Why ICS security startup Dragos’ CEO puts a premium on people not profits

Written in its company’s handbook, there’s one rule for working at Dragos. “Don’t be an asshole.”

“The first key to our success is our people and that we hire good people,” said Robert Lee, the company’s founder and chief executive, in an interview with TechCrunch. “I think building a successful team is about having a standard and saying that I expect you all to be adults and not need a million HR policies,” he said.

Lee’s management approach revolves around his company’s greatest asset — his staff. With 125 employees, the company has seen rapid growth since its founding in 2016 but puts great importance on maintaining the company’s relaxed but productive culture.

Lee said he doesn’t want to change its culture dynamics by growing too fast, micromanaging, or burdening his staff with strict expense policies. “If you’re stuck laid over at night, but you see there’s one seat left on a redeye and it’s a first class seat that’s going to cost six times more but it gets you home — go for it,” he said.

But he doesn’t compromise on his “don’t be an asshole” rule. “Say something sexist and a Slack channel? Yeah, you’re fired,” he said.

Lee founded Dragos after working as a former cyber warfare operations officer at the National Security Agency. Dragos works to secure industrial control systems (ICS), the necessary devices crucial to the continued operations of power plants, energy suppliers and other critical infrastructure.

Lee described ICS security as “all of the things in I.T. plus physics.” In other words, it’s about finding the threats targeting critical infrastructure facilities and understanding how the hackers work in order to stop hackers from controlling the gas turbines in power facility, for example.

Once a plot from a science fiction film, powerful malware like Stuxnet and Triton have emerged in recent years and targeted facilities — with near-disastrous consequences.