Meet the $1 Billion Startup Busting Cybersecurity’s Greatest Myth
Meet the $1 Billion Startup Busting Cybersecurity’s Greatest Myth
Read Original Article
November 22, 2016 • By Will Yakowicz
In 2011, during his final year as McAfee’s global chief technology officer, cybersecurity researcher and entrepreneur Stuart McClure found himself apologizing constantly. Hackers were slipping into customer networks, and each new breach seemed worse than the last. After every incident, McClure met with major corporate clients to explain why their defenses had failed. At the end of each meeting, someone would inevitably ask what security software he personally used to protect his own machine—expecting a long list of advanced tools. Instead, McClure revealed a secret: he didn’t use any security software at all, not even McAfee’s.
He told customers he relied only on his own habits and awareness, because the fundamental techniques for breaching networks rarely change. If he could prevent attacks through behavior, he wondered why a computer couldn’t be trained to do the same.
That idea became the seed for Cylance, founded in 2012 in Irvine, California, by McClure and McAfee’s former chief scientist, Ryan Permeh. McClure believed that, despite what large security vendors claimed, there were only a handful of reliable ways to break into a system. Someone who understands how a system works also understands how attackers get in—and how to stop them.
Cylance quickly attracted high-profile clients such as Toyota, Gap, WWE, Panasonic, and many others it could not publicly name. Its biggest validation came in 2016 when the U.S. House Committee on Oversight and Government Reform credited Cylance for identifying and resolving the catastrophic breach at the Office of Personnel Management. Before Cylance intervened, attackers had stolen the sensitive personal data of 21.5 million current and former federal employees.
Momentum continued to build. Dell announced it would ship Cylance’s technology on machines sold to corporate customers. Major investors, including Blackstone, Insight Venture Partners, and Khosla Ventures, poured $177 million into the company, pushing its valuation to $1.1 billion. Cylance also ranked 26th on the Inc. 5000 list, with revenue climbing from 2012 to $11.1 million in 2015—a growth rate of 7,613 percent.
What set Cylance apart was its commitment to prevention rather than detection. Traditional antivirus tools depend heavily on humans: researchers discover a virus, assign a signature, name it, and distribute updates—a slow, error-prone process. Cylance focused on teaching machines to learn patterns of malicious behavior on their own.
Permeh explains the logic: attackers evolve slowly, making only incremental changes to their tools. Their methods may look new, but the underlying mechanics rarely shift. This stability makes it possible to plan around known vulnerabilities and teach machines to recognize threats without relying on human analysts.
McClure describes Cylance’s machine-learning model as continuously improving through iterative experiences, much like a human brain. The more data it processes, the more accurately it identifies threats. Although many in the industry believed prevention was impossible—especially after major breaches at global companies and governments—McClure maintained that most attacks were preventable. He had studied the earliest autonomous malware in the 1980s, co-authored Hacking Exposed, and sold his first startup, Foundstone, to McAfee in 2004. His former partner, George Kurtz, went on to create CrowdStrike, a major competitor focused on detection. Both companies eventually reached billion-dollar valuations.
McClure insisted that while perfect security doesn’t exist, machine learning made it possible to stop attackers who rely on well-worn techniques.
Bold conviction was central to Cylance’s rise. Before any code had been written, McClure outlined the entire company’s premise to investor Mark Hatfield on a napkin—explaining why antivirus software failed, how machine learning would radically outperform it, and how they would build a superior product within two years. Hatfield backed the vision immediately.
McClure’s clarity and expertise inspired confidence among investors and customers. As Jay Leek of Blackstone put it, people followed McClure because he understood the problem better than anyone.
By 2014, Cylance was securing more than three million computer networks. That same year, the company uncovered an Iranian hacking campaign that had infiltrated airports worldwide and printed fraudulent security badges. The discovery reinforced McClure and Permeh’s belief that prevention, not detection, was the future.
Permeh summed it up: most major breaches aren’t especially sophisticated. The real danger is the vast amount of malware already circulating inside networks. Cylance’s mission was to let machines do what they do best—analyze massive datasets, identify malicious patterns, and stop attacks before they begin.
