Crowdstrike CEO: Companies are 'losing trust' in Microsoft and others amid deluge of cyber threats

Crowdstrike CEO George Kurtz joins Yahoo Finance Live to discuss the surge in ransomware attacks throughout the pandemic and how fellow cybersecurity firms are losing trust in Microsoft.

Video Transcript


BRIAN SOZZI: A new survey out of cybersecurity outfit, CrowdStrike, has shown worrisome trends in the areas of Ransomware breaches, supply chain attacks, and incident detection. Notably, respondents in the survey said they are losing trust in legacy vendors, such as Microsoft. Microsoft is a CrowdStrike rival and was the only legacy vendor to be called out in this survey.

Let's bring in CrowdStrike co-founder and CEO, George Kurtz. George, always nice to see you. Thanks for taking the time here. So talk to us about this evaporating trust amongst customers of legacy platforms. Why is that happening?

GEORGE KURTZ: Well, it's happening because there's just so many vulnerabilities that are in the ecosystem that, unfortunately, organizations have to respond to. And what we called out from the survey, 63% of the respondents admit their organizations losing trust and suppliers, such as Microsoft, due to these security incidents.

And it's just a constant barrage of new security vulnerabilities that are coming out, new patches that have to be applied. And it's really starting to fatigue these IT organizations and their teams.

BRIAN SOZZI: George, I talked with someone familiar with Microsoft's cyber security operations. They told me that they are increasingly competitive with you in the space. And this report is self-serving. Now, those are their words, not mine. I mean, do you see Microsoft taking any business from you guys?

GEORGE KURTZ: Well, I can only look at the data from the survey, and that's the data that was published and it was independent from us. So first I'll start with the data. The second data point is you have to look at the vulnerabilities of Microsoft. Almost 50% from 2019 to 2020, they were up almost 1,300 vulnerabilities.

And a lot of these vulnerabilities were keying these attacks. If you look at Print Nightmare, you look at the Microsoft Exchange Vulnerabilities, you look at a lot of the authentication issues that we've seen being abused by things like Sunburst. So these are the facts. And when we talk to customers, they are increasingly concerned about the crisis and trust on Microsoft.

And that's basically the environment that we've seen. So I'd rather stick to the numbers and go through them. And I think the numbers tell a good story.

BRIAN SOZZI: Yeah. No. And your results, latest quarter, I mean, the numbers look really well. I mean, so do you think you're taking business from the likes of a Microsoft, and even a SentinelOne, I would say another legacy maker.

GEORGE KURTZ: Yeah. Well, we're taking business from the legacy providers like Microsoft, Symantec, and McAfee, for sure. And the reason we're doing that is we've built a Cloud platform focused on stopping breaches, as well as providing other relevant security services. And that is a big deal in today's environment.

When you look at things like Ransomware, we call that out in the report, the Ransomware payments are up, they're up 63% from this report to almost $1.8 million. And that's really, really important for boards of directors. It's no longer just having your computer infected and sending it back to the IT group and getting it re-imaged, it's really about business resiliency.

And we spend a lot of time with boards of directors really talking about that. Well, what happens, the scenario that everyone's concerned about, what happens if the entire organization is taken out by Ransomware? Do they pay it? Do they not pay it? And what's interesting too is that the organization in this survey who actually paid it, 96% were actually hit with extortion fees.

So it's really this double Ransomware extortion payment, that model that's out there were cyber gangs are making a tremendous amount of money.

JULIE HYMAN: George, it's Julie here. The survey that you guys conducted, or that was conducted by the independent organization, were clients of yours and customers of yours also queried as part of that?

GEORGE KURTZ: I believe it's just a survey that they figured out the participants. And I actually don't know who was queried and who wasn't. It was 2,200 IT leaders and managers. And we have no idea who was queried and who wasn't across those organizations. So I think it was done, I think, effectively. We had no idea what was being queried.

JULIE HYMAN: Right. I guess my big question is what does CrowdStrike do about this? In other words, obviously this is a big problem, the Ransomware issue. How do you see yourselves as more effective than the competition at blocking these sorts of attacks?

GEORGE KURTZ: Well, it's a good question. And when you look at what we've built from an AI perspective and a behavioral perspective, we're able to identify and predict these Ransomware attacks before they actually take place. So we've spent a tremendous amount of time training our AI algorithms. We collect about a trillion events per day, just to give you an idea. And those events get fed back into the artificial intelligence models.

And the more customers that we have that connect to our Cloud, Falcon, the smarter the platform gets. It's just community immunity approach. So one of the things that we've done is we actually back up our technology with a million dollar breach warranty. I don't see Microsoft doing that, as an example, because we're confident in what we've built. And we're protecting a lot of the largest organizations around the planet, as well as a lot of the smallest SMBs.

And I think it's a testament to what we built from an AI perspective versus things that are signature based, like Microsoft, Symantec, and McAfee.

BRIAN CHEUNG: Geroge, it's Brian Cheung here. When you talk about your competitors, how important is scale? Because on one hand, having more scale means maybe having more resources to help out your clients. But on the other hand, maybe you would prefer kind of more localized and more tailored individual approach to the individual security needs of each of the clients that you serve. So when we talk about the likes of a Microsoft having X share in the space, and you guys competing as well, do you think that scale is a good thing, or in some cases actually a bad thing when it comes to the growing space and the need for these types of cybersecurity hedges?

GEORGE KURTZ: I do think scale is important. As I said, we see a trillion events per day, just to put that into context. We see more security-related events, these are telemetry signals, than Twitter has tweets in an entire year. And that allows us to get a broad view of what's happening in the attack landscape and allows us to create better outcomes, in terms of our algorithmic outcomes of detection and prevention.

So from my view, having scale is important and I think having trust is important. And CrowdStrike really has become the gold standard for many companies is that security cloud. The Salesforce of security, if you will, the go-to company and, really, the security platform a record.

BRIAN SOZZI: George, I can't seem to figure out-- what your stock is down 30% from the November 9th high. I mean, you guys put up a very strong third quarter. I mean, does this reaction of what you're seeing in the market surprise you at all?

GEORGE KURTZ: Well, the entire market's down. I mean, any of the high growth stocks are down, as you've seen. You've got Omicron, you've got rate hikes. So the quarter we put up was absolutely spectacular. If you look at our AR growth at 67%, if you look at our operating cash flow, our free cash flow.

I mean, just records across the board. And, again, I think it's indicative of what we've built. Again, over 1,600 customer adds for the second quarter in a row. We talked about the SISA deal that we won with the US government, one of the largest wins that we've had as a company. And, really, validation of what we've built. As you might imagine, that's an extremely competitive market, that's the US government. Everybody is competing for that business, and we were selected.

So I'm extremely proud of all of our CrowdsStrikers and, certainly, all of our results. And I thank all of our customers for their trust in CrowdStrike.

BRIAN SOZZI: All right. Well, good luck this quarter. Always great to catch up with you. CrowdStrike co-founder and CEO, George Kurtz. We'll talk to you soon.