June 19, 2025 • 37 mins
What does it take to go from defending national secrets to defending MSPs? In this episode of Now That’s IT: Stories of MSP Success, Robert Johnston—former Pentagon cyber operator, DNC breach responder, and co-founder of Adlumin—shares his journey from military red teams to building one of today’s fastest-growing cybersecurity platforms.
We unpack how Robert transitioned from CrowdStrike to launching Adlumin, a company that reimagines MDR and XDR for modern MSPs, why simplicity and automation matter more than ever, and how AI is reshaping both threats and responses in real time.
Whether you run a 10-person MSP or lead global operations, Robert’s mission to transform cybersecurity offers real lessons in scaling services, serving clients, and staying ahead of attackers.
Let us help you unlock your business's full potential.
N-able Business Transformation is Expert led and Peer informed.These valuable executive programs are tailored to provide effective guidance and a faster path to a scalable and successful business.
Book a Call with Chris Massey now to learn what Business Transformation can do for you!
'Now that's it: Stories of MSP Success,' dives into the journeys of some of the trailblazers in our industry to find out how they used their passion for technology to help turn Managed Services into the thriving sector it is today.
Every episode is packed with the valuable insights, practical strategies, and inspiring anecdotes that lead our guests to the transformative moment when they knew….. Now, that's it.
This podcast provides educational information about issues that may be relevant to information technology service providers.
Nothing in the podcast should be construed as any recommendation or endorsement by N-able, or as legal or any other advice.
The views expressed by guests are their own and their appearance on the podcast does not imply an endorsement of them or any entity they represent.
Views and opinions expressed by N-able employees are those of the employees and do not necessarily reflect the view of N-able or its officers and directors.
The podcast may also contain forward-looking statements regarding future product plans, functionality, or development efforts that should not be interpreted as a commitment from N-able related to any deliverables or timeframe.
All content is based on information available at the time of recording, and N-able has no obligation to update any forward-looking statements.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
One, two, three, four .
Maybe, if I thought about it alittle longer, I might not be
here today, but 24 hours wasjust long enough to not really
realize what I was getting into,but not long enough to realize
how crazy it was right.
I think 24 hours was just thatperfect amount of time, and so I
went in and I just did it.
(00:21):
Welcome to Now.
That's it.
Stories of MSP success, where wedive into the journeys of some
of the trailblazers in ourindustry to find out how they
used their passion fortechnology to help turn managed
services into the thrivingsector it is today.
Speaker 2 (00:35):
In the spring of 2016 , robert Johnson was working at
CrowdStrike.
Just months after he led cyberoperations for the Pentagon Late
20s brilliant and alreadyresponsible for some of the most
sensitive digital missions innational security.
And then that same year, he'dend up at the center of one of
the most high profile cyberattacks in modern history the
(00:57):
Russian hack of the DNC.
And yet, just a few monthslater, robert would walk away
from it all.
Why?
Because he thought I can buildsomething better.
So today we have Robert Johnson, who's the co-founder of
Adlumen, one of the fastestgrowing cybersecurity tools in
MDR and XDR space, now an Enablecompany.
(01:18):
I'm so excited to have you heretoday, robert.
Thanks so much for being here.
Speaker 1 (01:22):
Yeah, thanks.
Thanks for having me.
Speaker 2 (01:24):
Awesome.
So I read that you enrolled inthe Naval Academy and your focus
was on wrestling.
Speaker 1 (01:32):
You were an all-star wrestler in high school.
I was All-state.
I wouldn't say I majored inwrestling.
Speaker 2 (01:35):
Of course, of course.
Speaker 1 (01:37):
I did get a degree while I was there but, yeah,
wrestling, the sport ofwrestling, it has always been a
big part of my life.
I competed in high school, Icompeted in college and the
wrestling team at the NavalAcademy had we were a top 15
team actually in the countrywhile I was there and we had a
(01:57):
fantastic coach who was thetwo-time Olympic team head coach
and, yeah, I love the sport ofwrestling.
Speaker 2 (02:03):
I love it.
It's been really interestingright now.
I've been watching some ofthese uh, um, you know, guys,
these heavyweights that aregoing back and wrestling, and
and one of those guys is amilitary guy, so it's a.
It's really, really interestingto see the, the power of the,
the wrestling community, uh,through the armed services it's
a really tight.
