Seeking Alpha

L.D. Salmanson's  Instablog

L.D. Salmanson
Send Message
Entrepreneur, consultant, and investor. In that order.
My blog:
Systep
  • Know Thine Enemy 0 comments
    May 4, 2012 3:33 PM

    If you are like most users, you probably think that your computer, tablet, phone, or [insert latest gadget here] is safe from cyber-attacks. Not only is this notion absolutely ludicrous, but your device is probably already infected with some type of malware. You simply don't know it yet. Identifying and addressing such threats has been the focus of a great deal of effort by many in the cyber security community. However, locating the source of such threats has received far less attention (read virtually none). CrowdStrike is attempting to address this exact issue.


    As the use of various technological devices that are connected to the internet proliferates, so does the risk of such devices being compromised by various sources. There is nothing new about security threats to your devices, and Viruses (so coined by Fred Cohen in 1982), for example, have been around since the existence of the internet (or ARPANET if you insist). A whole industry has since evolved around protecting your devices from external, malicious software (malware) threats. While there are huge players in this space that have spent literally billions of R&D dollars in identifying and addressing new and emerging threats, we are far less safe than we imagine.

    The truth is that we have become so complacent and docile when it comes to malware threats that it is absolutely astonishing. In reality, we are actually less safe now than we have ever been. Just to put this statement into some context, over five and a half million attacks were blocked in 2011 (up from 3 billion in 2010), with over half of these attacks being targeted at large enterprises, including the public sector. Think of those attacks that went on undetected. As you might imagine, the top three target industries are the government and public sector, the financial sector, and the IT sector, and while the vast majority of these attacks were aimed at U.S. entities, this is by no means a local phenomenon. I would also note that with the proliferation of cloud based data centers, our data (and I use this term loosely to encompass literally everything you would want to protect, such as Social Security numbers, credit card numbers, intellectual property, corporate financial information, trading position, etc. - the list is endless) is now stored in a more centralized manner, making attacks on such centers more lucrative (a successful attack would yield more information). Attacks are also not limited to PCs or servers, and we have witnessed an explosion of attacks aimed at mobile devices as well. We really are not safe.

    While there are endless solutions out there for personal, SMB, and enterprise users, including anti-virus tools, anti-spyware tools, firewalls, and many more (there are actually many companies that provide ongoing detection and threat removal services for literally all types of entities), they all focus on identifying and addressing the actual threat (i.e. the malicious code), rather than the perpetrator. In the public sector (say the military or the FBI) this is not the case, as identifying the source is considered far more important, and being able to trace the criminal or spy is paramount. However, in the private sector little to no focus has been aimed at the actual source of the attacks (except for general statistics purposes). You might be asking yourself why this even matters, as most corporate entities would simply want to prevent such a security breach in the first place, or alternatively, remove it once discovered. The answer is simple. Detecting the source of a threat goes a long way in helping to detect, prevent, and ultimately remove future threats.

    The truth is, as CrowdStrike's President & CEO, George Kurtz (Former Chief Technology Officer & Executive Vice President of McAfee), puts it well "there is no silver bullet that will stop a determined adversary, so while the security industry attempts to build bigger fences, the enemy is bringing higher ladders to the fight." Not only will a "determined adversary" be successful, the odds are he already has been. You simply don't know it yet. Kurtz goes on to say that "the seemingly daily barrage of disclosures about companies that have had their crown jewels stolen in recent years reinforced a key principle for us - these companies don't have a malware problem, they have an adversary problem." I couldn't agree more. Unlike the competition, CrowdStrike provides a real comprehensive solution, addressing both the actual threats, as well as the actual predators, and then monitors such predators in order to prevent future attacks, or alternatively, discover and address them faster. The company will focus on the technological aspects of malware - developing tools for monitoring, detecting, and addressing threats - as well as on providing business services for its clients. To show they mean business, the services division will be led by Shawn Henry, former Executive Assistant Director of the Criminal, Cyber, Response, and Service Branch of the FBI.

    I believe these guys have really put together a stellar team, and have a really good approach on how we should be looking at future threats. Fighting yesterday's battles, as security experts have done so far, is pointless, and the future is in fighting future threats. While the company is still officially in stealth mode, I expect to hear a lot more about it really soon.

    About CrowdStrike:

    "CrowdStrike is a security technology company focused on helping enterprises and governments protect their most sensitive intellectual property and national security information. Utilizing Big-Data technologies, CrowdStrike is developing a new and innovative approach to solving today's most demanding cyber-security challenges. CrowdStrike's core mission is to fundamentally change how organizations implement and manage security in their environment."

Back To L.D. Salmanson's Instablog HomePage »

Instablogs are blogs which are instantly set up and networked within the Seeking Alpha community. Instablog posts are not selected, edited or screened by Seeking Alpha editors, in contrast to contributors' articles.

Comments (0)
Track new comments
Be the first to comment
Full index of posts »
Latest Followers
Posts by Themes
Instablogs are Seeking Alpha's free blogging platform customized for finance, with instant set up and exposure to millions of readers interested in the financial markets. Publish your own instablog in minutes.