Following up on our ‘Bootstrapping Using Services‘ and ‘Bootstrap First, Raise Money Later’ case studies, here’s the story of PhishMe, a cyber security company that has scaled nicely.
Sramana Mitra: Let’s start at the very beginning of your story. Where are you from? Where were you born, raised, and in what kind of background?
Rohyt Belani: I am originally from India. I was born and raised in India. I was there till the age of 22. I did my engineering in India.
Sramana Mitra: Where in India are you from?
Rohyt Belani: Bombay. I came to the US to pursue my graduate studies at Carnegie-Mellon back in 2000.
Sramana Mitra: What were you working on at Carnegie-Mellon?
Rohyt Belani: I went to an institute called the Information Networking Institute inside of CMU, which was jointly housed by the Electrical and Computer Engineering department, the Computer Science department, and the Business School. It was an interesting mix of a multi-disciplinary program where we were required to take courses across the board and choose a concentration to go into a particular direction.
Sramana Mitra: What time frame were you there?
Rohyt Belani: I was there from 2000 to 2001. I graduated from there in early 2002 with my Master’s.
Sramana Mitra: What happens after that?
Rohy Belani: I guess I’ll start with a little bit of what happened during that time because it leads to what happened afterwards. While I was there, for some strange reason, I was very academically inclined and wanted to be a professor, which is what my goal was. I was thinking of doing a Ph.D. It was the year 2001 during the economic meltdown. Even internships were few and far between. During my summer vacation, since I was an international student on a student visa, I ran into this internship opportunity at the Software Engineering Institute, which is very closely associated with Carnegie-Mellon. It used to also house what’s known as the US CERT or the Computer Emergency Response Team, which does a whole bunch of cyber security coordination across the country. That was my first introduction to security.
Honestly, I did not apply there for an internship. It seemed like the strangest thing. I got a call one evening from a professor who was also a part of that institute. I had never taken a course with him. He told me he had his resume in front of me. It almost sounded like a hoax – like a social engineering scam. He said he had an internship to offer me. I interviewed the next day and got in. For a lack of choice, I landed up doing an internship that introduced me to the world of cyber security. I started getting intrigued, of course. That was my first foray there.
I guess the serendipitous nature of my career continued as I was still focused on pursuing a Ph.D. My professor told me that he was going to accept me as a Ph.D. candidate under him. I, very presumptuously, chose not to even look for jobs as companies came during the job hunting season. Only about eight weeks prior to my graduation was I told, “Funding is dried up because the economy has gone south. I can’t support you as a Ph.D. candidate.”