How a deadly plane flight created security startup Cylance

Stuart McClure, the chief executive of Cylance was on a plane from Honolulu to Auckland in 1989 when the cargo door ripped a hole in the side of the plane sucking out seats and luggage that hit the engines causing them to burst into flames.

That day changed his outlook on the security industry.

“Just like those passengers, most people on the Internet are just passive and unprotected,” said McClure who announced today that his security startup Cylance bought data-mining company Skout Forensics and launched its first service.

The plane was just starting on its way to New Zealand when McClure heard a screeching turned into booming noise — the door tearing apart, killing nine people. The plane took a sharp turn back for Honolulu after calling a state of emergency and miraculously landed. On the ground, the pilots and engineers looked at the black box information and ran the data through their simulators. All scenarios ended with the plane crashing.

Later, McClure found out that the fatal event was caused by a flaw in the Boeing 747’s locking mechanism. It was a known flaw that the company chose to ignore. This formed McClure’s basis for how he looks at cyber attacks today: many of them are due to flaws that are known and disregarded.

“I do get asked a lot, where do you get all this passion and drive, I wanted to kind of share it and give people a sense of this is why I do what I do,” said McClure in an interview. “[It’s a] personal passion and drive to protect people.”

His company, Cylance, which has been in stealth mode until today, looks at what we can do before an emergency happens. It’s latest service, Presponse, scrubs down your company, finding all of the points of entry for a hacker and takes a sociological look at why someone might attack you.

“The response is after the fact it’s after you get hacked…. there really little value in the response effort alone,” said McClure, “They all talk about response rather than preventive, prediction, any of the ‘pre.'”

It does this in four steps:

1. It looks at any “critical infrastructure” your company might have. That goes beyond, though includes, the smart grid or connected water systems. It also considers telecommunications and healthcare systems that might provide a point of entry for a hacker.
2. Then it looks at your broader connected devices such as thermostats and key card readers — devices that may not have a screen and keyboard but can still be accessed from the outside.
3. It assesses your risk. Are you a bank? Maybe your company just stores a lot of credit card data that someone might want to get hold of.
4. Lastly, it predicts the future likelihood of an attack on your company, plans for incidents, and helps you respond if and when they happen.

None of this would be possible without data, of course, so the company acquired Skout Forensics, which McClure says can gather up data much faster than Cylance could on its own. And it will do all of this for response situations as well.

“It doesn’t just look at how the bad guy got in. [It looks at] what specifics, the techniques, why they got in, why [you] were targeted, why [your] executives were targeted,” said McClure.

McClure says we’ll be hearing more from Cylance soon on future products. For now, his goal is to help people find the flaws and fix them. Because you never know how a defect that seems small could leave you much more vulnerable than you thought.