Speaker 1 (02:19):
It's a really tight-knit group.
You'll you'll meet a wrestleranywhere in the world, right,
and there's an instantaneousbond.
Some might say a shared pain, ashared pain and suffering that
takes place there.
But you know, it's a reallytight group.
Speaker 2 (02:35):
You've survived any sort of major disfiguration no
cauliflower ear or anything likethat right?
Speaker 1 (02:41):
No, I took.
You know, I wore my headgear, Itook good care of my ears, but
I still.
One's a little different thanthe other.
In truth, one's slightlydifferent than the other, but
not overly noticeable, yeah.
Speaker 2 (02:52):
So how did you find your way behind a?
Speaker 1 (02:53):
computer, robert.
It was in college, it was, youknow, information technology and
computer science was a newdomain to the Naval Academy at
the time.
This is 2000 and you know 2008.
And I took to it immediately,you know.
I thought, well, do I want todo you know political science or
(03:17):
engineering in some way?
And I landed on, you know,information technology and
computer science to be where Iwanted to focus my studies and
at first, in truth, I didn'tlike it that much because it was
just all computer programming.
But then I got to theinformation assurance classes
and that's where interest reallypeaked for me, because it was
(03:42):
like you got to be a cyber copor a criminal, depending on
which way you got to look at it,and it became exciting.
Speaker 2 (03:50):
Wow.
So you became the leader of theMarine Corps Red Team and a
team lead for the Cyber NationalMission Force.
You must have gotten the hangof IT, of computers, pretty
quickly then, huh.
Speaker 1 (04:01):
Well, I wanted to shape my career pretty quickly
then.
Huh, well, I wanted to shape mycareer.
I became so interested inschool with this domain that
when it came time to go into theMarine Corps, I wanted to shape
my Marine Corps career doingsomething similar.
So I spent some time in thefleet they would call it just
out in the Marine Corps and thenI got an opportunity to go to a
(04:23):
place called the NetworkOperations and Security Center,
which is like the security, theSOC, of the entire Marine Corps,
which is, you know, prettylarge, not as large as, say, the
Army, but that became likewhere I wanted to go, and that
was the first time I got to comeback to start the journey that
I had initially, when I leftcollege, like set out to
(04:47):
participate in, and so I got tocome back and then I got a
unique opportunity to lead thered team, which is doing
exciting work.
It's fun work.
Speaker 2 (04:55):
Yeah, so 2015, 2016, you're still in the Marine Corps
.
You're also consulting withCrowdStrike.
What was your life like at thattime?
What was going on?
Speaker 1 (05:05):
Well, I had left the Marine Corps, I had just left.
I spent eight years and I spenta little time in the reserves.
So I was technically, I guess,still in the Marine Corps and I
left the Marines and I wanted togo out to the private sector.
Like my dad spent 40 years inthe Marine Corps, I spent eight.
So it you know, I have like afamily history there.
(05:25):
But yeah, I spent eight yearsin Marine Corps.
That was, that was great.
But it was time to kind ofbegin the next, begin the next
chapter, and so I I joined aCrowdStrike and really incident
response is exciting too, it islike being a cyber cop.
And so that's what I wanted todo.
And they were.
They were a great company.
That was that was doing a lotof that work.
Speaker 2 (05:46):
So then, of course, you get called into what might
be the one of the most infamoushacks in history, the hacking of
the DNC.
Can you share anything about?
You know what that was like togo through that?
Speaker 1 (05:59):
It wasn't infamous at the time.
You know the.
You know the day that thoseengagements come, you know, to
your inbox.
You know it's just another dayat the office and so at the time
it wasn't infamous and youdidn't know what it would
eventually become.
But months after its conclusion, you know it became clear that
(06:22):
this was going to be, you know,a pretty big deal.
Speaker 2 (06:24):
Conclusion you know, it became clear that this was
going to be, you know, prettybig deal, wow.
So how did you end up on yourdesk, like what were you doing,
sort of at the time?
Speaker 1 (06:38):
I was actually on a run.
I was on a run and it was in theafternoon and they gave me a
call and said hey, you know, dnchas been breached, you know,
and it's just another IRengagement, another day at the
office, right, and you know, andI lived in DC and not far from
the center of politics, and so Isaid, yeah, you know what, if I
turn around right now on my runand I pick it up a little bit,
(06:58):
I can be back in, you know, callit 30 minutes and then I'll
head over there.
