George Kurtz | |
---|---|
Born | New Jersey, U.S. [1] | October 14, 1970
Alma mater | Seton Hall University (BS) |
Occupation(s) | President and CEO of CrowdStrike |
Spouse | Anna Kurtz |
Children | 2 |
George Kurtz (born October 14, 1970) is an American businessman. He is the CEO and founder of the cybersecurity technology company CrowdStrike, and the founder and former CEO of Foundstone, a worldwide security products and anti-virus software company. [2] He is also the author of the best-selling book of all time on cybersecurity, Hacking Exposed: Network Security Secrets & Solutions. [3]
Kurtz served as executive vice president and chief technology officer of McAfee when that company released a patch that crashed many of its client's computers. [4] [5]
In 2024, his company CrowdStrike crashed millions of Windows computers around the world, causing billions of dollars in economic losses in what has been called the largest outage in the history of information technology. [6]
In 2024, Fortune Magazine named Kurtz as the 76th most powerful person in business. [7]
Kurtz is a FIA Bronze-rated race car driver who has won the Pro-Am class in the 24 Hours of Le Mans and the 24 Hours of Spa. [8] [9]
Kurtz grew up in Parsippany–Troy Hills, New Jersey, and attended Parsippany High School. [10] [1] He claims that he started programming video games on his Commodore when he was in fourth grade. He went on to build bulletin board systems in high school. [11]
Kurtz received a Bachelor of Science with a major in accounting from the private Seton Hall University in South Orange, New Jersey. [12]
After college, Kurtz began his career at Price Waterhouse as a CPA. [13] In 1993, the company made Kurtz one of its first employees in its new security group. Kurtz and his team were hired by corporations to do pen-testing and locate network risk. [14] Kurtz’ talent at this new concept - penetration testing - led to Price Waterhouse making him a founding employee in the new domain of cybersecurity. [15]
While at Price Waterhouse, and later, when he joined Ernst & Young, Kurtz developed a number of penetration testing and Internet security protocols still in use today. [15] After a few years at Ernst & Young, Kurtz left to start his first company, Foundstone [15]
In 1999, Kurtz co-wrote Hacking Exposed, a book about cybersecurity for network administrators, with Stuart McClure and Joel Scambray. The book sold more than 600,000 copies and was translated into more than 30 languages. [1]
Kurtz’s company Foundstone was started in 1999. [15] Frustrated with time-consuming and incomplete vulnerability assessment technologies of the day, Kurz pioneered vulnerability management, creating both the category and term. [16] [17] Through Foundstone, Kurtz also pioneered the concept of a tech-focused cybersecurity product company with in-house elite cybersecurity services. [15] Industrial opinion of the day was that product companies couldn’t also offer high-end consulting services. [15] Foundstone competed against Internet Security Systems which was later acquired by IBM. [18]
In August 2004, Foundstone was acquired for $86 million by McAfee, which appointed Kurtz to be senior vice president and general manager of risk management. [19] [20] In October 2009, McAfee promoted him to chief technology officer and executive vice president. [21] Six months later, McAfee accidentally disrupted its customers' operations around the world when it pushed out a software update that deleted critical Windows XP system files and caused affected systems to bluescreen and enter a boot loop. [5] In 2010, Kurtz participated in Operation Aurora, the investigation of a series of cyber attacks against Google and several other companies. [22]
In 2011, he led McAfee's research around the emerging Night Dragon and Shady RAT threats, alongside Dmitri Alperovitch, who was then McAfee's vice president of threat research. [23] [24]
Over time, Kurtz became frustrated that existing security technology functioned slowly and was not, as he perceived it, evolving at the pace of new threats. [25] On a flight, he watched the passenger seated next to him wait 15 minutes for McAfee software to load on his laptop, an incident he later cited as part of his inspiration for founding CrowdStrike. [26] [1] He resigned from McAfee in October 2011. [24]
