“Investing in security is useless: our startup will get bought in the next two years anyway.”