Much of the machine learning is considered secret sauce. But at a high level, Black says, Crowdstrike’s core Falcon software parses computer execution data, using attack signals to understand chains of events. For example, if a person opens an email and clicks on a link that opens a Web browser and a notepad opens in the background, there is a good chance the person has fallen prey to a phishing scam. Crowdstrike will immediately flag such a transgression and move to quash it.
Identifying adversaries bolsters a CIO’s case
The company has also accumulated a wealth of profile information on the techniques nation state adversaries and other bad actors employ to infiltrate corporate computer networks. You might ask why this matters if someone has already breached your network. But Black says such information is critical in helping CIOs pry some extra funding for cybersecurity protection from CEOs and their board of directors. “Funding comes relatively quickly at that point because it’s not some ethereal threat, it’s a real threat with a real face,” Black says.
Crowdstrike practices this on the national stage. The company in October reported that hackers with ties to the Chinese government may have tried to violate an agreement not to hack private firms in the U.S. for economic gain.
In Black, Kurtz also possesses perhaps the perfect pitchman; a CIO with global business technology credibility who can communicate the value of Crowdstrike to peers stung or at least frightened by emerging threats. In fact, Black has already pounded the pavement, meeting with CIOs at conferences in Dallas, Chicago and Salt Lake City to discuss Crowdstrike’s technology.
Black says his IT posture will be a “green field” approach, whereby he adopts emerging cloud systems that are easy to use and can expand globally. In preparation, he plans to establish a data architecture that enables information to flow between various cloud services, ostensibly to avoid walling off data. “What happens with a lot of these green field companies is they get into data silos,” he says.
Sign up for MIS Asia eNewsletters.