Two months ago, seemingly out of nowhere, CrowdStrike’s co-founder Dmitri Alperovitch decided it was time to depart.
Alperovitch, who served as the cybersecurity giant’s chief technology office since its 2011 debut, said he was leaving to launch a non-profit policy accelerator. CrowdStrike named Michael Sentonas, who managed the firm’s tech strategy for three years, as his replacement.
The news came at a critical time for the maker and seller of subscription-based endpoint security software that protects against breaches and cyberattacks. The company’s stock was in recovery after it fell below its IPO price, just months after popping 90% on its first day on the public market. It was one of the biggest offerings of the year, reaching more than $11 billion in value by the end, a far cry from a decade earlier when the security giant started out as a few notes scribbled on a napkin in a hotel lobby.
And then the pandemic happened.
By the time of his appointment, Sentonas was preparing to move to the U.S. from his native Australia, but “that hasn’t been the easiest thing to work through,” he told TechCrunch in a recent call. Despite having to balance the time difference and often swapping days with nights, the newly-appointed chief technology officer says it’s largely been “business as usual” for CrowdStrike.
Here’s why.
This interview was edited for clarity and length.
TechCrunch: Two months ago, you were appointed chief technology officer at CrowdStrike. Prior to that you were vice president of tech strategy. How have things been since the promotion?
Michael Sentonas: In some respects, things have been business as usual. A lot of the work I was doing around tech strategy and longer-term vision about [what] we should be working on hasn’t changed for me. Obviously, when one of the co-founders moves on, they have big shoes to fill. So, I’ve inherited a larger team. It’s working with the team around what can I assist them with to help us continue to focus. Probably the biggest change is just being stuck here because of what’s going on around the world and just adjusting to largely covering a U.S. timezone from Australia, which isn’t easy.
That can’t be easy?
We’re a globally-spread and globally-diverse organization. The last statistic that I looked at a few weeks ago was that 70% of our staff logins are remote. I’m dealing with Europe and the U.S., that’s just the way we’re spread. It’s all around the world.
What does it mean to be the CTO? Everyone has a different take on what the role should be. What are your priorities?
I’m quite fortunate in that I partner very closely with our Chief Product Officer. That team works on our current roadmap. That affords me the opportunity to look at the longer term. I’m thinking some two, three, four-plus years out around areas that we need to be thinking about as an organization. Part of that is from a tech perspective. What’s interesting? What market shifts are happening? And part of it is doing a review of what the adversaries are doing and where we think they’re going to be moving.
A big part of what I do is in the field. I think that’s really important, because there’s no point in building a product from the inside out. You should be working with organizations around the world, understanding their problems and understanding what their teams go through.
Back to the gigantic elephant in the room. COVID-19 has shut down vast swaths of the world. Most CrowdStrike employees are working from home and CrowdStrike’s endpoint protection works largely in the cloud and works untethered from the corporate network. With that in mind, how is the pandemic affecting business?
As I say, a lot of things haven’t changed for us. The transition to go from 70% remote to nearly all remote hasn’t been a significant one for us. That hasn’t been the same for a lot of our customers — a lot of organizations that we’re dealing with at the moment.
It’s different around the world, which I think has been a really interesting learning. I’ve spoken to people in central Europe that’ve said to me, “We just don’t work from home; it’s not a thing here.” They say, “We go into work early, we work until we need to, and then we go home and pass out and come back and do it again.” This effort to move from being in an office to go on a work from home is problematic. We’re helping a lot of organizations with that transition. But the problem that they’ve got is they haven’t been ready for that shift. Some don’t even have machines to give employees.
How does the threat landscape look like right now? Are you seeing a spike in attacks?
It’s no surprise to anyone that during an event like this attackers see it as a business opportunity. It’s pretty sad but that’s the reality. We’re getting a lot of calls from people that have had issues as a result. They call us to come in and do the incident response. It’s an incredibly busy time for us right now.
I mean, we’re all working from home and so are the hackers.
We saw that towards the very end of last year and then the start of this year. What was interesting was starting to see localization of a lot of these scams, where we saw focused attacks to coronavirus, COVID-19, in Japan and then moved into other locations. We also saw scams where people are putting out fake content from the World Health Organization or the U.S. Centers for Disease Control and Prevention.
People are understandably worried about what’s going on and so they’re trying to get as much information as they can. A lot of attackers are putting out fake content around cures. In this heightened state, people are clicking on links and they’re trying to read. It’s a pretty challenging situation right now.
Notwithstanding the pandemic, what other tech challenges does CrowdStrike face?
One of the areas of technology, from a CrowdStrike perspective, is leveraging the cloud to get visibility into everything that’s going on around the world.
On a daily basis, we are seeing hundreds of millions of events from all of our connected machines that we learn about what’s going on. That’s how I can tell you what’s going on with ransomware events, with attacks that are happening by vertical or whether one country is a leading indicator for another. That number is exceeding around 500 billion events every 24 hours. And it’s a number that’s growing exponentially. We’re constantly looking to see where’s that going to get to in terms of size by the end of every quarter, or by the end of every year?
We want to keep looking at what additional data we can put in there. What additional content can we build in there? Machine-generated content because it helps and it benefits all of our customers. The more people that connect, the more telemetry that we get, the more data sources that we get, the more greater levels of efficacy and better outcomes for our customers.
How do you spend your budget? What are the things that you’re focusing on?
It’s looking at long-term strategy, two to four or five years out. It’s looking at where I think technology is going and where we think the landscape will evolve. If you look at the last three months with what’s going on with the pandemic, there’s been a massive shift towards using the cloud. That’s been an area that we’ve been researching for a number of years. That means container workloads, it’s a whole range of different cloud architecture, and serverless environments.
And finally, what demographics are most underserved by cybersecurity companies? Who — or what — should cybersecurity companies focus more on?
Certainly for me, small and medium business and what most people term the corporate segment I think is still horribly under-serviced. Banks, the airline industry, and large manufacturers have a large budget, and they know what to do. A lot of security vendors gravitate naturally to the top end of town. There’s more opportunity and there’s more security spend. It makes sense! But the world is run by small and medium business and corporate-sized organizations. The complexity for them is a huge barrier to being secure. They’re trying to run small businesses, and they’re not security experts. There’s a whole range of horribly developed technology that makes it very hard for them.
