Image from http://www.mondaysunday.eu/sinekstartwithwhy
“Every single person, every single organization on the planet knows what they do, 100 percent. Some know how they do it, whether you call it your differentiated value proposition or your proprietary process or your USP. But very, very few people or organizations know why they do what they do. And by “why” I don’t mean “to make a profit.” That’s a result. It’s always a result. By “why,” I mean: What’s your purpose? What’s your cause? What’s your belief? Why does your organization exist? Why do you get out of bed in the morning? And why should anyone care? Well, as a result, the way we think, the way we act, the way we communicate is from the outside in. It’s obvious. We go from the clearest thing to the fuzziest thing. But the inspired leaders and the inspired organizations – regardless of their size, regardless of their industry – all think, act and communicate from the inside out.”
Coming up with the three messages we wanted to deliver took time and wasn’t always easy. First we had to come up with the ideas themselves. Our what was the easiest part, since we already knew we did application assessments, code remediation, and other services to help organizations build secure applications. However, coming up with our how and why wasn’t so simple. Ideas such as Passion for Code, Efficiency, Staying Ahead of the Curve, and Engaging Teams were all bounced around. It was difficult determining just three concise statements that we could all agree define our company’s mission.
However, it had to be done and after three long months discussing our golden circle, we finally had our answers! The following are our why, how, and what statements, which can also be found on our About page.
Why do we do what we do? We believe that every step forward requires trust. How do we do it? We help our clients build trust by continuously integrating security within their development processes. We are developers first; our passion for code drives our team’s approach to application security. What do we do? We are your partner in building secure applications.
During our discussions, we realized that our underlying goal has always been to form trusted relationships with our clients. By continuously integrating security in their development process, this relationship grows over time. In addition, we are unique in our company’s emphasis on development. Our drive and passion for code aligns our goals with developers who want to better secure their applications. Through this process we become their partner in building secure applications, enabling them to form trusted relationships with their clients as well.
Now that we’ve determined who we are and why we do what we do, we can begin delivering this message through our marketing. The first step is to strengthen these ideas within the company itself. For instance, the employee handbook that all new employees get will explain our why, how, and what so that they understand our mission from Day One. In addition, we will create a list of company core values that incorporate these ideas in them, such as Develop Trust, Hack Often, and Give Back. The golden circle and core values will help our team members stay in synch with each other, whether they’re talking at a conference or working on an assessment or side project.
Moreover, this new golden circle will influence our online marketing. Currently we are redesigning our website, so this message will be incorporated throughout the new site. For instance, our value proposition will encompass these new ideas and our new About page will highlight our message in better detail. In addition, we will express these ideas through our social media, such as by engaging our followers and creating online conversation about trending topics.
Lastly, but most importantly, our why, how, and what will influence the way we approach our clients. With these values, we will stay grounded in growing our relationships with clients when doing business with them. This will be a key focus point when working with others, ensuring that they get more out of our services beyond just any quick penetration test.
While the ideas of building trust and growing relationships have always been important to us, having them written down allows us to better express ourselves and stay grounded in our purpose. Over time, we hope these goals will help us expand our network in the application security and developer community.