Read Original Article
November 22, 2016 • By Will Yakowicz
In 2011, during his final year as McAfee’s global chief technology officer, cybersecurity researcher and entrepreneur Stuart McClure found himself apologizing constantly. Hackers were slipping into customer networks, and each new breach seemed worse than the last. After every incident, McClure met with major corporate clients to explain why their defenses had failed. At the end of each meeting, someone would inevitably ask what security software he personally used to protect his own machine—expecting a long list of advanced tools. Instead, McClure revealed a secret: he didn’t use any security software at all, not even McAfee’s.
He told customers he relied only on his own habits and awareness, because the fundamental techniques for breaching networks rarely change. If he could prevent attacks through behavior, he wondered why a computer couldn’t be trained to do the same.
That idea became the seed for Cylance, founded in 2012 in Irvine, California, by McClure and McAfee’s former chief scientist, Ryan Permeh. McClure believed that, despite what large security vendors claimed, there were only a handful of reliable ways to break into a system. Someone who understands how a system works also understands how attackers get in—and how to stop them.
Cylance quickly attracted high-profile clients such as Toyota, Gap, WWE, Panasonic, and many others it could not publicly name. Its biggest validation came in 2016 when the U.S. House Committee on Oversight and Government Reform credited Cylance for identifying and resolving the catastrophic breach at the Office of Personnel Management. Before Cylance intervened, attackers had stolen the sensitive personal data of 21.5 million current and former federal employees.
Momentum continued to build. Dell announced it would ship Cylance’s technology on machines sold to corporate customers. Major investors, including Blackstone, Insight Venture Partners, and Khosla Ventures, poured $177 million into the company, pushing its valuation to $1.1 billion. Cylance also ranked 26th on the Inc. 5000 list, with revenue climbing from 2012 to $11.1 million in 2015—a growth rate of 7,613 percent.
What set Cylance apart was its commitment to prevention rather than detection. Traditional antivirus tools depend heavily on humans: researchers discover a virus, assign a signature, name it, and distribute updates—a slow, error-prone process. Cylance focused on teaching machines to learn patterns of malicious behavior on their own.
Permeh explains the logic: attackers evolve slowly, making only incremental changes to their tools. Their methods may look new, but the underlying mechanics rarely shift. This stability makes it possible to plan around known vulnerabilities and teach machines to recognize threats without relying on human analysts.
McClure describes Cylance’s machine-learning model as continuously improving through iterative experiences, much like a human brain. The more data it processes, the more accurately it identifies threats. Although many in the industry believed prevention was impossible—especially after major breaches at global companies and governments—McClure maintained that most attacks were preventable. He had studied the earliest autonomous malware in the 1980s, co-authored Hacking Exposed, and sold his first startup, Foundstone, to McAfee in 2004. His former partner, George Kurtz, went on to create CrowdStrike, a major competitor focused on detection. Both companies eventually reached billion-dollar valuations.
McClure insisted that while perfect security doesn’t exist, machine learning made it possible to stop attackers who rely on well-worn techniques.
Bold conviction was central to Cylance’s rise. Before any code had been written, McClure outlined the entire company’s premise to investor Mark Hatfield on a napkin—explaining why antivirus software failed, how machine learning would radically outperform it, and how they would build a superior product within two years. Hatfield backed the vision immediately.
McClure’s clarity and expertise inspired confidence among investors and customers. As Jay Leek of Blackstone put it, people followed McClure because he understood the problem better than anyone.
By 2014, Cylance was securing more than three million computer networks. That same year, the company uncovered an Iranian hacking campaign that had infiltrated airports worldwide and printed fraudulent security badges. The discovery reinforced McClure and Permeh’s belief that prevention, not detection, was the future.
Permeh summed it up: most major breaches aren’t especially sophisticated. The real danger is the vast amount of malware already circulating inside networks. Cylance’s mission was to let machines do what they do best—analyze massive datasets, identify malicious patterns, and stop attacks before they begin.
