News
CrowdStrike CEO George Kurtz on China, Microsoft and the SEC
Published
5 months agoon
By
New Yorker
CrowdStrike Chief Executive George Kurtz is photographed in the company’s offices.
Katie Falkenberg | Los Angeles Times | Getty Images
CrowdStrike CEO George Kurtz has had a banner year. The cybersecurity firm has seen its stock price surge more than 135%, beating out larger rivals and the broader indexes. It’s continued to grow its annual recurring revenue, albeit slower than years past, and in an interview with CNBC, Kurtz said CrowdStrike’s path to $10 billion in recurring revenue within seven years remained achievable.
The successes come as cybersecurity risks weigh heavier than ever on investors and executives. Beginning Monday, public companies will be required to disclose “material” cybersecurity incidents. The new rules from the Securities and Exchange Commission formalize an already acknowledged reality for executives: investors deserve to know when hacks hit corporate bottom lines.
“What you’re seeing with the SEC and mandatory disclosure,” Kurtz told CNBC, “is really the fact that cybersecurity used to be a backroom operation and now it’s really front and center in the boardroom.”
The new regulations will likely offer upside for CrowdStrike, Kurtz said. The company does a brisk business selling its Falcon security platform, which protects millions of its clients’ computers from hackers, but it also has a professional services unit that helps companies large and small respond to hackers who are already in their systems.
The latter business has seen double-digit growth year over year, according to financial filings. A rash of high-profile hacks — the kind of incidents that the new SEC rules will apply to — have hit victims’ market caps hard. In the last six months, for example, the same hacking group crippled operations at Caesars Entertainment, Clorox and MGM Resorts. Caesars paid out $15 million in ransom, sources previously told CNBC, while MGM took a $100 million hit for the quarter.
Responding to hacks makes for great business. For every dollar companies paid CrowdStrike to respond to hacks, CrowStrike collected roughly $6 on average in new subscription revenue, Kurtz said. CrowdStrike’s professional services unit — the emergency response side of the business — saw revenue grow 57% year over year in its most recent quarter.
“In most organizations, it’s not an if, it’s a when,” Kurtz said, referring to the inevitability of a hack. For public companies suffering a breach, the intelligence CrowdStrike gathers responding to incidents will likely form a big part of deciding whether boardrooms need to disclose a hack or not.
“It’s not something we can answer” for companies, Kurtz said.
While incident response is good business for CrowdStrike, Kurtz emphasized that CrowdStrike’s main focus is “to help customers prevent these sorts of attacks upfront and provide visibility.”
CrowdStrike has also focused on growing its sales to government agencies — building on the public-private partnerships that underpin U.S. cyberdefense.
“I think there is a real recognition of the threats that are out there,” Kurtz said of the Cybersecurity and Infrastructure Security Agency, and its director, Jen Easterly. “It takes longer than I think anyone would like in government, but we’ve seen progress over the years.”
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly testifies before a House Homeland Security Subcommittee, at the Rayburn House Office Building on April 28, 2022 in Washington, DC.
Kevin Dietsch | Getty Images
The Biden administration, including Easterly, has emphasized that cybersecurity is a matter of national security. Like many companies, including Google Cloud’s Mandiant, CrowdStrike works closely with the government to analyze and respond to hacks, including those emanating from actors aligned with China and Russia.
Much of that work is done behind the scenes, given the national security and diplomatic implications.
Still, the CrowdStrike CEO did not hold back in criticizing Microsoft’s response to a high-profile breach that shook the U.S government earlier this year, when Microsoft security keys were stolen by Chinese intelligence and used to hack into the State and Commerce departments.
“It’s odd to me that they didn’t file an 8-K, given the extent — literally their certificates being stolen and used to break into the government,” Kurtz said, referring to the regulatory filing companies make when a “material” event has occurred. His words echo a familiar refrain for CrowdStrike, which has highlighted security risks associated with Microsoft software in its sales pitches. But others, including Sen. Ron Wyden, D-Ore., have said much the same.
Microsoft did not respond to CNBC’s request for comment.
Kurtz doesn’t think 2024 will be any better for businesses large or small. The advent of readily available artificial tools could make both social engineering attacks — exploiting vulnerabilities in human operators — and software-driven attacks more potent.
The risk from China remains constant, despite an apparent lessening in tensions following Chinese President Xi Jinping’s visit to San Francisco. “In 2023, I don’t know that there is any sector that is exempt from being worried about China,” Kurtz said.
“If you’re the smallest SMB, maybe you won’t be subject to attack,” Kurtz said, referring to small to medium-sized businesses. “But at the end of the day, you may have some interaction with another company that they really care about. Whether it’s China or other adversaries, you might just be part of the collateral damage to get to a larger objective.”
Source: CNBC
How Quvenzhané Wallis Spent Her Break From Hollywood "Being Normal"
What It’s Like to Have the Same Name as Taylor Swift (Yes, Really!)
My ‘Flu’ Symptoms Turned Out to Be Early Signs of a Stroke
Paris mayor confident River Seine’s water quality good enough for Olympic swimming
Seattle mayor joins tech leaders on Homeland Security’s new AI safety and security board
This Easy Addition to Your Egg Muffins Will Double Your Protein at Breakfast
17 Comforting Recipes to Bring to a Friend Who Is Grieving
Olivia Munn’s Cancer Treatment Led to ‘Medically Induced Menopause’—Here’s What That Means
The Truth About Popular Sleep Supplements, From Magnesium to Melatonin
What My First Time Having Sex After Giving Birth Felt Like
I Tried These AI-Based Productivity Tools. Here’s What Happened
‘You Give Love a Bad Name’ Wasn’t Meant for Bon Jovi Even Though They Wrote It
Chinese EV makers zooming by pioneer Tesla – Asia Times
Jayson Tatum calls Kristaps Porzingis ‘most important guy’ on Celtics after Game 3 win vs. Heat
The Mysterious ‘Dark’ Energy That Permeates the Universe Is Slowly Eroding
Trending
-
News34 mins ago
Chinese EV makers zooming by pioneer Tesla – Asia Times
-
News1 hour ago
Biden places politics over strategy in US Steel sale – Asia Times
-
News1 hour ago
‘SNL’ Star Colin Jost Ends Brutal Roast With Heartfelt Biden Endorsement
-
News1 hour ago
Takeaways: Bruins have rattled Maple Leafs on the ropes
-
News52 mins ago
Harvey Weinstein hospitalized after returning to New York’s Rikers Island jail
-
Tech1 hour ago
Why Germany ditched nuclear before coal—and why it won’t go back
-
News50 mins ago
Climate activist who defaced sculpture at National Gallery of Art charged
-
Tech1 hour ago
‘The Everything War’: Inside Amazon with author and Wall Street Journal reporter Dana Mattioli