PVML’s Approach to Positioning: How to Challenge Your Category’s Fundamental Assumption

PVML’s Approach to Positioning: How to Challenge Your Category’s Fundamental Assumption

Every mature category operates on an unspoken assumption—a foundational belief so deeply embedded that competitors spend all their energy arguing about implementation details while accepting the underlying premise as gospel. In data security, that assumption was simple: protection requires restriction. If you want to keep data safe, you hide it, mask it, encrypt it, or remove it entirely.

In a recent episode of Category Visionaries, Rina Galperin, CTO and Co-Founder of PVML, a data access platform that’s raised $8 million, shared how challenging this fundamental assumption became their entire positioning strategy—and why most companies miss the opportunity to do the same.

The Category’s Invisible Foundation

When PVML entered the data access market, every competitor agreed on the basic equation: more security meant less utility. Want to protect student data? You can’t run detailed analytics. Need to comply with GDPR? Remove personally identifiable information and accept the analytical limitations. Facing potential data breaches? Lock everything down and sacrifice insights.

“Security solutions are typically based on restrictions,” Rina explains. The entire category—anonymization, masking, encryption—operated on this principle. “Basically, let me hide or remove your data because I don’t want to risk a data breach.”

This wasn’t malicious or shortsighted. It was logical given available technology. For decades, the only way to guarantee data safety was to limit access to it. The assumption became so deeply embedded that vendors competed on how well they restricted data, not whether restriction was the right approach at all.

This created a strange market dynamic. Buyers knew they needed data security, but they also resented it. Security meant saying no to analysts, limiting business intelligence capabilities, and creating friction between compliance and innovation. Every security purchase came with an implicit trade-off: safety for insight.

The Oxymoron Position

PVML’s positioning challenged the entire paradigm. Using differential privacy—a technology that provides mathematically provable privacy guarantees while preserving analytical utility—they could offer something the category assumed was impossible: protection and enablement simultaneously.

“We’re definitely like an oxymoron because of the security and enablement combination,” Rina notes. “We’re the first solution to use differential privacy to both protect companies and enable them to unlock the full potential of their sensitive data at the same time.”

This positioning works precisely because it sounds impossible under the old assumption. If you believe security requires restriction, then “security and enablement” sounds contradictory. But that contradiction is the point—it forces prospects to reconsider their foundational assumption about how data protection works.

The key phrase in Rina’s positioning is “enabling instead of limiting.” This isn’t about being better at restriction—it’s about operating from a completely different premise. “I would say it’s data access, but it’s enabling instead of limiting.”

Why Most Companies Miss This Opportunity

Every category has assumptions ripe for challenge, yet most companies position themselves as incrementally better versions of existing solutions. They argue about features, pricing, or implementation ease while accepting the category’s fundamental premises.

The reason is straightforward: challenging foundational assumptions requires genuinely different technology or approaches. You can’t just claim your data security solution enables instead of restricts if you’re using the same anonymization techniques as everyone else.

PVML could make their positioning claim because differential privacy actually works differently. “Our unique data protection technology. So the first technology that actually helps unlock more data for analysis without altering it and without risking it.”

Most companies don’t have this technological edge, so they default to positioning around execution: faster implementation, better user interface, more integrations, lower price. These are legitimate differentiators, but they’re incremental. They don’t force prospects to reconsider their foundational understanding of the category.

The Market Education Challenge

Challenging category assumptions creates a market education problem. When you tell prospects that data security can enable rather than restrict, you’re not just explaining your product—you’re challenging everything they believe about how data protection works.

PVML recognized this challenge upfront. Their go-to-market strategy explicitly accounts for the need to educate the market on differential privacy. Most buyers have never heard of it. Those who have often don’t understand how it maintains privacy while preserving analytical utility.

This is why PVML made a strategic decision about where to do this education. Rather than trying to educate the entire cybersecurity market, they focused on specific verticals showing strong traction: fintech, mobility, healthcare. “We do try to look for clients not specifically in, I mean, you mentioned events and not specifically in cyber events, but maybe branch out more to domain specific events that we’re seeing traction specifically in fintech, mobility, healthcare.”

At a cybersecurity conference, PVML is one of hundreds of vendors making bold claims. At a fintech conference, they’re the data security solution that actually understands fintech’s specific challenge: needing to analyze sensitive financial data without risking breaches or regulatory violations.

The Framework for Finding Your Category’s Assumption

PVML’s positioning suggests a framework any company can use to identify challengeable assumptions in their category:

Step 1: Identify the universal trade-off What do buyers assume they must sacrifice when they buy solutions in your category? For data security, it was utility. For other categories, it might be speed versus quality, cost versus features, ease of use versus power.

Step 2: Trace it to the technological constraint Why does this trade-off exist? Usually, it’s because available technology forced the choice. Data security required restriction because anonymization and encryption were the only tools available.

Step 3: Find the new capability Do you have technology, methodology, or approach that eliminates the constraint creating the trade-off? If yes, you can challenge the assumption. If no, you’re positioning incrementally.

Step 4: Articulate the impossibility Your positioning should sound almost contradictory to category insiders. “Security and enablement” sounds like an oxymoron in data access, which is exactly why it works.

Step 5: Prepare for education Challenging assumptions means explaining why the impossible is now possible. Plan for this education burden and target audiences most acutely feeling the pain of the old trade-off.

When Challenging Assumptions Backfires

Not every assumption should be challenged. Some are foundational for good reason. The key is having genuine technological or methodological differences that make the impossible possible.

If you claim to challenge category assumptions without this foundation, you’re just making empty promises. Buyers are sophisticated—they’ll see through positioning that isn’t backed by fundamental capability differences.

PVML can claim to enable instead of restrict because differential privacy actually works. It provides mathematical privacy guarantees while preserving analytical utility. The technology validates the positioning.

The Competitive Moat of Challenged Assumptions

When you successfully challenge a category’s fundamental assumption, you create a unique competitive position. Competitors can’t easily respond because they’re constrained by the same technological limitations that created the original assumption.

Existing data security vendors can’t suddenly pivot to “enablement instead of restriction” without rebuilding their technology stack around differential privacy or similar approaches. They’ve built entire companies around the restriction paradigm—product roadmaps, sales messaging, customer success processes.

This creates what Rina describes as PVML’s unique market position: “We’re definitely changing it. So up until now, data access included security and privacy solutions that aim to restrict and limit users, which makes sense because existing data protection solutions are not technological.”

The Lesson for Category Creation

For founders attempting category creation or redefinition, PVML’s approach offers a clearer path than abstract positioning exercises. Don’t brainstorm clever category names or messaging frameworks. Instead:

Identify the foundational assumption everyone in your space accepts without question. Find the technological or methodological capability that breaks the constraint creating that assumption. Position directly against the assumption, even if it sounds contradictory. Prepare to educate, and target audiences most frustrated by the old trade-off.

The best category positioning doesn’t just claim to be better. It forces prospects to reconsider their fundamental understanding of what’s possible in your category. That’s what transforms positioning from marketing copy into genuine market differentiation. A positioning framework for B2B founders attempting category creation.