There’s a very important distinction with regards to how we research markets between an exploratory market and a buying one.

An exploratory market = most of the interest among potential customers is focused on researching the subject matter while they’re still in the early stages of understanding how deep the pain actually is within their organization. More often than not, it’s also not just about understanding the pain depth but also what an actual solution architecture might look like and which one would best fit their organization and existing workflows.

A buying market = a more mature landscape where the pain/solution equation is much clearer. Customers are coming to conversations with vendors with ready-made budgets, priorities and at least a rough idea on how their ideal solution may look like.

Obviously, there are many shades of grey between the two - the dynamic here isn't binary.

Founders may struggle, in the beginning, to differentiate between these possible states of the market, since many on the customer side don’t identify themselves clearly as explorers vs. buyers. It’s critical to understand at which phase of the maturity of the buy-side we are currently, as this might indicate whether we’re too early or too late to the ‘party’.

1. Share insights before asking for priorities - The common approach of going to a potential buyer and trying to figure out their top 5 pains without prior context is not as effective as it might have been a few years ago. Buyers are quite tired of founders coming to interviews without a clear agenda and original insight. This has never been very effective anyways. Most buyers need some form of inspiration from the founders before they share their priorities. The ideal formula is focusing on a sub-domain, sharing differentiated insights (at least initial ones) on this sub-domain’s dynamics and having a priorities-led discussion flowing from there.
   

2. Attention span is key - The fact that there’s a pain/inefficiency existing within a certain team does not necessarily mean that it’ll be a part of its agenda for the coming months. In the end, you need to figure out buyers’ strategic attention span on top of whether an issue exists. The difference between urgency and importance is naturally relevant here. Also, whether a team has already carried out a heavy-duty implementation project in this domain in the past 2-3 years would also likely deter it from going after a new one.
   

3. C-level buyers vs. working-level buyers - Who should you interview and convince, the C-level buyer or the team lead? The answer is often both. It’s usually a good idea to start with the C-level buyer, if that’s available to you. But more often than not, you’ll then be referred to the working-level user/buyer, whose approval you’ll also need to obtain. So your pitch and approach should appeal to both levels.
   

4. Workflow disruption - Ideally, your solution won’t cause too much disruption to the current workflows of your target users. The elegance in which you can provide your solution - especially during the POV (proof of value) phase - is key. And by elegance, I mean maximizing value while minimizing discomfort. Try and figure out the path of least resistance in the road to adoption.

1. At what pace and to what extent will AI agents be deployed? #AI

   While there is already initial success in certain (pretty trivial) categories, such as customer support and certain sales-centric workflows (and a few other ones), will AI agents be able to conquer more territory within other workflows in fortune 2000 companies already this year, including more infrastructure-heavy ones (e.g. in devops, cyber, data engineering and others)?

2. Will 2025 finally be the year where the cyber stack gets shrunk instead of expanded? #CYBER It’s been over a decade that security teams have been (rightfully) complaining about the evergrowing cyber stack. More infrastructure and threat verticals necessitate new product categories. There are more than a few startups trying to provide consolidation with innovative approaches, on top of the large security vendors and their bundles - will they manage to finally move the needle?
   

3. Is the typical LLM going to remain a horizontal jack of all trades, master of none? #AI Is the advancement vector for large models always going to be horizontal, everyday tasks for consumers and basic enterprise workflows or will they manage to penetrate into complex, highly regulated, vertical workflows?

4. Could AI agents finally be the answer to the age old question of how do you dethrone the system-of-records of the world? #AI CRMs, ERPs, EMRs and others - and their respective incumbents - have been almost undisruptable since the late 00’s, with the SaaS wave being the last to make a dent in these categories. With AI agents’ ability to automate input & output data workflows - could we finally have a substantial penetration use case to disrupt these data-heavy, ultra-sticky systems?

5. Is everything LLM-security-related becoming a real category or is it a subset of existing product verticals? #CYBER While governance is certainly going to be a heavy-duty task with everything LLM-related, is there a case for a new public company to emerge out of the LLM security wave of startups (emphasizing security, not governance)? Or is the superset of data, network and other existing security categories still protecting the periphery of LLMs in a sufficient way, so that only early adopters will require a specific LLM security product in the next couple of years?

