Profile

The Investor Who Bet on Cybersecurity When Nobody Else Would

In 1996, when Ted Schlein joined Kleiner Perkins, cybersecurity was not a category. It was a feature. A checkbox. Something IT bought on the cheap and hoped it never had to use. Schlein saw it differently - and spent the next three decades being right about that in very expensive ways.

He started at Symantec, one of the company's early employees, where he helped turn a startup into the largest dedicated security software company in the world. He ran enterprise solutions, pushed Symantec into software utilities, and helped launch one of the first commercial anti-virus products to reach mainstream enterprise buyers. When he left for Sand Hill Road, he brought with him something most VCs lacked: the operator's intuition for what actually breaks, and what fixes it.

At Kleiner Perkins he built a portfolio that now reads like a syllabus for the history of enterprise security. ArcSight, which became the backbone of SIEM before most people had heard the acronym. Mandiant, which Kevin Mandia built into the world's most-quoted incident response firm before selling it to FireEye and later Google for $5.4 billion. CarbonBlack, AlienVault, Internet Security Systems, Shape Security - exits that generated billions and, more importantly, defined the shape of the industry at each turn.

There are only two types of companies in the world: those that have been breached and know it, and those that don't.
- Ted Schlein

He also founded Fortify Software during his Kleiner years - serving as its founding CEO and building one of the earliest dedicated application security companies at a time when "application security" was not a standard line item in any CISO's budget. Fortify was acquired by HP, where it became HP Fortify, a product line still widely deployed today.

In 2021, after nearly 30 years, Schlein made the move that the cybersecurity world had been half-expecting for years. He left Kleiner to launch Ballistic Ventures - a firm dedicated exclusively to cybersecurity, with a $300 million inaugural fund and a team built from operators, founders, and people who had actually been in the room when things went wrong.

The name was intentional. Ballistic: not defense-only, not passive. An acknowledgment that the best security posture starts with understanding the attacker's trajectory before the payload lands.

Ballistic Ventures: Three Funds, One Thesis
FUND I - 2021
$300M
FUND II - 2024
$360M
FUND III - 2025 (RAISING)
$100M target

Fund II closed at $360 million in March 2024, larger than the first, with a sharpened focus: AI security, identity, non-human identity management, runtime security, and the emerging category of security for AI development itself. The timing aligned with the broader industry reckoning that large language models had made the attack surface orders of magnitude more complicated. Schlein had been tracking this for years before the press caught up.

Then Kevin Mandia joined Ballistic as General Partner. It was the kind of move that signals something: when the founder of the world's most consequential incident response firm decides the most important thing he can do next is back the next generation of cyber companies, that is the industry endorsing your thesis with the person it trusts most.

By April 2025, Ballistic was raising $100 million for a third fund - a continuation vehicle to double down on the breakout companies in the portfolio. The firm currently holds board seats at Alethea, Aembit, ArmorCode, AuthMind, Concentric AI, GetReal Security, Mimic, Nudge Security, Oligo, Reach Security, SpecterOps, Veza, and more than a dozen others.

What sets him apart

Operator. Founder. Investor. In That Order.

Origin Story
Built the product before he backed it
Most security investors know the category from pitch decks. Schlein ran enterprise sales at Symantec when Norton was a floppy disk, then founded Fortify Software and served as CEO. The operator lens is structural, not decorative.
Government Reach
InQTel board. DHS advisory council. CISA committee.
Schlein advises the CIA's venture arm while investing in private cyber companies - a rare overlap that gives him sight lines into the threat landscape most VCs access only through press releases.
Conviction Depth
30 years before it was a category
He started backing security companies in 1996, when cybersecurity was a footnote in enterprise software budgets. NVCA Chairman. Western Association of Venture Capitalists President. The credentials accrued as the thesis compounded.
Team Building
He recruits founders as partners
Bringing Kevin Mandia into Ballistic wasn't marketing. It was product. The firm is structurally built around the idea that the best cyber investors are the people who built the companies the acquirers couldn't live without.
Pattern Recognition
Same exit logic, different epoch
From ArcSight to Mandiant to Talon (acquired by Palo Alto Networks for $625M in 2023), Schlein has called the consolidation pattern in enterprise security with unusual consistency across three technology cycles.
Thesis Clarity
"The whole landscape needs to be rethought"
He said it plainly in a 2022 interview. Not "there are opportunities in the market" - a complete rethink. His fund is structured around that conviction: not incremental improvements to existing categories, but new categories entirely.
The full picture

Before Kleiner Perkins, There Was a Wharton Student Running a Resume Company

Schlein went to Penn for economics. But the resume company he started as a student tells you more than the degree. While classmates were studying for exams, he was running a business - working concurrently at T/Maker, a spreadsheet company, and Trace Systems, an early personal robotics venture. This was the early 1980s. The personal computer market was a rumor. He was already inside it.

