Jason Crabtree: Co-founder and CEO, QOMPLX
The Old Grad Story:
Jason majored in Civil Engineering at West Point and led the Corps of Cadets as First Captain in his senior year. Post-graduation, Jason went on to the University of Oxford as a 2008 Rhodes Scholar, as an MSc student in Engineering Science. While at Oxford, Jason pursued extracurricular involvement in the security space, to include work with the Center for a New American Security. After Oxford, Jason completed Ranger School and deployed to Afghanistan as an Infantry Officer, before going on to lead cyber security initiatives alongside the Army Cyber Command, DARPA, and the NSA. Leveraging these experiences and insights, Jason left the Army in 2014 to co-found QOMPLX with Andrew Sellers (USAFA ’05), who he had met at Oxford.
Old Grad Knowledge:
I’m intensely curious, and I’m always looking for ways to do things differently, spin them around and look at them upside-down. Andrew [my CTO] is a deep, disciplined computer scientist, and he has always been really good at helping me understand what’s possible. One of the things I’ve found really valuable is building people like that – who can keep me grounded – into my life.
The key for me has been finding ways to offer different approaches, determining what can be operationalized, then organizing teams with the capabilities to accomplish the vision. We’re very interdisciplinary, which helps us find views that are very different than other security firms.
We started QOMPLX by focusing on solving the tech problems first, then building the business approach. It worked for us, but I think it’s the harder way to approach it, especially if you haven’t built a business before.
We built a business as a last resort – we were passionate about our mission, and we couldn’t figure out another way to meet it. Organizing around a purpose – building stuff that matters – is what compels me. For people that are thinking about building a business, make sure you love what you’re doing enough that you’re ready to fail for it.
Ask for help! Describe your mission, why it matters and what you’re going to do about it, then ask mentors what they know that you don’t.
I believe that continuous acquisition of exceptional talent is fundamental to long-term success.
Cyber Security: Lingo to Know
· Key distribution centers (active directory): the 200-300 computers that control access to the major functions on a big network by managing identity keys to system users.
· “Golden Ticket” attacks: cyber-attacks that involve gaining domain dominance over key distribution centers, which gives attackers “Golden Ticket” access to an entire network. Most high-profile data breaches and ransomware attacks used this approach.
Insights on Cyber Security
· QOMPLX was founded to address two fundamental gaps that existed in both government and private cyber security: active directory and identity security.
· The sheer number of key requests on major networks makes security challenging; clients see as many as 10,000-180,000 requests per second, in real-time streams within servers across the globe.
· Cyber security is all about catastrophic risk management, so it’s important to have perspective from across the board. Experts in cyber, insurance, data, and business all play key roles in the collaborative risk-management process.
· Technology – especially within enterprise applications – is very relationship-oriented. Building a cross-functionally excellent team around a mission-oriented purpose is key to winning the trust of clients and partners.
Founding to Scale
· From the beginning, QOMPLX organized with the goal of scaling, so that the company could maintain the integrity of its mission in a hyper-competitive environment.
· The founders approached investment, recruiting, partnership, and mentorship with the deliberate goal of preparing to scale and eventually go public.
