Rallying Cry: We Stop Breaches

Several years ago, while stepping out of a meeting at the Pentagon, I happened to say aloud that I was taking the Metro back to DC. Shawn Henry, then with the FBI, happened to overhear my comment, and offered a ride. I think I mildly protested that driving me back in all that bad traffic was too much of an inconvenience. But Shawn would hear none of it. It was no trouble at all, he explained.

Within minutes, I enjoyed the coolest two-and-a-half-minute ride from the Pentagon back to Union Station that a human being could experience without lifting off. (Yes, do the math.) But what impressed me more, during the short ride, was Shawn’s incredible command of cyber risk, malicious threats, and security protection. With such deep insight, I can only imagine how valuable he must be now with CrowdStrike. Which brings me to . . .

More years back, I happened upon this gigantic book on hacking that blew my mind. With the apt title, Hacking Exposed, the massive tome explained so many different hacking methods that I could barely get through a tenth of them. I had written four books of my own on cyber security by then, so this was quite a humbling perspective. I still lower my voice when I mention the title of that damn book.

Around the same time, I happened to meet, and soon become a customer of a new company founded by the authors called Foundstone. One of the principals gave a presentation I attended, and I remember taking twenty pages of notes in half as many minutes. I thanked the speaker afterward and told him how impressed I was with his great knowledge. That speaker, of course, was George Kurtz, and he is a founder of CrowdStrike. Which brings me to . . .

Several years ago, I sat down at a standards committee meeting at a bank in New York City, where we were discussing some security thing or another – I forget specifically. But during the discussion, I noticed one person making so much sense. You must have had this experience at meetings yourself, where it is obvious that the person sitting way over there near the corner of the table, seems to really get what’s going on.

After the meeting, I walked over and introduced myself and realized that it was Dmitri Alperovitch – a name I was quite familiar with. He’d become one of the voices of our industry, with deep insight into the technical underpinnings of how cyber threats are evolving. It was obvious during the meeting, and obvious to me now, that Dmitri knows what the heck he’s talking about. And he is also a founder of CrowdStrike. Which brings me to this:

I spent an hour with the CrowdStrike team last week and they outlined a rallying cry that includes the audacious claim that they can stop breaches. They showed me a portfolio of solutions and offerings that covered such a wide swath of area, that I told them they would need a room full of geniuses to cover such a challenging collection of cyber security capabilities. And that’s when it hit me: This company does have a room full of geniuses.

The focus of the evolving CrowdStrike platform starts with endpoint protection, but their technology addresses all phases of the attack lifecycle. They have deep capability to address risk during reconnaissance, weaponization, delivery, exploitation, installation, command and control, and operations. They understand adversary techniques and the platform supports proactive solutions for a range of different customers.

“We are trying to do for cyber security,” the team explained, “what Salesforce did for ERP.” Now, if any other company had suggested this as their corporate goal, I might have pushed back. But as I’ve outlined above, the executive team at CrowdStrike is a little different. These folks know exactly what they are doing, and their decision to set their sights on such an aggressive agenda seemed to me . . . well, it seemed actually doable.

My advice is that you should immediately set up time to speak with CrowdStrike. Ask them to take you through their platform portfolio. Even if you are not a customer, and even if you have no plans to shift your endpoint solution, I think you should hear their story. Very few companies can boast such a capable leadership team, and I can’t help but feel inspired by their audacious rallying cry: We Stop Breaches. I think you’ll learn something hearing their approach.

(Oh, and maybe you can talk George into autographing your old copy of his book that I’m sure takes up half your bookshelf – as it still does on mine.)

Let me know how it goes.