When Google disclosed nearly four years ago that it had been victimized as part of China's Operation Aurora, an international furor ensued.
Then-secretary of State Hillary Clinton denounced China; Google shut down its Shanghai offices; and two senior McAfee executives centrally involved in the Operation Aurora revelations -- George Kurtz and Dmitri Alperovitch -- quit their corporate posts to co-found CrowdStrike.
On Monday, CrowdStrike announced it has received $30 million in venture funding. Kurtz and Alperovitch say the cash will be used to help stem the draining of U.S. intellectual capital to nation-state enemies, which has continued unabated.
And last Thursday, data analytics start-up AlienVault snagged $26 million to do much the same.
CrowdStrike and AlienVault are the two latest recipients of a flood of investment capital being poured into new technologies to make corporate networks less porous to data thieves and cyberspies.
What we are witnessing is the transition away from increasingly ineffective firewalls and anti-virus blacklists to new systems that assume that the bad guys are deep inside most corporate networks -- and that the smartest thing to do is to go find and eradicate them.
Gartner estimates that companies globally will spend $3.2 billion -- and consumers $5.1 billion -- on traditional anti-virus software this year. But venture capitalists are betting that companies will have to spend billions more in years to come on the next generation of intelligent cyberdefenses.
CrowdStrike and AlienVault are among several start-ups turning crowdsourcing and big data analytics into new defensive weaponry. AlienVault's Open Threat Exchange is a system where more than 9,500 customers share threat intelligence information.
Kurtz says it's high time for the good guys to do more than try to deflect bullets ceaselessly fired by the bad guys. "In the real world you wouldn't ask if it's a 9mm bullet or .45-caliber whizzing by your head," says Kurtz. "You'd get out of the way and find out who is shooting at you and why."
CrowdStrike has assembled a stable of investigators who continually amass and update dossiers on the top attack groups. Investigators pore over telemetry data of Internet traffic arriving in corporate networks. And they correlate that information with insights gained from active forensic investigations.
"It's really kind of an iterative system of collecting data from incident response engagements and from customers using our technology," says Kurtz. "The system gets smarter and smarter the more we see how adversaries break in and steal information."
Rare is the corporation whose network has not yet been breached, says venture capitalist Sameer Gandhi, of Accel Partners. "This new class of cybersecurity technology gives companies a new weapon to "find these adversary groups and compress the window of time they have to do damage on any network."
© 2013 USA TODAY under contract with YellowBrix. All rights reserved.
Posted: 2013-09-13 @ 5:38pm PT
Really interesting, thanks!
I think that you would be really interested in some recent research that I have come across about crowds and citizen science. In particular I feel you may find these two emerging pieces of research very relevant:
- The Theory of Crowd Capital
- The Contours of Crowd Capability