He was also a varsity wrestler. The sport rewards patience and explosiveness in equal measure - knowing when to hold position and when to commit entirely. It's not a bad metaphor for what he's done in venture capital for thirty years.

The Symantec years were formative in a specific way: Schlein wasn't watching security from the outside. He was selling it. He understood why enterprises bought, what they believed about risk, and how those beliefs were almost always wrong. When he eventually moved to the investing side, he carried that knowledge into every due diligence meeting.

Ballistic Ventures allows me to do what I love while working with some of the smartest people in VC and cybersecurity.
- Ted Schlein, on founding Ballistic

The Kleiner Perkins chapter stretched across nearly three decades and multiple technology cycles: the rise of the Internet, the move to mobile, the cloud transition, and the emergence of AI as an attack surface. Through each cycle, the portfolio kept adapting. Chegg started as a textbook rental company; Schlein sits on its public company board to this day. FullStory, Incorta, Synack, Trusona - the board seats form a map of where enterprise software was going and where security needed to follow.

Beyond the portfolio, Schlein has consistently made himself available to the policy community in ways that most investors avoid. His appointments to DHS and CISA aren't honorifics - they reflect a genuine conviction that government and private sector need to operate with shared intelligence on cyber threats. InQTel, where he serves on the Board of Trustees, is the CIA's external investment vehicle for emerging technology. The intersection of intelligence community needs and startup capability is exactly where he has spent his career.

Career Arc

Thirty Years, One Thesis

1980s
University of Pennsylvania (Wharton), Economics. Varsity wrestler. Ran a resume company while working at T/Maker and Trace Systems.
1988-96
Early employee at Symantec; rose to VP of Enterprise Solutions. Helped launch one of the first commercial anti-virus products for enterprise buyers.
1996
Joined Kleiner Perkins as General Partner. Began building the firm's cybersecurity practice when most VCs still thought security was a feature, not a fund thesis.
2003
Co-founded Fortify Software; served as founding CEO. One of the earliest dedicated application security companies - later acquired by HP.
2000s-10s
Kleiner Perkins exits include ArcSight, Mandiant, CarbonBlack, AlienVault, Internet Security Systems. Becomes Chairman of NVCA and President of Western Association of VCs.
2021
Leaves Kleiner Perkins after nearly 30 years. Launches Ballistic Ventures with inaugural $300M fund dedicated exclusively to cybersecurity.
2022
Appointed to DHS Homeland Security Advisory Council by Secretary Alejandro Mayorkas. Joins CISA Cybersecurity Advisory Committee.
2023
Ballistic portfolio company Talon Cyber Security acquired by Palo Alto Networks for $625M - largest VC-backed cybersecurity acquisition of the year. SC Media names Ballistic Ventures "Investor of the Year."
2024
Closes Ballistic Fund II at $360M. Kevin Mandia, founder of Mandiant, named General Partner at Ballistic Ventures.
2025
Ballistic Ventures raises $100M for Fund III continuation vehicle. Latest investment: Hello Soju (Series B), April 2025.
Track Record

The Credentials Don't Need a Highlight Reel

Forbes Midas List - top-ranked venture capitalist in technology investing
Former Chairman, National Venture Capital Association (NVCA)
Former President, Western Association of Venture Capitalists
SC Media Investor of the Year 2023 (Ballistic Ventures)
Board of Trustees, InQTel - the CIA's venture capital arm
DHS Homeland Security Advisory Council, appointed by Secretary Mayorkas
CISA Cybersecurity Advisory Committee member
Board of Trustees and Board of Overseers, University of Pennsylvania
30+ successful cybersecurity exits generating billions in returns
Founding CEO, Fortify Software (acquired by HP)