The Groundhog is Dead

For years, one of my favorite movies has been Groundhog Day, which chronicles the tale of a narcissistic weatherman doomed to live the same day over and over again. This maddening process makes him feel none too different from the way I’ve felt professionally when, over the years, I’ve found myself time and again battling the same threats and vulnerabilities over and over, as though stuck in a cycle from which I could never break free.

Well, I’ve got great news for you: the groundhog is dead! Impaled by the prowess now brought to the battle space by Cylance® and its ground-breaking technology that combines the powerful application of mathematical modeling with artificial intelligence and machine learning. I’m so impressed by what Cylance is bringing to the endpoint protection battle space that I’m excited to announce that as of today, I’m joining their ranks as their new VP and Ambassador-at-Large.

Moving Further Down the Kill Chain

Cylance has, for a number of months, been a critical partner of Dell, with their endpoint security products made available as a ‘top shelf’ option one could choose when purchasing the Dell Data Protection/Encryption solution. So this transition for me is less of a move away from Dell, where I’ve served these last five years as its CSO, as it is a logical next step, moving further along Dell’s “kill chain” to what I consider to be the pointed end of the spear, where (true to my philosophical roots) I believe I can now bring what will be the “greatest good - to the greatest number - in the shortest period of time.”

I believe that CylancePROTECT® is truly disruptive—unlike anything I’ve seen in the last two decades of my security career. As Cylance’s co-founder and CEO Stuart McClure once observed, “The fundamental flaw in today’s cybersecurity infrastructure is that detection happens BEFORE prevention. Human-generated signatures, based primarily on previously discovered samples, have failed to solve the problem as zero-day malware continues to operate silently and unimpeded.” 

Wielding the strength and speed that comes from having mapped the genomic structure of computer files, Cylance can detect in less than 100 milliseconds any deviation by an adversary from the pure file characteristics of the hundreds of thousands of files continually analyzed and classified by Cylance. Files are broken down to an atomic level in real time, constricting the battle space and enabling Cylance’s artificially-intelligent agent to discern whether an object is “good” or “bad”. Cylance’s endpoint protection products are capable of detecting and quarantining malware in both open and isolated networks, and all without the need for an Internet connection or continual signature updates - a practice that has in the past proven so problematic in large and even small corporate environments.

Cylance’s mathematical approach stops the execution of harmful code, regardless of whether the cybersecurity community as a whole has prior knowledge of it, or whether an adversary is employing a novel or otherwise unknown obfuscation technique.

Cylance: Cybersecurity for an Insecure World

What really sold me on Cylance, however, was an independent test we ran at my former employer after a particularly painful and costly advanced persistent threat (APT) attack. Replicating the attack sequence after the fact in our lab, we determined that if we’d had CylancePROTECT up and running at the time of the attack, the adversary would not have gained entrance.

While I have been grateful over the years for the threat capture rate of 20% offered by some of my historic industry partners, those rates of capture or deflection just don’t cut it in comparison to Cylance, whose success rates I’ve seen personally validated in the realm of six sigma (99.9%).

The proactively predictive capabilities of Cylance’s mathematical modeling and continuous machine learning have infused new life into my professional aspirations. Given my limited cognitive capabilities and physical endurance to keep up with the cadence, volume, and sophistication of modern threats, I do not know how much longer I could have persisted in the groundhog’s ever-repeating, head-in-the-sand world of the reactive, particularly in today’s interconnected cyber-landscape, characterized by ever-growing physical connectivity and resource constraints.

Cylance changes and redefines all that, and heartens me with the knowledge that there is one pure form of the “continuous” that I welcome - that of continuous learning and training based on new data and new techniques. To that end, I believe that the Cylance engine is truly “future-proof” and will not lose efficiency over time, even as attackers morph their strategies as we fully know they will.

In that battle, I look forward now to “locking shields” with all of you.

John McClurg
Cylance VP and Ambassador-at-Large