Read Original Article
November 22, 2016 • By Will Yakowicz
In 2011, during his final year as McAfee’s global chief technology officer, cybersecurity researcher and entrepreneur Stuart McClure found himself apologizing constantly. Hackers were slipping into customer networks, and each new breach seemed worse than the last. After every incident, McClure met with major corporate clients to explain why their defenses had failed. At the end of each meeting, someone would inevitably ask what security software he personally used to protect his own machine—expecting a long list of advanced tools. Instead, McClure revealed a secret: he didn’t use any security software at all, not even McAfee’s.
He told customers he relied only on his own habits and awareness, because the fundamental techniques for breaching networks rarely change. If he could prevent attacks through behavior, he wondered why a computer couldn’t be trained to do the same.
That idea became the seed for Cylance, founded in 2012 in Irvine, California, by McClure and McAfee’s former chief scientist, Ryan Permeh. McClure believed that, despite what large security vendors claimed, there were only a handful of reliable ways to break into a system. Someone who understands how a system works also understands how attackers get in—and how to stop them.
Cylance quickly attracted high-profile clients such as Toyota, Gap, WWE, Panasonic, and many others it could not publicly name. Its biggest validation came in 2016 when the U.S. House Committee on Oversight and Government Reform credited Cylance for identifying and resolving the catastrophic breach at the Office of Personnel Management. Before Cylance intervened, attackers had stolen the sensitive personal data of 21.5 million current and former federal employees.
Momentum continued to build. Dell announced it would ship Cylance’s technology on machines sold to corporate customers. Major investors, including Blackstone, Insight Venture Partners, and Khosla Ventures, poured $177 million into the company, pushing its valuation to $1.1 billion. Cylance also ranked 26th on the Inc. 5000 list, with revenue climbing from 2012 to $11.1 million in 2015—a growth rate of 7,613 percent.
What set Cylance apart was its commitment to prevention rather than detection. Traditional antivirus tools depend heavily on humans: researchers discover a virus, assign a signature, name it, and distribute updates—a slow, error-prone process. Cylance focused on teaching machines to learn patterns of malicious behavior on their own.
Permeh explains the logic: attackers evolve slowly, making only incremental changes to their tools. Their methods may look new, but the underlying mechanics rarely shift. This stability makes it possible to plan around known vulnerabilities and teach machines to recognize threats without relying on human analysts.
McClure describes Cylance’s machine-learning model as continuously improving through iterative experiences, much like a human brain. The more data it processes, the more accurately it identifies threats. Although many in the industry believed prevention was impossible—especially after major breaches at global companies and governments—McClure maintained that most attacks were preventable. He had studied the earliest autonomous malware in the 1980s, co-authored Hacking Exposed, and sold his first startup, Foundstone, to McAfee in 2004. His former partner, George Kurtz, went on to create CrowdStrike, a major competitor focused on detection. Both companies eventually reached billion-dollar valuations.
McClure insisted that while perfect security doesn’t exist, machine learning made it possible to stop attackers who rely on well-worn techniques.
Bold conviction was central to Cylance’s rise. Before any code had been written, McClure outlined the entire company’s premise to investor Mark Hatfield on a napkin—explaining why antivirus software failed, how machine learning would radically outperform it, and how they would build a superior product within two years. Hatfield backed the vision immediately.
McClure’s clarity and expertise inspired confidence among investors and customers. As Jay Leek of Blackstone put it, people followed McClure because he understood the problem better than anyone.
By 2014, Cylance was securing more than three million computer networks. That same year, the company uncovered an Iranian hacking campaign that had infiltrated airports worldwide and printed fraudulent security badges. The discovery reinforced McClure and Permeh’s belief that prevention, not detection, was the future.
Permeh summed it up: most major breaches aren’t especially sophisticated. The real danger is the vast amount of malware already circulating inside networks. Cylance’s mission was to let machines do what they do best—analyze massive datasets, identify malicious patterns, and stop attacks before they begin.