Bootstrapped startups and the shit I learn in therapy

A year ago I wrote down my vision for Krit for the first time. I asked myself 6 questions.

Last week we held our annual team retreat (virtually), and I asked these questions again:

  • What can we realistically become the best in the world at?
  • What do we actually give a shit about?
  • What factors aren't going to change in the next 20 years?
  • What does enough look like for us?
  • What can we do differently to get to 10x without growing 10x in headcount?
  • What will we most regret not doing if we're looking back at age 80?

In the past year, a lot has changed. There’s that whole global pandemic thing, but a lot has changed within Krit as well.

We still give a shit about the same core principles, and our idea of enough is largely the same. But we’ve learned a lot about ourselves, our customers, and how to run an agency this year. And that shapes how we should look at the future.

Here’s what I want to cover in this update:

  • Our biggest pivot going forward
  • How we’re specializing
  • How we plan to grow
  • What will still be our priority
  • 5 years from now

Our biggest pivot: Focusing on Cyber Security

The most impactful change is one we’ve been talking about internally for a long time now.

Moving forward, Krit is a Product-Led Growth Agency for Cyber Security Companies.

I’ll talk about the product-led growth bit in the next section, but first… why Cyber Security?

Why Cyber Security?

I’ve often heard product/market fit described as the moment you stop pushing your product to the market and the market starts pulling you along. For the last year and a half, our client base has shifted to where a majority of our clients are Cyber Security companies.

It feels like that market is pulling us along.

cyber security app client

One of our first Cyber Security clients was GreyNoise. We worked with them to redesign their visualizer, and the results (62% increase in daily active users) have been incredible.

Will we still work with non-technical founders?

We’ve loved working with non-technical founders. We’ve loved helping people launch their first tech companies. It’s so much fun to dive into totally new industries and incredibly gratifying to see people grow and learn about technology.

For the immediate future, we aren’t going to stop working with non-technical founders.

We have a number of great clients who we’ve built long term relationships with and some prospects who are working on really exciting projects.

But we’ve struggled to market ourselves to the non-technical audience. And while many of our clients have been wonderful, the challenges of this audience don't match our skill set quite as well as Cyber Security.

For example, many non-technical founders benefit from regular consulting on a wide variety of business topics. We're good at some elements of consulting, but we’re at our best when we can focus on product.

Cyber Security, of course, will come with its own challenges.

Clients are more opinionated about the technologies we use. And the more we build a name for ourselves, the more likely we are to become a target. This means we’ll have to pay close attention to our operational security and the security of our clients.

But there’s a clear path to growing our brand with the Cyber Security audience, and the potential is enormous. We can really make an impact and bring a new level of design to the leading security products.

Next up: defining what we’re best at

Cyber Security is a massive industry, and so it’s not enough to simply say we’re specializing in that. We aren’t going to do penetration tests or security audits. So we need to define what we will do for the companies we serve.

That means understanding our strengths and leaning into them.

Our core strengths

We started the company as two developers and one designer, so we’ve defaulted to calling ourselves "a dev shop."

But that never quite felt right.

I was always obsessed with user experience, and it was Austin’s design work that won us our first clients.

And yet, we aren’t a design firm either. That label ignores our capacity to tackle complex technical problems.

The security clients we work with want our eye for design and that obsession with user experience, but they need our development strengths as well.

So, how do we know what security clients want anyhow?

I’m not just guessing here. We’ve spent the last 6 months researching the industry and interviewing our best clients. And we’re seeing patterns.

Many of our best projects are user and growth-focused. For those clients, we create interfaces that help drive higher adoption rates, close early sales, and simplify our clients’ products.

Meaning, what we do isn’t just design or development—it’s also product. It’s growth-focused product design and development. To use a buzz phrase, it’s “Product-led growth”.

The Product Led Growth Cycle from

What is product-led growth?

We'll cover this more in-depth soon, but Product-led growth is a new wave of thinking about software companies. Product-led companies rely less on sales and marketing teams and use their product to educate and close new customers instead. They put understanding, communicating, and delivering on value above all else.

Those are the kinds of companies we want to work with, and it happens to be what we do best.

How we plan to reach this audience (the size of our audience is a vanity metric)

Our outreach isn’t going to change drastically, just shift.