And so that's what I did, andso that was kind of day one.
It was Friday afternoon, Ithink.
All the big breaches, by theway, happened like Friday 5 PM.
Yeah, it's like, you know, it'sthey got something against it.
You know, cyber criminals areout there.
Maybe they end their day joband then they get to their, you
(07:19):
know, and and they and and theyget to their hobby.
But in this case it was RussianSVR, which is like their CIA.
But yeah, 5 o'clock on a Fridaypm, you can count something
going wrong.
Speaker 2 (07:30):
Wow, how quickly did the team, or maybe even you,
recognize really what hadhappened and how serious it was.
Speaker 1 (07:37):
Well, I had picked up anecdotal information because
how that breach came to be wasthrough law enforcement
notification initially and therewas only so much they could say
.
And so when you're hearing fromthe people that were notified
by law enforcement, they don'tknow who APT 28 is.
(08:00):
They don't know who Russian SVRis right, they don't know these
names.
And it was Cozy Bear is one ofthe names for this organization,
Russian SVR.
And so I think what came acrossmy desk was like the bears,
like that was, we've beenbreached by the bears.
(08:21):
But you know, I had been aroundthis, so I kind of put two and
two together and I said, okay,this has got to be probably Cozy
Bear.
And I had actually probably sixor eight months before that, I
had been at the Chairman of theJoint Chiefs of Staff breach by
the same threat actor, by theexact same group, while I was in
(08:43):
the military, and so it just sohappened, I had a very recent
encounter with the Russian SVRand so I said, well, okay, I
know where to look for theseguys, so let's just take a quick
peek and see if things arelining up to be the same.
And, sure enough, we take alook at one area on the system
(09:04):
and they're exactly where CozyBear would be.
And I said, you know, we, wetake a look at one area on the
system and they're exactly wherecozy bear would be.
And I said, all right, this isthis.
It's pretty clear, this is thesame group, same people, same
everything.
Speaker 2 (09:12):
Wow, in those types of situations, sort of a, a
normal person might get veryanxious or or or start to uh,
maybe dread the potentialreality of how big this could be
, how big of a deal that couldbe.
How do you stay focused?
Obviously you're ex-military,but how do you stay focused in
those sort of high profile or Iguess you didn't know it at the
(09:33):
time, but the potential to be ahigh profile type of a breach?
Speaker 1 (09:38):
When you're doing incident response it's a little
more like you're an EMT, right,you're showing up after the
accident has already taken place, which is an immediate kind of
stress reliever.
But you've also got to realizethat your customer or client on
the other side is having one ofthe worst days of their life.
(09:58):
Now breaches are a little moreregular and they happen all the
time, but still, you know, it'susually the customer's worst day
, and so they are stressed tothe max.
So you have to manage that, andif you manage that, okay,
you'll be all right.
But look, I had done so manybreaches at that point and so
(10:22):
many breach investigations thatit's another day at the office.
Speaker 2 (10:26):
So just out of curiosity, maybe the listeners
are curious as well.
Some people may have turnedthat into a talk show or a tour
or a book deal or something likethat, maybe even running for
Congress.
Did any of that ever cross your?
Speaker 1 (10:41):
mind Robert.
No, not at the time, not at thetime.
Not at the time it was such awhirlwind and you know, running
for Congress maybe in my futureat some point, but at that time
and today, you know, not in thecards.
Speaker 2 (10:59):
Awesome.
So let's talk a little bitabout the beginnings of Ed Luman
.
Things started to really theywere going really well at
CrowdStrike.
Then you get a marketing emailfrom this incubator I think you
mentioned Apply, and so you didthat right and you quit the day
after.
Talk a little bit about thatstory.
Speaker 1 (11:19):
Some people, when they start a business, maybe
they got this brilliant idea orthis, that, when they start a
business, maybe they got thisbrilliant idea or this, that?
Uh, for for me I got a.
There was an incubator in thearea called mock 37.
I think it still exists todayand their their thesis was, in
the DC area, which you have alot of intelligence community
agencies, that it's a good placeto breed security companies,
(11:44):
right, because you have all thisknowledge that could be coming
out of places like the CIA orthe NSA or the Defense
Department.
