Why Cylance? (Part 2)

So I revealed my “big secret” in my inaugural corporate blog post on December 4, 2012 called “Why Cylance?” In that blog I shared my painful and humbling past, which ultimately turned a tragedy into my passion today (and probably my salvation). That single airplane event in 1989 sent me on my course, and I rarely look back except to honor those that shared my experience and those who did not make it.

Objective Evidence

One of my computer science professors once said, “if you can measure it, you can manage it.” And that pithy phrase was an epiphany for me. While I have spent much of my professional career passionate about security and metrics in general, the thought of controlling my world through math and statistics empowered me. The idea of using universal laws to improve my world seemed to be the answer to controlling, in some way, my uncontrollable world. So I pursued that path.

Stuart McClure, CEO/President of Cylance, Inc.

I spent much of my security career building large security models favoring quantitative over qualitative metrics to measure my current security and record my improvement day to day. But after 20 years of building these painstaking models, I have discovered one important tidbit – they just don’t matter. Why? If the foundation of our metrics system is fluid, we can hardly hope to measure improvement. A gelatinous foundation creates a metrics moving target, nearly impossible to improve upon. An unstable foundation is one that has no solid base from which to work.

Forward into the darkness

So here we stand, some 25+ years after the security industry really got off the ground – at the precipice looking into the abyss of morass. We know the techniques of the hacker. We even know how to stop them. But we don’t do it. Don’t believe me? Just dust off the 1st edition of “Hacking Exposed” (and every subsequent edition). In that book we literally wrote the book on advanced hacking techniques long before APT was a three letter word. In fact the Air Force team that first coined that acronym was one of the biggest purchasers of the “Hacking Exposed” book. In even that very first edition, written in 1997 and published in 1999, we painstakingly enumerate the ways the hacker gains access to systems, networks, applications and databases, in nearly every form and fashion. And we went to great lengths to discuss the fixes, changes, products, education and mitigating countermeasures that would reduce and eliminate the risks found in the book. And those techniques have been updated in seven editions and work successfully to this very day. But here we are some 15 years after I started writing that book and it certainly feels we are no further along.

I am often asked to meet with senior security teams to discuss today’s “Advanced” threats. Everyone wants to know how to affect the “Kill Chain” (Monitor, Detect, Prevent, Respond and Cleanup) in the most effective way. But no one sees the problem with the question. We build these models of protection with “prevention” AFTER the Monitoring and Detecting – in other words after the bad guys get in. So I remind them of the “Hacking Exposed” book and the sleepless nights spent researching and documenting the most effective countermeasures. I remind them that we CAN stop them BEFORE they get in. We just have to apply what we already KNOW.

So that is what we strive for here at Cylance. We are passionate about online protection and empowerment. We are passionate about simple and silent solutions. We are passionate about preventing over responding.

As anyone who pushes themselves knows: you can’t always be prepared, experienced and perfect when trying new things. In fact, you have to get pretty comfortable with not knowing everything about the world ahead of you. No matter the great inventor, thinker or change-agent of the past, solving big problems is at the heart of any worthwhile adventure. As one old friend on the ski slopes of Colorado once told me, “if you don’t have snow on you at the end of the day, you just aren’t trying hard enough.” So that is what we are doing. Making a difference. Solving difficult and foundational problems. And we will not give up.