In November 2011, Kurtz joined private equity firm Warburg Pincus as an "entrepreneur-in-residence" [27] [28] and began working on his next project, CrowdStrike. He, Gregg Marston (former chief financial officer at Foundstone), and Dmitri Alperovitch co-founded CrowdStrike in Irvine, California, formally announcing the company's launch in February 2012. [29] [30] Kurtz pitched the idea for the company to Warburg Pincus and secured $25 million in funding. [11] [31]
The company was founded with the goal of transforming how companies approach cybersecurity. [32] Kurtz wanted the new focus to be cloud-based, intelligence driven, and proactive. [32] At the time of its founding, CrowdStrike was one of the first, if not the first, company to bring cybersecurity to the cloud. [33] The company developed a "cloud-first" model in order to reduce the software load on customers' computers. [34]
CrowdStrike shifted from anti-malware and antivirus products (McAfee's approach to cybersecurity) to identifying the techniques used by hackers in order to spot threats. [34] [35] CrowdStrike, now headquartered in Sunnyvale, California, attracted public interest in June 2016 for its role in investigating the Democratic National Committee cyber attacks, [26] and in May 2017, the company exceeded a valuation of $1 billion. [36] In 2019, CrowdStrike's $612 million initial public offering on the Nasdaq brought the company to a $6.6 billion valuation under Kurtz's leadership. [37] [38] In March 2020, when discussing company strategy at CrowdStrike, he said that "not one time have I regretted firing someone too fast." [39] In July 2020, an IDC report named CrowdStrike as the fastest-growing endpoint security software vendor. [40] A year later, Kurtz ranked on CRN's 2021 Top 100 Executives list. [41]
In 2023, Kurtz warned of cyber threats from China and criticized Microsoft’s response after Chinese hackers exploited a flaw in Microsoft's cloud email service to gain access to the email accounts of U.S. government employees. [42]
In 2024, CrowdStrike was added to the S&P 500. At just five years after going public, this was the fastest a cybersecurity company had ever been listed on the index. [14]
On July 19, 2024, CrowdStrike caused one of the largest information technology outages in history when it pushed out a software update that caused an estimated 8.5 million computers running Microsoft Windows to crash and left them unable to properly restart. [43] This disrupted industries and governmental operations around the world, causing economic losses estimated in the billions of dollars in what has been called the largest IT outage in history [44] and "historic in scale". [45] In a live interview on NBC's Today, CEO Kurtz apologized to the public. He said company leaders were "deeply sorry for the impact that we've caused to customers, to travelers, to anyone affected by this, including our companies". [46]
Forbes estimated his net worth to be $2.3 billion as of July 30, 2024. [47]
In 2016, Kurtz made his racing debut in the Pirelli World Challenge, driving an Aston Martin Vantage GT4 for TRG-AMR. He remained in the series for the following two years, winning the GTS Am class in 2017 at the wheel of a McLaren 570S GT4. [48] [49] In 2019, the championship was renamed the GT World Challenge America, which Kurtz contested with pro driver Colin Braun in the GT3 category. [50] The duo finished fifth in the Pro-Am standings. The duo reunited in 2020, [51] [52] when Kurtz made eight podiums, including his first overall win in GT3 machinery at Virginia International Raceway and another victory, to finish as the runner-up of Pro-Am. [53] [54]
In 2021, Kurtz again raced in the GTWC America series but also in prototype cars, competing in a Ligier JS P320 in the IMSA SportsCar Championship's LMP3 category. [55] [56] In that series, he competed solely in the endurance events, winning at Sebring and scoring a class podium at Watkins Glen. [57] Three missed weekends in the former series dropped Kurtz and Braun to sixth in the drivers' standings, with two class wins.
