As I’ve said before, I believe we are in a generational time for security businesses, in great part driven by some seismic shifts in the market. The first, and one of the biggest in my opinion, is the promise and vulnerability of multi-cloud. While this may seem like a natural evolution of cloud, it is a nuance that is just starting to take off. It could be an even greater accelerator of technical and go-to-market innovation than the cloud itself. Cloud is now everywhere, whether it’s in a controlled data center or publically managed. …


We seek… inspiration or meeting a founder who helps us see a market, problem or opportunity through a different lens.

High level in a first 30–45 minute meeting, I — like most VCs — look for a thing or a FEELING more than anything specific to (not) waste that founder’s time further.

Second VC meetings could waste founders’ time especially if VCs do not know what we are looking to answer after the first meeting.

In a first meeting, I bucket what I am looking for into two big picture areas:

(1) Founders’ thinking + storytelling — important for bringing…


By Kara Nortman, Managing Partner & Spencer Calvert, Associate, Upfront Ventures

This article originally ran on TechCrunch.

When you think of the core members of the C-Suite, you probably think of the usual characters: CEO, CFO, COO and maybe a CMO. Each of these roles is fairly well defined: the CEO controls strategy and ultimately answers to the board, the CFO controls budgets, the CMO gets people to buy more, more often, all while the COO keeps everything running smoothly. Regardless of the role, all share the same objective: maximize shareholder value.

But the information age is shaking up the…


Today I am thinking about the most cliched things VCs say and perhaps either should say less, say differently or say more specifically. This could become a list, but today let’s start with three that popped into my Sunday brain.

First Cliche: How Can I Be Helpful?

This is the cliche line every VC worth our salt utters daily if we are doing our jobs at all. Like all cliches, this question is overused and has lost meaning to most as it often feels performative.

But, it is also the question VCs should be thinking about in…

Every first call with a new founder

Every board meeting…


When I interned at Microsoft in Redmond more than two decades ago, I visited the employee store on campus to stock up on products. It was filled floor to ceiling with boxes the size of a ream of paper with labels like Windows XP and Microsoft Office 2003: Professional Edition. In each box was a set of CDs and instruction manuals to install the software on your machine. Gone are the days of boxed Gen 1 software; today, these same products (and tens of thousands more like it) are delivered via the cloud in a subscription model. …


This piece originally ran on Forbes

Digital data multilayers. GETTY

As an associate at Battery Ventures in 1999, one of my first VC mentors told me that he would only fund companies that were creating a new category and that could be valued at $1 billion or more, a fairly radical idea in 1999. He went on to say (only somewhat tongue in cheek) that if the company was in an existing category, I should make up a new category before I pitched him on the investment or else it would never be worth $1Bn+.

Twenty years later, this notion of funding the “category…


This piece originally ran on Forbes

Cybersecurity for All GETTY IMAGES/ISTOCKPHOTO

Turn on the news, open twitter, read your morning newsletters and you are going to be inundated with news about the election in the US. Regardless of where you fall politically, we find ourselves in a charged environment with palpable tension. That makes headlines like “Facebook takes down Russian operation that recruited U.S. journalists, amid rising concerns about election misinformation” even more disconcerting. From elections to Twitter to Experian, we all know that we’re “supposed” to be on top of cybersecurity, and that bad things happen when we don’t.

And yet, despite its importance…


This piece originally ran on TechCrunch.

2020 was a hell of a year. When future generations learn about 2020, the pandemic, social tension, and political unrest will take up most of the oxygen. But for those learning about the history of cyber security, the year 2020 and a mid-size company from Austin, Texas — Solar Winds — will take center stage. Malicious code in one update of a trusted software provider was the trojan horse to access petabytes of private data across 18k organizations (and counting), including Fortune 500s and government entities.

Why will Solar Winds be so generationally important…


2020 was a hell of a year. When future generations learn about 2020, the pandemic, social tension, and political unrest will take up most of the oxygen. But for those learning about the history of cyber security, the year 2020 and a mid-size company from Austin, Texas — Solar Winds — will take center stage. Malicious code in one update of a trusted software provider was the trojan horse to access petabytes of private data across 18k organizations (and counting), including Fortune 500s and government entities.

Why will Solar Winds be so generationally important, and why am I talking about…


Today, I am thrilled to share our most recent investment, in LA-based Britive. The founders — Art, Alex, and Sameer — are seasoned operators and experts in Privileged Access Management (PAM) and are building product at the intersection of two of the most important trends of our time: the migration to, and securing of, cloud infrastructure.

Britive is a part of the broader security movement to zero-trust security (where no user is trusted by default) and one of its core tenants, Just in Time (JIT) access, whereby users are dynamically granted ephemeral access vs. the legacy process of “checking out”…

Kara Nortman

Partner @ Upfront, Formerly Founder @ Moonfrye, IAC (Urbanspoon, Citysearch, M&A, Tinder), Battery Ventures

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store