And so they stood up anincubator and they were sending
out marketing emails and, forwhatever reason, it landed in my
inbox.
I think I had been to a few oftheir happy hours or events or
or events.
Uh, and I figured, why not?
(12:05):
And and I just I applied to theincubator and I got in, and I
got in, and so, uh, you know, Ifigured I had nothing to lose.
That was literally it.
I figured I had nothing to loseand so I got into the incubator
.
Uh, I walked into work the nextday and I quit my job.
That was it.
Speaker 2 (12:25):
That could be extremely stressful for a risk
adverse or someone that's inrisk intelligence Sort of a
crazy thing to do.
Hindsight's 20-20, right, youcan look back.
You know it's the rightdecision you made at the time.
But what was going through yourmind?
How long did it take?
Obviously 24 hours, right Foryou just to go.
(12:47):
This is the right thing.
I feel good about it.
In my gut it feels good.
Speaker 1 (12:51):
Yeah, I felt like I had nothing to lose.
I was also working in securityand security and there's a
little job security and workingin security, just because you
can go work anywhere you know,and so I really felt like
nothing to lose and it felt likea great opportunity, fun,
exciting.
I wasn't married, I didn't haveany kids at the time.
Speaker 2 (13:11):
Yeah.
Speaker 1 (13:11):
These kinds of things help, and so, yeah, you know, a
little longer I might not behere today, but 24 hours was
just long enough to not reallyrealize what I was getting into.
But not long enough to notreally realize what I was
getting into, but not longenough to realize how crazy it
was.
Oh right, I think 24 hours wasjust that perfect amount of time
, and so I went in and I justdid it thank goodness you made
(13:31):
that decision back then, robert.
Speaker 2 (13:34):
So what was the responsibility split between
yourself and your co-founder?
Speaker 1 (13:38):
Tim.
I was responsible for product,so I was doing software
development and and engineering,and he was responsible for
product, so I was doing softwaredevelopment and engineering and
he was responsible for salesand marketing.
It became a very nicedistribution of duties, I think,
and then we were bothresponsible for kind of
approaching customers andselling to customers.
Speaker 2 (13:57):
You describe how long it sort of took for you guys to
go to market.
I mean, you start this businessin the incubator, you start to
build something.
You personally were building itright, I think you told me
you're sort of learning how tocode At the same time you're
sort of building this business.
How long did it take before youhad something to go to market
(14:17):
with?
You had a client, you couldbring them in, you could listen
to them, you could continue toevolve.
What was that process like?
Speaker 1 (14:23):
so, like any software company, you can't sell
anything.
It's different than services,businesses, right?
You can't sell anything untilyou have something to sell.
Yeah, so until the the softwarereaches a certain maturity
point, there's nothing to give.
I would say that took aboutprobably five months, six months
(14:43):
, reasonably just working on thesoftware.
Until then we were stillapproaching customers, but it
was more like a PowerPoint deck.
This is what we're working on,this is what we're building.
Is it interesting to you?
If it's not interesting to you,those were almost better
conversations, because then youwould ask well, what would make
(15:04):
this interesting to you, likewhat is interesting and that
reflects his customer pain?
And then you bring that backand you say, okay, you know,
maybe we should modify oursoftware to do this or do that
so that it fits the market alittle bit better.
And so that took six months,you know, six months to get a
product that was productionready, that, uh, that customers
(15:27):
would want to buy, that solvedsome of their problems.
Speaker 2 (15:31):
Did you and Tim know who your ICP was, who that
market was in those first fivemonths or so or was that a part
of it as well?
As you were talking to partners, talking to customers, and
you're realizing, ooh, I seeenterprise, I see this gap.
This is who we want to target,this is what we want to go after
.
Speaker 1 (15:47):
We did, we did, we knew we wanted to build a
cost-efficient, easy-to-use andsimple-to-integrate.
Back in 2016, siem product forthe channel and the mid-market.
Specifically, we focused onmid-market banking.
So still today we have a hugecustomer constituency in
(16:08):
regional banks, credit unions,middle market banks you know
Main Street, not Wall Streetbanks, right, and that became a
big portion of our customer basein the beginning and we focused
there.
