I've been lurking on this site for a little while, but am finally beginning to make some progress on my little idea. My current day job is essentially consultancy, enabling established businesses sell into large enterprises - the stereotypical 7/8-figure deal - and I want to bring this insight to SMEs as a form of productized service.
This problem manifests itself in a bunch of different ways when attempting to sell: examples include getting the dreaded "vendor security questionnaire", or (worse) being asked for a copy of the latests SOC 2 Type 2 report. What I see founders doing in response is what I refer to as the Bureaucracy Bulls**t Blizzard: they think that the right way through this mess is to generate paperwork, and boy howdy do they come through with that.
Suddenly their business has Policies and SOPs for everything, and it feels like the right thing - this is what grown-up businesses do, right? - but the second-order consequences kick in quickly. Developers start slowing down delivery because each release goes through Change Management (TM). You can't store this data or run that service because of GDPR, or CCPA, or HIPAA (no-one's quite sure what, but they know it's not allowed). That beautiful product release cycle gets slower, and slower.
My mission is to fix this. I offer a form of corporate jujitsu service to bypass this, and as I said, I want to bring this to SMEs. I'm going to be attempting to build this in public - at least in part! - and I'm absolutely knocked out by the quality of work that people are sharing on this site; you all have set an extremely high bar.
While I'm getting on with this - if CGRC (the baffling bulls**t acronym for Cyber Compliance, Risk, & Governance - i.e The Rules) is getting you down, please get in touch. I would love to help serve this community sell into larger businesses and enterprises. It's not easy and I won't pretend it's not a lot of work (it's huge!) but equally, there are plenty of short cuts and cheatcodes available. I genuinely believe it's a great time to bootstrap products aimed at B2B.
Thank you all for the content I've already consumed, and I hope to contribute in the future.