6. Are the existing data governance and security platforms suitable for the next generation of data-centric AI-heavy applications that organizations are going to adopt in the next couple of years? #DATA #CYBER The data infrastructure landscape has continuously been changing in the past decade and the security stack has chased it throughout, with DSPM and other clusters focusing on these emerging cloud data lake/houses. But now that data is not only leveraged for BI, but increasingly for AI-centric workflows - will the meaning of what it is to secure and govern data change?

7. Is the adoption of GenAI capabilities by threat actors going to be incredibly swift in 2025 or is it a gradual process for the next 5 years? #AI #CYBER GenAI-centric phishing and deepfake-centric vishing are only the tip of the iceberg in terms of how GenAI can be leveraged by threat actors, and it is only a question of when, not if, that these will change the threat landscape meaningfully. So how rapidly is it going to be and is there enough interest and motivation for threat actors to adopt it in a creative and comprehensive way?

8. With how prevalent and harmful ransomware attacks have been in the past few years, are security teams going to adopt new ways of preparing themselves? #CYBER Ransomware attacks are inevitable. So many fortune 2000 companies out of the financial and healthcare sectors (among others) have been hit by them in the past few years. We have certainly not exhausted the means in which we can become more proactive in how we protect and manage our data before, during and after a breach. How effective will security teams in 2025 be in taking a more proactive approach in preparation for the next wave of ransomware attacks?

9. Are organizations going to deal with customer data leaks differently? #CYBER The post-breach reaction from many organizations has been quite lackluster to the recent wave of leaks, which in turn causes an amplified negative effect to these leaks/breaches. Will organizations become more mature and transparent in how they deal with these leaks, both in light of recent new regulation but also to avoid PR nightmares?

10. Will startups find a way to better handle the tough RnD buyer? #DEVTOOLS The old build vs. buy dilemma for the RnD buyer is realer than ever. In combination with a significant hesitance toward expanding budgets for devtools, it makes it a difficult g2m for startups wanting to reach their Series A criteria rapidly. There are still startups that manage to pull it off, but more often than not, they are slow burners which take a few years to gather meaningful momentum. Are new dynamics going to be introduced in 2025 that change this equation?
    

11. Will more organizations double down on integrating their unstructured data into their existing BI workflows? How mature will this integration be by the end of 2025? #DATA It is now pretty obvious that the most meaningful untapped goldmine of data that can actually move the business needle is the unstructured data hiding in plain sight in organizations’ emails, PDFs, IoT logs, call transcripts and whatnot. While we see single departments leverage these sources in a siloed fashion, organizations are now adopting more company-wide strategies to leverage their unstructured data in a more comprehensive way, as AI is so unstructured-hungry. But how quickly will we see this taking place?
    

12. Will more cyber startups target remediations rather than posture? And is it possible to create a horizontal remediation-centric startup rather than a vertical one? #CYBER Apropos question #3 and the ever expanding cyber stack, security teams are naturally asking for more remediation/automation centric solutions in 2025. But many previous attempts have been quite vertical (e.g. appsec-centric), so that the ROI was limited for their adoption. It is a significant technical and operational challenge to introduce a more horizontal approach to tackling these remediation challenges - will startups manage to pull it off soon?
    

13. Will we finally manage to meaningfully disrupt cyber categories that are begging for a change, such as TPRM, SIEM and others? Or are they too complex for early stage teams to navigate in? #CYBER There are categories that will forever remain as a top-of-the-list pain without a mature enough ROI equation for the buy-side to actually solve. Is TPRM one of those? While there were several startups tackling this category in the past few years with some success, the domain remains hard to crack, as are many other problems that involve coordinating a network of organizations instead of just one simple buyer/adopter.
    

14. Will we see more Cyber startups trying to disrupt product categories that are on-prem heavy? #CYBER Many CISOs will tell you that the vast majority of their infrastructure is still on-prem and startups are far too quick to focus on cloud-based infrastructure and apps (understandably, by the way). Is the fact that on-prem environments are not on a growth trajectory, but are still gigantic in absolute market terms, enough to justify startups tackling them?