Over the past 4 years, we’ve gotten really good at creating content. But during that time, we’ve struggled to get our content in front of the right people. Our best bet was to aim for volume and hope for the best. We invested in paid advertising to seed traffic and organic search to build it over the long term.

But now that we know exactly who we want to work with, volume doesn’t matter as much. Our marketing strategy can evolve from spray and pray, to a more focused approach:

  1. Content marketing (Short term) - Create specific, bottom of the funnel content that puts our services and our clients front and center.
  2. Events (Mid term) - Attend, speak at, and even help host Cyber Security events. Go where our customers are, spend time getting to know them and their world. Build meaningful relationships.
  3. Research & Development (Long term) - Invest in research and engineering projects that will help us and our clients do better work. Use this research to create content and speaking opportunities.

Rethinking the levers we use to grow

Beyond content and marketing, we’re rethinking the other levers we use to grow.

I have a friend who runs a firm I hugely admire. This year, they introduced me to David C. Baker and recommended I read his latest book, The Business of Expertise.

The business of expertise cover

I felt like I had been stumbling around for years, with a vague idea of where I was going but no clue how to get there—then I read this. It was as if suddenly someone handed me a meticulously detailed map.

What this book taught me

Some of it confirmed what I was already thinking—we need to specialize and offer more strategic services. But other parts of the book completely shifted the way I thought about growing our business.

Since we founded the company, we’ve grown by adding more clients. I assumed we would continue adding clients as long as new clients are willing to work with us. But Baker lays out a different path for creative services firms where you grow...while keeping the number of clients the same.

Instead of growing the number of customers you have, you:

  • go deeper and increase the work you do for each customer
  • layer in value-based pricing and other creative pricing models that align your incentives more closely with your clients’ success

As a result, you get a lot more leverage while staying within the classic service model.

Eventually, this is where we’d like to head.

But getting there also means we will need to embrace traditional agency roles. We already brought on our first Project Manager this year (the wonderful and talented Bina), but the next stage of growth means embracing Account Managers and Strategists, too. It also means figuring out how to incorporate these roles in a way that adds a ton of value to clients without any bloat.

agency roles

What’s still a priority: remembering health and happiness come first

Throughout all these transitions, I want us to remember that our health and happiness come first. No amount of growth is worth it if we’re miserable.

For the past two years, we’ve slipped into a cycle we need to take care not to repeat:

  • We start off the years full of energy and ambition, setting big goals.
  • In the middle of the year, we realize things are slipping through the cracks and we’re feeling the stress.
  • Then we band together and update our processes, readjust our goals, and remind ourselves the only thing that matters is health and happiness.

I want us to break that cycle and carry the lesson with us through the next 5 years. We want to grow, but we don’t want it to be a stressful mess. Calm growth is the goal.

So what does Krit look like in 5 years?

In 5 years we will be nearing the end of 2025. Krit will be in our 11th year as a business. Here's how it could look:

  • We will be known in the Cyber Security industry as the premier Product-Led Growth Agency.
  • We will continue producing content, give talks, and influence the direction of product development in the industry.
  • Our clients will continue to be the rising stars in the space.
  • We will be a more diverse team than ever, made up of Developers, Designers, Product Managers, Strategists, Account and Project Managers, and Marketers from all different backgrounds.
  • We will create a culture that attracts and develops kind, talented people.
  • We will always be growing—but at a pace that gives us plenty of time for research, learning, and personal happiness.

In summary...

It has been a wild year, but I’m so proud of how much we have learned and so excited for the future.

Thank you to my incredible team. The growth of the company all comes down to the work you all do. We’re on track to launch 5 new products this year, despite all the shit the world has thrown at us. And the level of creativity and craftsmanship across all of them blows me away.

Thank you to Daisy Quaker for pushing me to make a decision, and to Laura Bosco for supporting me along the way. Thank you to Scott Woods for taking the time to answer my questions and introduce me to David Baker’s work. To Philip Morgan and April Dunford for your time and guidance as we redefine our positioning. And to my best friend Andrew Morris for introducing me to Cyber Security and pulling me along with him.

Here’s to the next 5 years.

This post originally appeared on the Krit blog.

You’ve successfully subscribed to Andrew Askins
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Your link has expired
Success! Check your email for magic link to sign-in.