In an industry obsessed with scaling at breakneck speed, this piece delivers a jarring, necessary counter-narrative: hiring a Vice President of Sales before a cybersecurity startup has proven its product-market fit is not just premature, it is a guaranteed path to failure. Ross Haleliuk, writing through guest contributor Eyal Worthalter, dismantles the myth that a senior sales leader can manufacture demand where none exists, arguing instead that founders must personally own the first $1 million to $5 million in annual recurring revenue. This is not generic advice; it is a tactical roadmap for avoiding the revolving door of expensive, failed executive hires that plagues the sector.
The Founder's Burden
The article's most provocative claim is that early-stage founders are inherently superior salespeople to any hired executive. Haleliuk attributes this to a fundamental truth about the cybersecurity market: trust is the currency, and founders hold the reserve. "Salespeople do not generate demand for your product. They convert that demand into revenue," the piece argues, a distinction that reframes the entire function of sales from a growth engine to a conversion mechanism. This is a crucial pivot in thinking. Many founders believe they are hiring a VP to "build the engine," but Haleliuk insists they are actually hiring someone to drive a car that hasn't been built yet.
The author leans heavily on the credibility gap between a founder and a sales representative. "The first thing you should expect when you hire any salesperson is that they'll be 50% less efficient at doing any sales job than you, the founder," Haleliuk writes. This assertion, while lacking empirical data, resonates with the lived experience of security buyers who are naturally skeptical of vendors. The argument holds weight because it acknowledges the psychological reality of the buyer: they trust the person building the solution, not the person selling it. A counterargument worth considering is that as a company grows, the founder's time becomes too valuable to spend on individual deals, suggesting a need for delegation sooner than the author admits. However, Haleliuk's stance is that delegation without a proven process is merely outsourcing failure.
"You need to find the first 5-10 design partners. You need to make sure your product solves a problem that's big enough to move the needle on a security program and the more conversations that you, on your own, have with potential buyers, the better off you'll be."
The Trap of Bad Reasons
Haleliuk identifies a specific psychological profile of founders who make the mistake of hiring too early. The piece categorizes these motivations as "bad reasons," including the desire to escape the grind of rejection or the pressure from venture capitalists to show a "sales strategy." "If you hire a seller because you don't want to do his or her job, don't expect them to do it better than you," Haleliuk states bluntly. This is a sharp critique of the founder mindset that views sales as a dirty chore to be offloaded rather than a core competency to be mastered. The commentary here is effective because it challenges the ego of the technical founder who believes their product speaks for itself.
The article also addresses the external pressure from investors. "Why do you think they are telling you to go and spend all the cash they have given you in the last round?" Haleliuk asks, suggesting that the push to hire is often a mechanism for VCs to deploy capital rather than a genuine signal of market readiness. This reframes the investor-founder dynamic from a partnership to a potential source of misaligned incentives. While some might argue that VCs have a fiduciary duty to push for growth, Haleliuk's point is that growth without product-market fit is an illusion that burns cash and reputations.
Defining the Right Moment
The piece offers a concrete, if somewhat rigid, metric for when a company is ready to scale: true product-market fit is evidenced by customers referring the solution without being asked. "True product-market fit happens when you find that credit union security analyst on a reddit thread saying that they did a POC with you and absolutely loved it," Haleliuk illustrates. This specific example grounds the abstract concept of "fit" in the reality of the security community, where peer validation is the ultimate currency. It shifts the definition of success from revenue numbers to organic advocacy.
Haleliuk then breaks down the hiring timeline into stages, arguing that between $1 million and $5 million in revenue, the founder must resist the urge to hire a VP. Instead, the company should hire a "Founding Account Executive" who handles logistics while the founder continues to close deals. "A Founding AE is not there to generate leads or create demand, close deals independently, or build your sales strategy," the author clarifies. This nuanced distinction between a VP and a Founding AE is the piece's most practical contribution. It offers a middle ground that allows for operational support without sacrificing the founder's strategic control.
"If you are a pre-revenue or an early-stage cyber company that is still testing out the waters so to speak, you don't need a salesperson, and you definitely don't need a VP of Sales."
The AI SDR Fallacy
In a section that feels particularly timely, Haleliuk tackles the hype surrounding artificial intelligence in sales. "AI SDRs in cybersecurity are terrible right now," the author declares, attributing the failure not to the technology itself but to the garbage data and generic signals that feed it. This is a refreshing take in an era where every startup is rushing to integrate AI. The argument is that without a clearly articulated value proposition, AI cannot replicate the nuance of human persuasion. "Whether you're human or robot, cutting through the noise is nearly impossible," Haleliuk notes, emphasizing that the bottleneck is not the tool, but the clarity of the message.
The author's experience with side-by-side tests of AI and human SDRs adds credibility to this skepticism. By pointing out that human SDRs create a talent pool for future Account Executives, Haleliuk makes a strategic case for investing in people over automation. Critics might argue that AI will inevitably improve and that early adoption offers a first-mover advantage, but the piece's focus on the current state of the market—flooded with generic, recycled content—makes a compelling case for patience.
Bottom Line
The strongest part of this argument is its unflinching insistence that founders must remain the primary sellers until the product is undeniably validated, a stance that challenges the prevailing "hire to scale" dogma of the venture ecosystem. Its biggest vulnerability lies in the difficulty of defining the exact moment of "organic referral" as a universal metric, which may vary wildly across different security sub-sectors. Readers should watch for how this philosophy holds up as the market shifts from early adopters to the pragmatic, risk-averse enterprise buyers who dominate the later stages of the sales cycle.
"Salespeople convert demand into revenue; they don't create it. At this stage, you haven't proven there's enough demand to convert."
The ultimate verdict is clear: in cybersecurity, the most expensive mistake a founder can make is assuming someone else can do the selling better than they can. Until the market speaks for itself, the founder must be the voice.