In 2022, Kurtz remained in both championships, scoring two podiums in IMSA, including third place in class at the 24 Hours of Daytona. In GTWC America, he won ten of 16 races, earning the title in the SRO3 class. [58] [59]
In 2023, Kurtz stepped up to the LMP2 category to compete full-time in the IMSA SCC, driving for his own Crowdstrike team supported by Algarve Pro Racing alongside Ben Hanley, with silver-ranked Nolan Siegel supporting the pair at the endurance rounds. [60] Kurtz and Hanley won at the season-ending Petit Le Mans and another race, but finished second in the standings, edged out by Paul-Loup Chatin and Ben Keating. [61] In the Michelin Endurance Trophy, which took into account placings solely within the four endurance races, the Kurtz-Hanley combo came out on top. [62] Kurtz also made his debut at the 24 Hours of Le Mans, where he, Colin Braun, and James Allen won in the LMP2 Pro-Am subclass. [63] [64] Finally, he returned to the GTWC America to defend his title, and although Kurtz only finished third in the SRO3 category he claimed Pro-Am honours, having partnered with Braun throughout the year. [65] During the 2023–24 winter, Kurtz and Braun raced in the Asian Le Mans Series, where they and young pro Malthe Jakobsen won two races on their way to the championship. [66]
Following the 2024 CrowdStrike incident, Kurtz withdrew from racing for the season; [67] [68] he returned to motorsport for the 2025 24 Hours of Daytona. [69]
(key) (Races in bold indicate pole position; results in italics indicate fastest lap)
Year | Team | Class | Make | Engine | 1 | 2 | 3 | 4 | 5 | 6 | 7 | Pos. | Points |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2021 | CORE Autosport | LMP3 | Ligier JS P320 | Nissan VK56DE 5.6L V8 | DAY 5† | SEB 1 | MDO | WGL 2 | WGL | ELK | PET 7 | 11th | 968 |
2022 | CORE Autosport | LMP3 | Ligier JS P320 | Nissan VK56DE 5.6 L V8 | DAY 3† | SEB 5 | MDO | WGL 2 | MOS | ELK | PET 5 | 17th | 921 |
2023 | CrowdStrike Racing by APR | LMP2 | Oreca 07 | Gibson GK428 V8 | DAY 2† | SEB 5 | MON 3 | WGL 1 | ELK 7 | IMS 3 | PET 1 | 2nd | 1958 |
2024 | CrowdStrike Racing by APR | LMP2 | Oreca 07 | Gibson GK428 V8 | DAY 2 | SEB 9 | WGL 13 | MOS 7 | ELK | IMS | ATL | ||
Source: [70] |
† Points only counted towards the Michelin Endurance Cup, and not the overall LMP2 Championship. † Points only counted towards the Michelin Endurance Cup, and not the overall LMP3 Championship.
Year | Team | Co-Drivers | Car | Class | Laps | Pos. | Class Pos. |
---|---|---|---|---|---|---|---|
2021 | CORE Autosport | Jon Bennett Colin Braun Matt McMurry | Ligier JS P320 | LMP3 | 737 | 31st | 5th |
2022 | CORE Autosport | Jon Bennett Colin Braun Niclas Jönsson | Ligier JS P320 | LMP3 | 721 | 16th | 3rd |
2023 | CrowdStrike Racing by APR | Esteban Gutiérrez Ben Hanley Matt McMurry | Oreca 07 | LMP2 | 761 | 8th | 2nd |
2024 | CrowdStrike Racing by APR | Colin Braun Malthe Jakobsen Toby Sowery | Oreca 07 | LMP2 | 767 | 10th | 2nd |
Source: [70] |
Year | Team | Co-Drivers | Car | Class | Laps | Pos. | Class Pos. |
---|---|---|---|---|---|---|---|
2023 | Algarve Pro Racing | James Allen Colin Braun | Oreca 07 | LMP2 | 322 | 20th | 10th |
LMP2 Pro-Am | 1st | ||||||
2024 | CrowdStrike Racing by APR | Colin Braun Nicky Catsburg | Oreca 07 | LMP2 | 149 | DNF | DNF |
LMP2 Pro-Am | |||||||
Source: [70] |
McAfee Corp., formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, and Intel Security Group from 2014 to 2017, is an American global computer security software company headquartered in San Jose, California.
John David McAfee was a British and American computer programmer, businessman, and two-time presidential candidate who unsuccessfully sought the Libertarian Party nomination for president of the United States in 2016 and in 2020. In 1987, he wrote the first commercial anti-virus software, founding McAfee Associates to sell his creation. He resigned in 1994 and sold his remaining stake in the company. McAfee became the company's most vocal critic in later years, urging consumers to uninstall the company's anti-virus software, which he characterized as bloatware. He disavowed the company's continued use of his name in branding, a practice that has persisted in spite of a short-lived corporate rebrand attempt under Intel ownership.
Fortinet, Inc. is an American cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.
Parsippany High School is a four-year comprehensive public high school, one of two high schools in Parsippany-Troy Hills, in Morris County, in the U.S. state of New Jersey, operating as part of the Parsippany-Troy Hills School District. The school serves students in ninth through twelfth grades who live in the eastern half of Parsippany-Troy Hills. Its companion school in the district is Parsippany Hills High School.
Colin James Braun is an American racing driver. He is the 2014 and 2015 WeatherTech SportsCar Championship Prototype Challenge Champion and currently drives the No. 60 Meyer Shank Racing Acura ARX-06 for Meyer Shank Racing in the IMSA WeatherTech SportsCar Championship. Driving the ARX-06, he was part of the winning team of the 2023 24 Hours of Daytona. He formerly competed in the NASCAR Camping World Truck Series and the Xfinity Series. He lives in Charlotte, North Carolina.