But at the time, sim and stilllargely today, our customer base
in the beginning and we focusedthere, but at the time, Sim and
(16:30):
still largely today was a veryenterprise-focused tool.
You know it had a lot offeatures and it could do a lot
of things, but you had toconfigure it, which became
really hard for middle marketcustomers, mostly because they
didn't have the time orexpertise but mostly the time
right they don't have 40 hours aweek to work on this one thing
and we wanted to build one thathad a high level of automation
(16:51):
and a really low requirement forcustomization, that could meet
the channel where they mostly dobusiness, which is in the
middle market.
Speaker 2 (16:58):
Yeah, I think that's.
I know they weren't MSPs,weren't necessarily your initial
target, but what you just saidthere resonates specifically to
MSPs, because I remember we werea large MSP and we couldn't
afford an enterprise SIEMproduct or the expertise to be
able to deliver a SOC out of ourfour walls, and so trying to
(17:20):
find that partnership was was areally a key and and we'll talk
here a minute about, about howyou, how you led to that.
But so just just a reminder foreveryone that's listening how
much development experience didyou have when you started
Adlumen?
Speaker 1 (17:36):
I didn't have any professional development
experience building enterprisesoftware applications, which
which, by the way, is not, Ithink, entirely uh.
On unique, that's right, um,you know any college kids that
starts, uh, you know the nextwhatever multi-billion dollar
company has never worked inprofessional development and
still, and still gets it done.
So that's not on unique.
(17:57):
But I had an interest and I andI cared to figure it out and,
as the story goes like, I knew alot about endpoints and um and
endpoint investigations, and sothat was extremely helpful, but
I didn't know anything aboutbuilding a user interface, a web
interface, uh, and so, becauseI knew nothing, I went out and I
signed up for this online UIbootcamp, this online web
(18:22):
development boot camp, and itwas the best $10,000 I ever
spent.
I didn't even complete theprogram.
It might even be on my LinkedInas I completed the program, but
I never made it all the way.
It doesn't matter, but it got meenough knowledge where I could
build a web app.
I could build a web app userinterface for our product, and
it used to have these mentoringsessions.
Uh, I could build, I couldbuild a web app, a user
interface for, for our product,and, and it used to have these
(18:44):
mentoring sessions that's what Iremember.
Uh, uh, this bootcamp had hadthese mentoring sessions with a
guy who knew what he was doing,uh, and so I would get this
mentor on and I would make himhelp me with building the web
app for the for the company.
I'd be like, yeah, I know itwas supposed to work on those
lessons, but we're not going todo that today.
(19:04):
All right, today we're going towork on this and he would help
me out.
Speaker 2 (19:08):
That just shows the sales side of you.
Now, right, you were able toconvince somebody to do
something they hadn't really setout to do.
So well done, robert.
So you took Adlumen from andactually let me ask this what
took Adlum from?
Sort of that SIM-based to theMDR, xdr and then full security?
Speaker 1 (19:26):
operations suite.
It was the market.
You know, in the early days youreally have to listen to the
market and where they want to gowith your product, and it was
100% the market.
So we were building this SIMproduct, which later just kind
of became XDR, you know,bringing in all the data sources
, a fundamental feature of SIMor XDR.
(19:47):
Uh, and and what was happeningis, as time went on, we were
selling that product, uh, butthen customers would say, hey,
we, we love your, we love yoursoftware, we'd also be willing
to pay you to respond to thesethreats that you're detecting.
And we took that on board andwe said, okay, we'll do that too
(20:09):
, right, and then we launchedour MDR products and have been
in that business ever since.
Speaker 2 (20:15):
How have you seen clients evolve?
Obviously, you're delivering,you talk about, you saw an
opportunity.
Clients are telling you, hey,we need you to do this.
But how have you seen theirsecurity practices evolving over
the years?
Speaker 1 (20:29):
They've gotten a lot more sophisticated.
What the middle market lacks inMSPs is not necessarily
sophistication, but it iscertainly time.
That is the resource that theylack the most and that's the
area that I believe we help themthe most.
There is a knowledge gap and alabor gap.
(20:52):
That exists there as well, butthere's a huge time gap, and so
over time, I've seensophistication rise, I've seen
the need rise and I've seen theimpact that our products and
services have on these endcustomers just increase
exponentially in value, goingboth ways over time we talked to
(21:18):
our partners and I remembereven my past MSP the types of
problems we were solving 10years ago versus today.
