting problem space is, how do I connect all that stuff?”
This vision shapes their current product strategy: “Where we are going to be in three to five years is to be able to automatically analyze a lot of architecture, regardless of how you’ve deployed it.”
The results of this adaptive strategy speak for themselves. IriusRisk has maintained “112% growth, and the year before that, were at about 104%. So 85 was a slower year for us.”
For B2B founders, IriusRisk’s journey offers crucial lessons in product evolution:
- Watch for fundamental shifts in how customers describe their problems
- Let regulatory changes guide product expansion
- Build for where the market is going, not just where it is
- Focus on the problems that aren’t being commoditized
As Stephen notes, “this is the right time to be in the software security industry.” The key is ensuring your product strategy evolves with market needs.
Twitter
facebook
linkedin