Trellix is a privately held cybersecurity company that was founded in 2022. It has been involved in the detection and prevention of major cybersecurity attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.
Operation Aurora was a series of cyber attacks performed by advanced persistent threats such as the Elderwood Group based in Beijing, China, with associations with the People's Liberation Army. First disclosed publicly by Google on January 12, 2010, by a weblog post, the attacks began in mid-2009 and continued through December 2009.
An advanced persistent threat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.
Dmitri Alperovitch is an American think-tank founder, author, philanthropist, podcast host and former computer security industry executive. He is the chairman of Silverado Policy Accelerator, a geopolitics think-tank in Washington, D.C., and a co-founder and former chief technology officer of CrowdStrike. Alperovitch is a naturalized U.S. citizen born in Russia who immigrated from the country in 1994 with his family.
PLA Unit 61486 is a People's Liberation Army unit dedicated to cyberattacks on American, Japanese, and European corporations focused on satellite and communications technology. It is a unit that takes part in China's campaign to steal trade and military secrets from foreign targets.
CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services.
Cylance Inc. is an American software firm based in Irvine, California, that develops antivirus programs and other kinds of computer software that prevents viruses and malware.
A threat actor, bad actor or malicious actor is either a person or a group of people that take part in an action that is intended to cause harm to the cyber realm including: computers, devices, systems, or networks. The term is typically used to describe individuals or groups that perform malicious acts against a person or an organization of any type or size. Threat actors engage in cyber related offenses to exploit open vulnerabilities and disrupt operations. Threat actors have different educational backgrounds, skills, and resources. The frequency and classification of cyber attacks changes rapidly. The background of threat actors helps dictate who they target, how they attack, and what information they seek. There are a number of threat actors including: cyber criminals, nation-state actors, ideologues, thrill seekers/trolls, insiders, and competitors. These threat actors all have distinct motivations, techniques, targets, and uses of stolen data. See Advanced persistent threats for a list of identified threat actors.
Sandworm is an advanced persistent threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include APT44, Telebots, Voodoo Bear, IRIDIUM, Seashell Blizzard, and Iron Viking.
DXDT Racing is a professional sports car team based in Statesville, North Carolina, founded by competitive off-shore sailor and businessman David Askew in 2014. With an early history in IMSA's Continental Tire SportsCar Challenge and Lamborghini Super Trofeo North America, the team now primarily races in SRO America's GT World Challenge America, continuing a long term run as a Mercedes AMG Customer Racing team.
Gregory Falco is an American inventor and researcher. Falco is a professor at Cornell University. He is a pioneer in the field of cybersecurity research and its aerospace applications. Falco is the founding chair of IEEE's Standard for Space System Cybersecurity and the NATO Country Project Director for the NATO Science for Peace and Security effort to reroute the internet to space.
Talon Cyber Security is an Israel-based provider of cybersecurity technologies with headquarters in Tel Aviv. It develops a secure browser engineered to provide enterprise-grade security across all devices, irrespective of location, device type, or operating system. In early 2024, Talon Cyber Security faced significant backlash following the discovery of a critical vulnerability in its Talon Enterprise Browser.
Algarve Pro Racing (APR) is a Portuguese sports car racing team founded in 2010 by husband and wife Stewart and Samantha Cox. The team focuses on prototype racing, fielding LMP2 entries in the European Le Mans Series, as well as partnering with CrowdStrike Racing in the IMSA SportsCar Championship. APR ran cars for the Russian endurance team G-Drive Racing during the 2021 season, ending their partnership following the Russian invasion of Ukraine.
On 19 July 2024, American cybersecurity company CrowdStrike distributed a faulty update to its Falcon Sensor security software that caused widespread problems with Microsoft Windows computers running the software. As a result, roughly 8.5 million systems crashed and were unable to properly restart in what has been called the largest outage in the history of information technology and "historic in scale".
In mid July 2024, Delta Air Lines, a major U.S. carrier and the largest airline in the world by revenue, assets, market capitalization experienced an operational disruption following the 2024 CrowdStrike incident including the cancelation of over 1,200 flights. The crisis began on the morning of Friday, July 19 when a ground stop was issued by major carriers but while other carriers quickly recovered, the crisis continued for Delta with the airline finally resuming normal flight operations on July 25. Delta confirmed that the crisis resulted in the cancellation of over 7,000 flights over the five days of the disruption affecting over 1.3 million passengers.