How Recorded Future Sees What’s Ahead

This column is part of our new series, ‘From the C-Suite’, focused on how leaders from the private sector – in their own words – are driving change and innovation in the national security space. We’ll bring you insights on the threats as they see them and notes on their personal journeys, motivations, failures and successes as they navigate the national security space. 

Christopher Ahlberg is the CEO of Recorded Future, Inc., which he co-founded in 2009 and in 2019 sold for $780M in cash and continues to run. He is the Chairman of Hult International Business School and advises a series of start-up companies. Earlier, Ahlberg was the president of the Spotfire Division of TIBCO, which he founded as an independent company in 1996 and in 2007 sold to TIBCO for $195M. Spotfire was founded based on his ground-breaking research on information visualization. Dr. Ahlberg earned his doctorate from Chalmers University of Technology and was named among the World’s Top 100 Young Innovators by Technology Review, MIT’s Magazine of Innovation in 2002. He is a member of the Royal Swedish Academy of Engineering Sciences.

For the last 10 years, I have kept saying that we live in an uncertain world. In fact, that is the very premise behind Recorded Future. And now, 40+ days into the world of COVID-19, unfortunately, this feels closer to home than ever. A pandemic is ravaging the world, causing death, unemployment, and uncertainty, with downstream effects yet to be seen — and unlikely to be good — be it more death, unrest, economic meltdown, or wars.

We’ve worked hard to build Recorded Future over the last decade, seeded with the very idea that uncertainty drives the need for actionable intelligence. We’ve relentlessly focused on finding answers and insights hidden in data that can help us fight what is bad. The world as it is today is extremely connected, both physically and digitally. The internet is the glue that connects us across continents, countries, and cultures — and that very internet is under attack by threat actors trying to steal money and information. Those very same actors are now taking advantage of COVID-19 to deliver malware, drive phishing campaigns, create scams, and spread disinformation.

It is our mission to apply intelligence to disrupt these threat actors and reduce uncertainty.

After 10 years of being in business, we have hit a fantastic milestone, having just crossed the $100 million annual recurring revenue (ARR) mark (very few SaaS companies pass that milestone). Our clients use our intelligence to defend their global computer networks in the cloud and at their corporate perimeter against threat actors trying to steal money and secrets. They include the very largest global brands and corporations, large government agencies around the world, but also small companies and organizations. At north of $100M, we’re indisputably the largest threat intelligence company. Late last year, Recorded Future was awarded a $50M threat intelligence contract for accelerated security with US Cyber Command, proof that the private industry can contribute significantly in a field often seen as led by governments.

So, what’s next? My rallying cry internally at Recorded Future for the next 10 years is “Chapter Two.” There is an opportunity to build a significant intelligence company and become a cornerstone of the cybersecurity market, much like SIEMs, firewalls, EDR tools, and so on. We call this security intelligence, with the implication that intelligence will be consumed in many parts of a company.

The amazing part of the internet being the inter-connective glue across continents, countries, and cultures is how it is also a fantastic intelligence sensor. I jokingly refer to this as “Ahlberg’s Law of Intelligence” (anno 2011 or so), which states, “Eventually, everything ends up on the internet.” Over time, we’ve figured out how to collect open source intelligence (OSINT) in 30 different languages, dark web intelligence right out of the criminal communities, internet infrastructure data such as domain name registrations and digital certificates, malware and its infrastructure, as well as the very patterns of internet traffic. As you can imagine, this is a potentially overwhelming set of data sets (yeah, sets of sets of data sets).

Historically, such data has been sold as threat intelligence stove pipes, and users have been left trying to figure how to connect the dots. We made it our mission to, out of the gate, connect the dots across stove pipes and make it easy for clients to connect the dots from our intelligence to their own data. Just like Bloomberg built a fantastic business and business model based on data, analytics, workflows, and user experience, we believe we can replicate this in cybersecurity.

There is a lot of work in front of us, data to be collected, intelligence to be created, bad guys to be disrupted, and wins to be had in the meantime!  And yes, intelligence can play a role in decreasing uncertainty, even in the times of COVID-19.

Let’s severely disrupt the adversaries. Godspeed!

Have a story to share about how you see the national security needs of the future shaping up?  Drop us an email at [email protected]