Speaker 2 (21:30):
It is a security-first market today and
if you don't have something ascomprehensive as an MDR or XDR
solution, you feel like you're abit behind the times with
people.
Speaker 1 (21:43):
So you know, threats have to be responded to right
away, and that's the immediatepart of time.
You know, no human can be up 24hours a day, seven days a week,
365 days a year.
When a threat comes acrossthese systems, it doesn't matter
what system it is.
But a threat comes across likeit needs to be acted on
(22:03):
immediately, and and that'swhere services like mdr really
make their impact it's becausethey immediately act on them
awesome.
Speaker 2 (22:10):
So talk a little bit about you building the business
you have.
You build a business with realstructure, hr, finance,
engineering, great alignment.
You've brought some amazingfolks.
It's been great, great to meeta lot of these folks.
Why did you go that routeversus, you know, maybe just
hiring people, sort of unknownfolks?
I mean, you made a realconscious effort to bring the
(22:32):
best of the best in.
Speaker 1 (22:35):
You've got to build infrastructure to have a viable
business.
And as your business increasesin revenue, like things just get
bigger, they get bigger andbigger and bigger and and that
creates a requirement for moreinfrastructure, middle
management, executive managementUh, you know, I imagine it's
not unlike the trajectory of ofany business that makes it to
(22:56):
that stage uh, in in their, intheir life cycle, uh, it, it
becomes a natural progression.
You know, I'm not an expertmarketer or expert salesman, but
you reach a certain scale whereyou've got to get an expert in
these different domains in orderto continue to make an impact.
Speaker 2 (23:16):
Very good.
So now AdLumen is an enablecompany, and from your
perspective, robert, how did weget here and why is this such a
great fit?
Speaker 1 (23:25):
We started with a partnership and so we were
partnered for nearly 18 monthsand that went really well,
obviously.
And so, yeah, we started with apartnership and we were in the
MSP space, but you're, you know,being an RMM one of the initial
creators of it, and so that'swhere we started and this is
where we ended.
Speaker 2 (23:45):
Yeah, and how's this?
I mean, this has been obviously, this is, this is fresh.
We're going on six, eightmonths, I think, since it was
announced, and how's it beenlike to be a part of this, this
bigger entity and obviouslytalking to MSPs of all different
shapes and sizes now?
Speaker 1 (24:03):
Yeah, that's what, what?
What has been the experiencewith Naples, like the global
reach and the global output?
I mean that that that has beenan adventure.
We're sitting here in Berlinand what an adventure it's been
to speak to MSPs of all kind ofshapes and sizes.
Yeah, piece of all kind ofshapes and sizes.
Speaker 2 (24:20):
I asked you a little bit earlier about sort of the
maturation or how the securitythreats have evolved, but talk a
little bit about what's maybethe new normal for cybersecurity
.
Speaker 1 (24:34):
It's the number of breaches, I mean the level, the
sheer amount.
That has been shocking actually.
That picked up Back in 2008,.
It was only nation statesplaying this game.
All you'd hear about is China,iran, you know the usual
suspects Russia, the usualsuspects, right, but in today's
world, every day is likehand-to-hand combat, every
(24:59):
single day, multiple times a day, actually.
If you were to look at our MDRmetrics multiple times a day,
actually, if you were to look atour MDR metrics multiple times
a day, is is hand to hand combatand that and that back when I
first got into this business in2008, technically right Wasn't
like that.
Speaker 2 (25:14):
Wow, we've seen the MDR uh market sort of evolved
from being just an outsourcedetection and response to
something more proactive.
Where do you see that spacemoving?
Speaker 1 (25:26):
yeah, the the further you can get out in front of
threats.
It's just so much better.
Um, you know, left of boom, ifyou will, is where you want to
be.
Right, uh, not right of boom,right, uh.
And so you know you want it.
You want to get to them earlier,like, for example, most
ransomware attacks.
Where they start is on themicrosoft estate or cloud email
(25:48):
breach of some kind, and thoseattacks just progress over a
period of weeks into ransomware.
So where you'd prefer to stopthat is in cloud email.
Right, you'd prefer to stop theattack there and you'll never
get to ransomware and take itout of the attack zone.
