Brought the world’s first cloud endpoint security platform. Doubled its estimated valuation of $3.3bil to over $6.0bil post IPO. Created an early stage investment fund in partnership with one of its investors—CrowdStrike is unstoppable and one of the world’s top cybersecurity companies to watch out for—how did it arrive at where it’s at today?

On 30 September, we were honoured to have George Kurtz, CEO of CrowdStrike, as an ICE71 guest speaker to share his CrowdStrike journey with us, and how a startup might become the next big thing.

How it all began

“My journey into cybersecurity was happenstance,” says George. But this happenstance would never have happened if not for his interest in business, a programming background and a penchant for wanting to break the status quo.

George was always good with computers but chose to do accounting. After college, he spent the early days of his career at PriceWaterhouse (now known as PriceWaterhouseCoopers or PwC after its merger with Coopers & Lybrand in 1998). There, George automated a bunch of audit tasks which would normally take hours to complete. That move opened doors into the consulting group, and as he showed talent in the area of security, he became one of the first few members of PriceWaterhouse’s security team.

He then founded information security company, Foundstone, which was acquired by McAfee in 2004, and was chief technology officer of McAfee for a good few years. He is also co-author of the best-selling security book “Hacking Exposed: Network Security Secrets & Solutions.” The rest, they say, is history.

CrowdStrike’s journey

A series of events led George to start CrowdStrike in 2011. But what really inspired him was that a lot of money were being spent on cybersecurity, and yet breaches were still rampant. The entire security industry seemed to be focused on containing breaches instead of stopping them, a big reason why the founders started the company.

“No one had created a cloud platform for security back then, although there were a lot of companies that were firewall companies or legacy antivirus companies. So we thought we could create a cloud security platform and really focus on stopping breaches as opposed to just stopping malware,” he said.

A fateful encounter in the air while he was with McAfee contributed to his trajectory towards CrowdStrike. Seeing a fellow plane passenger experiencing less than desirable UX with a McAfee security program, he thought, “There must be a better way forward.” McAfee eventually got acquired by Intel, and he went on to start CrowdStrike not too long after.

Warburg Pincus, one of CrowdStrike’s earliest VC investors, had pursued George for over 6 years before CrowdStrike existed. The VC made an initial investment of $25 million for CrowdStrike after George gave a 25-slide pitch. When CrowdStrike reached its valuation in billions, Warburg Pincus saw multiple returns of investment.

“We had a good idea and good investors, but what really drove CrowdStrike was that the cloud was bigger than security.”

– George Kurtz

Riding on waves: The cloud is bigger than security

Being an endpoint cloud company wasn’t fashionable when CrowdStrike first started. There were potential clients who liked their product but wanted an on-premise solution. CrowdStrike said no.

And down the road, that decision to remain cloud-only turned out to be right. “Ultimately, if you want to be a cloud pillar for solutions like Salesforce and ServiceNow, you have got to be a cloud native, which is what we did. There have been Swiss banks I have talked to in the past that said they were never going to do cloud. Today, many of them are large customers of CrowdStrike. The cloud is much bigger than us. We are riding the waves of technology adoption, with security as a parallel,” George said.

Your first customers are important

George shared that having good relationships with the earliest customers made a difference. CrowdStrike’s first customer had a longstanding relationship with them and had enough conviction to onboard their product. Happy customers ultimately become advocates.

It also pays to connect with Chief Information Security Officers (CISOs), and with those who are forward-thinking and constantly seek innovation for their companies.

Startups: Good to be small and focused

George believes that there is a place for cybersecurity startups to work with corporates as startups are more flexible and provide specialised products.

“There are specialised startups, whether it’s for endpoint security, cloud security, identity, or something else,” he said.

“Because the cybersecurity adversaries are always changing their tactics, you have to evolve and be nimble, and I think there is a good opportunity for startups as they are nimble.”

– George Kurtz

Bigger, on-premise security providers can be bogged down by legacy issues caused by large installation bases and old client server architecture.

“From a startup perspective, you want to find somebody who’s really interested in driving innovation and realise he can get a small company to solve real problems with specialised solutions,” George said.

Nurturing the future of cybersecurity

CrowdStrike, in partnership with Accel, has established the Falcon Fund for early stage startups to get funding while tapping on CrowdStrike’s Falcon platform to build their own security and IT applications, which can then be rapidly delivered to a huge number of customers via the CrowdStrike Store. Like Amazon marketplace for business owners, this overcomes the need to build complex infrastructure and reduces the cost for startups to bring their products to market.

CrowdStrike also hopes to nurture more cybersecurity talents. Under the CrowdStrike Foundation, it funds scholarships and research in the area of cybersecurity.

For more articles and updates like this, follow us on our ICE71 social media channels!