CrowdStrike Deep Dive

Welcome to the 90th Pari Passu Newsletter.

Today we are exploring a company whose popularity has recently increased for the wrong reasons. On July 19th, more than eight million computers around the world crashed, with the cause of the crash coming from an unknown source: CrowdStrike.

In this edition of Pari Passu, we’ll delve into the cybersecurity landscape, and how CrowdStrike has differentiated itself from key competitors. As a first mover in the sector, Crowdstrike saw triple-digit growth for more than a decade and fostered one of the most loyal customer bases in software.

Yet how did such an under-the-radar company face such a disastrous crash? 

Let’s explore the story of Crowdstrike, what led to the recent outage of the Windows operating system, and how the company can take steps to avoid a future system failure.

But first, a message from 10 East

10 East, led by Michael Leffell, allows qualified individuals to invest alongside private market veterans in vetted deals across private credit, real estate, niche venture/private equity, and other one-off investments that aren’t typically available through traditional channels.   

Benefits of 10 East membership include:    

• Flexibility – members have full discretion over whether to invest on an offering-by-offering basis.   

• Alignment – principals commit material personal capital to every offering.    

• Institutional resources – a dedicated investment team that sources, monitors, and diligences each offering.   

10 East is where founders, executives, and portfolio managers from industry-leading firms diversify their personal portfolios.  

There are no upfront costs or minimum commitments associated with joining 10 East. 

Section 1: History

The First Anti-Virus Solutions

The first cybersecurity antivirus solution was launched by the company McAfee in 1987, followed by an antivirus solution that was launched by Symantec in 1991 [1].

• McAfee: is the oldest global cybersecurity company that works in all areas of computer security, and was eventually acquired by Intel in 2010 for $7.7bn.

• Symantec: is a provider that started at the same time as McAfee and is known for their “Norton antivirus software”. Symantec was acquired in 2019 by Broadcom for $10.7bn.

Anti-virus technology is a set of software solutions that aim to prevent malware from encroaching on an endpoint in a computer system [1].

• Malware: a set of malicious software in a system that enables access to sensitive information for sabotage; examples of malware include attachments, phishing emails, or malicious software that users may download, incurring dangerous software.

• Endpoints: the key input points in a software system. These endpoints consist of all types of systems from servers and desktops to mobile devices.

However, these early solutions were too slow to protect against evolving malware attacks. Specifically, the introduction of ransomware attacks in the late 2000s created an increased financial incentive for malware attackers. Ransomware is the process of using malware to access sensitive information and then hold it for ransom. Hackers could execute these attacks quickly and at a large scale which led to a 43% increase in ransomware attacks between Q4 2020 and Q1 2021 [1].

Additionally, there were several other pain points in legacy cybersecurity software that created space for disruption.

First, these legacy systems could only protect a system against malware attacks that had been previously identified as malicious [1]. 

• This became a significant issue, as more and more new malware attacks proliferated, overwhelming the prevention capabilities of legacy cybersecurity systems. 

• By 2007, 5.5mm new malware samples were identified, and by 2013 there were an estimated 400 thousand new malware samples being reported each day.

Second, many firewalls used by the legacy systems incorporate trust but verify technology to allow users to access their sensitive information. The issue with this system is that malware attacks only had to circumvent a system once to access sensitive data, as the system would verify them as a trusted actor for their future system entrances [1].

• Firewall: A firewall is a security system that controls the network traffic entering a secure system based on predetermined security rules. 

• Trust but verify: refers to a one time verification requirement to enter the sensitive system within a software platform.

Third, legacy systems use cybersecurity software that tries to stop malware throughout the system, or before it actually enters a platform that holds sensitive data [2]. 

• While in theory this strategy provides wider observability for clients, it also means that it often expands resources to monitor the stretch of the security system.

• Oftentimes, while monitoring the whole system, these wide observability solutions would miss minute malware software that could extract sensitive data unprotected.

• It was clear that this wide-stretched approach to cybersecurity was inefficient, and clients started looking for centralized software security platforms with more detailed monitoring.

It became evident to many customers that they required a cybersecurity system that adapted to security requirements, rather than providing one-time malware prevention platforms. 

Enter: Crowdstrike

Subscribe to Pari Passu Premium to read the rest.