(26:10):
You'd prefer to stop it as likea patched vulnerability or a
configuration change or anaccount management policy or
procedure.
Even that's the best place tostop an attack.
So the further you can move tothe left of an attack, the
better off you are.
And in our space primarily,these attackers are going to go
(26:33):
after, like, the weakest targets.
Right, if you're a hard targetand it's just too hard to reach
you, you know these criminals.
They're just going to move onbecause, trust me, there's a
much easier target that they'llhave to not work as hard to
create pain and steal money,which is their primary objective
.
Speaker 2 (26:52):
Can you talk for a minute about AI and how AI, the
role it plays on the risk sideand then also on the protection
side?
Obviously, we see more and morevendors incorporating AI into
their software.
But what about the services?
Is there going to be an AI SOCbefore too long?
Speaker 1 (27:12):
There is.
There are three places atAdlumen and Able where AI makes
an impact.
First is on the threatdetection side.
Right, so, obviously, writingalgorithms that detect threats
faster and more accurately Insecurity.
You're dealing with billions,trillions of telemetry messages
(27:36):
and in those trillions oftelemetry messages you know one
might reflect an attack.
So that's just, it's theperfect job for a computer.
First of all, trillions ofsomething, and you know
trillions of noise, and you knowtrillions of noise and you know
a handful of signals.
Right, so, using AI to detectthreats better.
(27:57):
The second is decision making.
When an event comes across ourdesk that requires action
disable an account, isolate asystem, revoke sessions,
whatever it is You've got tomake the right decision and AI
can help with that.
(28:18):
It can help with that becausethe body of knowledge that it
can draw on is so much more thanwhat a human can.
When you put it into a humananalyst's hands and he looks at
that, he's drawing off hisexperience.
Maybe he'll look at an SOP,he'll look at an sop, he'll look
at what we've done in the past,but there's a lot of subjective
experience that's going intothat and and that's used to be
why you paid a human analyst,but the reality is an ai analyst
(28:42):
can draw on a much larger baseof knowledge and make better
decisions about what needs to bedone about a particular event.
So that's the second onedecision making.
The third is customercommunications.
In security you're often takingvery sophisticated and complex
events and you have to make thatthose series of complex events
(29:06):
easily consumable for a customerthat doesn't have a lot of time
right and you're talking about.
You know what event happened,what was investigated, what was
done about it, and AI can helpcontextualize that for the end
customer in a very clear andconcise way.
Speaker 2 (29:23):
Excellent.
So MSPs as I talk to more andmore of my colleagues, I hear
MSPs trying to figure out how totake AI to their customers,
whether it be through educationon how they can use it,
internally, training, maybe evenbuilding some GPT-type
interfaces or knowledge bases.
(29:45):
But, as a security guy, arethese things that folks should
be concerned about?
You know, are the hackers goingto get access that?
You know, the bad folks, thebad are they going to get access
to those AI modules to be ableto get access to information
that they shouldn't have?
Speaker 1 (30:05):
So the answer is yes, it's inevitable.
It is absolutely inevitable.
The same tools that we use todetect threats, make decisions
and contextualize information,they can use to conduct the same
, similar actions.
On the other side, they can useit to hide from detection.
(30:27):
You know to make decisionsright, and so it's inevitable.
It's going to become a problemand the real question will be
well, how will the securityindustry change in order to
adapt to that threat?
I've been in this business along time.
It changes every day.
Every day you're doingsomething a little different.
(30:49):
Every day you're making achange.
Every day you're doingsomething a little different.
Every day you're making achange.
Every day you're improving thesystem and how it does its job,
and I don't think that thisintroduction of new technology
is going to change thatExcellent.
Speaker 2 (31:01):
I think that's been.
The really neat thing that I'vewitnessed firsthand with
Adlumen is your developmentcycle.
You're constantly evolving,what it is that you're bringing
into market, and I think that'sa breath of fresh air because
the MSP industry andspecifically they, don't see
that it's a longer release cycle.
(31:21):
It's hey, we don't get that newversion for another year or
whatever that may be, butbecause this is a mission
critical interface, youobviously have to always be
looking at that Talk.
A mission critical interface,you know you obviously have to
always be looking at that Talk.
