In 2011, Caroline left the firm to join a startup as their first General Counsel. Initially, she focused on supporting sales and mastering privacy. It did not take long for sales to send her a security questionnaire. This check-the-box, security theater spreadsheet reminded her of her first summer job at a law firm. The first day on that job, she was instructed to sort through about 15 boxes of "due diligence." Her only instruction was to look for things that seemed odd. She realized that security questionnaires were similarly time-consuming and mind numbing, yet full of potential liability.
Several years later, she met George at an old NY coffee shop called Eisenberg's. George was a good friend with one of Caroline's colleagues, with whom she was having coffee. George joined the discussion and the two completely geeked out on privacy and security. George had a passion for security and online anonymity, having spent the last 20 years building networks and infrastructure for financial services.
As George and Caroline continued talking, the two frequently discussed the huge communication gap within companies about the privacy and security operations and how detrimental this was to business, ultimately hurting the individual user. They decided to start a company with a mission to give individual's their control back by bridging that communication gap. When George asked what they should start with, Caroline responded, "let's start with the response side to security questionnaires."