A little about George’s background
George has always loved computers, even as a child. He started programming in fourth grade on a Commodore CP/M. But when he got to college, he was determined to get a business degree. So, he majored in accounting. As a result, this led him to join Price Waterhouse as an intern in 1993 post-graduation. It was during this stint that he began creating programs to help with the tedious process of data input. Someone took notice of George’s initiative and drafted him into the PwC computer security group. He was the fifth person on the team. At this time, firewall was just starting to become commercially available and George was put in charge of figuring out how to make it work.
Transition to entrepreneur
In 1999, George saw an opportunity in vulnerability assessment for large enterprises and decided to make the leap into entrepreneurship. He jumped in head-first to start his first company, Foundstone. After raising $3.5M in VC funding, he began learning the ropes of running his own business. But when it came time to raise more money in 2001, we were in a nuclear winter. So George hit the pavement and started pitching. It was a taxing process, but eventually he found the right fit and Foundstone went on to raise their Series A and eventually acquired by McAfee in 2004.
George’s leadership style
When it comes to hiring a go-to-market team, George looks for someone with a combination of hunger, grit, and book smarts. His go-to question in an interview is “What drives you more, the will to win or the hatred to lose?” In his experience, it’s usually the people who hate to lose who are often the most driven. And while this drive is extremely important to success, it is equally as important that a hire is a team player and strong cultural fit. As George puts it, “you need to want to collectively win with the team.”
Founding story of Crowdstrike
After selling Founstone to McAfee, George spent seven more years there. Just as he was getting ready to move on, a new CEO joined and refreshed the executive team so George stuck around, as the CTO, to help him rebuild for a couple more years. It turned out to be a great experience, ultimately revealing to George how challenged the security industry really was. At this time, most major security companies were focused on stopping malware, when they should have been thinking about stopping a breach. There was no foundational cloud platform company in security. So, he thought to himself, How do we create endpoint security from the cloud itself? In the early days, this was not a popular topic. The cloud scared people and as a result they saw some pushback from customers. But, this fear of the cloud helped shape his founding thesis for Crowdstrike.
On running a hybrid service model
Crowdstrike was founded as a cloud-native endpoint security company. Today, they are 90% subscription and 10% time and material. That 10% essentially serves as a triage team. Crowdstrike will swoop in after an attack and clean up the security problem. Most of the time, those customers end up joining his other 90% in subscriptions. George learned how to manage this balance well at Foundstone and brought this lead-gen model to Crowdstrike.
When he started Foundstone, George didn’t have the flexibility to be picky with his investors. This resulted in some hard lessons, including selling Foundstone earlier than he was ready to. After receiving their funding in 1999, it became obvious that his investors needed an exit in 2004 to raise their next fund. So, in an effort to not repeat that mistake, George handpicked the investors for Crowdstrike. “I wanted to make sure I wouldn’t be pushed into a sale too early again,” he says. He did this by surrounding himself with people he could trust and who understood the vision.
The scale up journey
As everyone knows, you have to scale in phases. When Crowdstrike went public, they had a launch team of 20 people who were all there from the very beginning. But this is not always the case. You just have to figure out the right team for each phase. George was lucky to find people who were able to grow with him at each phase, including the IPO. When building your go-to-market team, you need to ask yourself, Knowing what I know about this person today, would I hire them for that role? If the answer is no, then you should consider a transition. Not everyone is built for every phase of growth. That level of discipline has served him well.
Time spent with customers
It’s important that you understand the technology as well as the problem you’re trying to solve for the customer. If you want to earn customers, you have to spend plenty of time with them. George asks himself some key questions when reflecting on time spent with his customers. “When I talk to them, I want them to know they are taken care of. But also, what will help retain them? What else do they need? Is there a service we are capable of that we’re not offering them?”
As our episode wraps, George reflects some of the things that aided his success.
- Gratitude. He feels fortunate to have found the security industry, as it’s dynamic and ever-changing. And you’re fighting the bad guys! That mission is and always has been important to the Crowdstrike culture. In George’s opinion, that charge needs to be embedded in your mission from the very start.
- The security space is a crowded one. You should not only understand what you’re offering today, but also stay diligent about what you could be tomorrow. It’s okay to build something with the intention to sell. Not everyone IPOs. Find your niche and make sure your aspirations meet reality.