News3 min read

A Q&A with Carbon Black CEO Patrick Morley

VMware Staff

In October, VMware announced its acquisition of Carbon Black, a leader in cloud-native endpoint protection. We caught up with Patrick Morley, Carbon Black president and CEO, to get his perspective on the acquisition, the security industry and Carbon Black’s future as part of the VMware family.

Snapshot: Patrick Morley
  • Title: Chief Executive Officer of Carbon Black (now General Manager of VMware’s Security Business Unit)
  • Base of operations: Waltham, Mass.
  • Years at Carbon Black: 12
  • Passion Projects: Raising money for cystic fibrosis
Can you share a little about your journey with Carbon Black?

I've been at Carbon Black for almost 12 years. I signed on as CEO when Carbon Black was quite small — 20 employees or so with a handful of customers. In 2007, the security industry was niche. A lot of companies didn't have Chief Information Security Officers (CISOs) yet and most viewed security as a necessary evil.

I knew security was going to be big, because we could see the attack vectors going up statistically. Even 12 years ago, the number of attacks was rising—and they were actually twofold:

  • Nation-state attacks stealing intellectual property.
  • Brand-based attacks making hackers or viruses known or famous.

Something had to change with the number of attacks growing exponentially year over year. And when current security wasn’t working, it was pretty clear a different approach was needed. Directionally, we weren’t sure of the path, but I knew security was going to be big.

Why VMware?

During our initial conversations, VMware’s mission and people resonated with us. We built a partnership. We got to know each other. By getting to know the internal teams better, we got to know more about what VMware is trying to do long-term. That gave us an opportunity to collaborate on where VMware sees the world going.

Both our companies have been saying the same thing: Bolting on security is very challenging. It costs additional dollars. It takes additional resources. It’s just harder, and you have gaps. If you can build security in from the beginning, you can have a huge impact on companies.

From a cultural fit perspective, it’s honestly been great. Over the course of my career, I’ve come up with seven rules for building a great company . Rule one is align the vision and mission on the goal you want to achieve. Rule two is recognizing that it’s all about the team, the people. We're a good fit — very transparent and relatively down to earth. And I think that's a good thing.

In addition to increasing threats and severity, what are the biggest cybersecurity challenges companies face?

One of the biggest challenges in the world is the exponential growth of data. Data is everywhere. All of our data as consumers, as employees, it’s massive and it’s everywhere. I’m not sure everyone knows this, but our founding team was trained by the U.S. government as offensive hackers. These people spent 10 years orchestrating attacks. They were never not successful. They don't say that arrogantly, just matter of fact. They always got in. They took that experience and built a security technology that would make life much harder for hackers.

Now, think about the prevalence of data today from the defender’s side. What if we could leverage the power of big data — and cloud with analytics — to turn the tide? What if we could suddenly see across millions of endpoints? See billions and trillions of security events and analyze them? That can tell a story. We could identify a single attacker. We could determine trends and patterns. The data tells a complete story.

When that hacker used the same pattern, we could track it. In a sense, we’d now have a fingerprint about that attack type and could stop it from extending across multiple companies and regions. That makes it exponentially harder for the adversary.

Where do you see the biggest opportunities?

Now that we’re part of VMware, I’m most excited about helping more customers succeed.

Our vision at Carbon Black is creating a world safe from cyberattacks. We have an opportunity to extend that vision across the globe and keep hundreds of thousands of companies and billions of people’s data safe.

The more we leverage the power of data and analytics to see across the globe, we get that network effect. The cyber fight evolves from “me versus them” to “us versus them,” building a larger community of defenders working together.

What's next or coming soon for VMware Carbon Black?

The big things right now are:

Although the transition is big, it isn’t the first in Carbon Black’s history. When we started, we were primarily doing all big data analysis on-premises for customers in their data centers. Three years ago, we began an aggressive journey to the cloud. Today, nearly all our customers are on our cloud-native platform. There’s synergy there with what’s going on inside VMware.

As part of VMware, Carbon Black has an incredible opportunity to leverage the platform. To go out and talk about the platform as part of our go-to-market engine within all those enterprise customers globally? That’s a huge difference maker for us.

It’s an exciting time and I’m looking forward to continuing our journey with VMware.