While tech week talks AI, Scytale is talking about what’s actually killing deals

The conversation at this year’s NY Tech Week is about AI. The panels, the pitch decks, the happy hours: agents that code, agents that sell, infrastructure for the agents. Then a screen mounted to a truck shows a man sitting on a toilet, staring at his phone in open panic.

The line underneath: “His prospect just asked for SOC 2.”

The ad belongs to Scytale, an AI GRC platform that took over the streets of New York this week, running billboards, street screens and an LED truck through the same blocks where founders and investors were converging for Tech Week. While many NY Tech Week companies are looking many years out, Scytale built its campaign around a feeling founders know now: the moment a deal that looked closed turns out to depend on a security audit that nobody started.

The Question That Stalls the Deal

SOC 2 (System and Organization Controls 2) is the security compliance framework that tells enterprise buyers one thing clearly: this company can be trusted with your data. For SaaS companies today, it’s less a nice-to-have and more a ticket to the table. For years it lived in the fine print of enterprise procurement cycles, a box ticked late in the process by companies big enough to have a compliance team.