A little bit about what's nextfor AdLumen and EnableMDR.
Speaker 1 (31:38):
Yeah, so most recently here at Empower, we're
launching breach prevention forMicrosoft 365, which is really
an enhanced focus on just theMicrosoft estate At AdLumen.
Probably daily, we stop atleast one or two breaches just
on the Microsoft estate.
Forget all the other breachesin other locations that we
(32:01):
detect and stop literally juston Microsoft one or two a day.
Wow, and I've always said thiscloud email is by far the most
dangerous place on the internetat this particular time.
It wasn't that way, you know,five years ago.
Today, cloud email is the mostdangerous place, and so we're
launching this particularproduct in order to change to
(32:24):
the threats in the environment,so that we can protect more
customers in a different way andmake an impact in a much bigger
way.
Speaker 2 (32:31):
Oh, that's exciting, Robert.
Can't wait to see that and hearthe reaction from that
announcement.
So what's next for RobertJohnson?
I heard maybe congressman downthe line, but what's the
short-term future look like?
Speaker 1 (32:43):
Yeah, for now I'm the GM here at Enable and I keep
you know of Adlumen here at.
Enable the GM here at Enable andI keep you know of Adlumen here
at Enable and we're justcontinuing to build the product
and the customer base and growthe company you know worldwide.
I think it's a very excitingtime where Enable is uniquely
positioned at the crossroads ofIT operations and security
(33:07):
operations.
I've often described it as youknow two category five
hurricanes heading together tocreate the perfect storm.
Except, you know, georgeClooney's not in this movie,
right, and so that's theplatform we're building here as
a company and there's really noother platform like it in the
world where we can take theproactive vulnerability another
(33:31):
thing that's getting launchedhere today, right, uh, you know,
uh enables vulnerabilityplatform, and so you've got
vulnerability patching, endpointmanagement, uh leading into
security operations being uhprimary.
The ad lumen suite, right, simlog retention, m to data
protection and recovery, backupand recovery.
(33:52):
So from one platform being thecompany platform, they can go
from proactive to recovery froma single company.
I mean it's just an amazingplatform.
It's why we wanted to come hereand it's why, you know, the
story that we're building makesso much sense.
So the question is for nowcontinue to build that story,
(34:13):
because it is truly a fantasticand great story that we're
putting together here.
Speaker 2 (34:17):
I love it.
I love the energy that you andyour team have brought into
Enable as well.
It's been very powerful, Ithink, to watch you engage with
partners here at the conferenceand hear them say, oh you know,
listen to Robert and heard thedirection he's taken the
business.
You've been really great forEnable, so I'm glad to have you
here, Really lucky to have you,for sure.
So let me ask you, Robert, wealways love to ask this question
(34:40):
.
Right, it's the Now that's itpodcast.
Robert, when did you know Nowthat's it?
Speaker 1 (34:47):
When did I know?
Now that's it.
There's been those moments, youknow, many times, but I will
tell you that now that's it.
For me was making the decision,the big decision to come here
and enable and be part of theincredible story that you all
(35:07):
and we all now are building here.
It is truly exciting.
It's a fantastic time to be inthis domain too.
Security is taking such a frontstep to everything that
everyone is doing, and it goesto show you the size and scope
of the problem, too.
That that's the case when Italk to MSPs here.
They tell me that you know.
(35:28):
I say what's your number oneseller, what's the number one
thing that you're doing to bringto your customers, to provide
value?
They could tell me anything inthe world that they want.
They could say, oh, it's helpdesk, oh, it's coins or t-shirts
.
They could say whatever theywant to say, and every single
time they've answered thatquestion, it's been security,
(35:49):
yeah, number one.
Speaker 2 (35:51):
For sure, robert, I love it.
Thank you so much for beinghere today.
I'm so glad you got to tellyour story and can't wait for
everybody to hear this.
If you have not heard of usbefore, please come to the
enablecom and check out theAdLumen product line.
It's fantastic and thank you somuch, robert.
Really appreciate you.
Yeah, thanks for your time.
One, two, three, four .
Maybe, if I thought about it alittle longer, I might not be
here today, but 24 hours wasjust long enough to not really
realize what I was getting into,but not long enough to realize
how crazy it was right.
I think 24 hours was just thatperfect amount of time, and so I
went in and I just did it.
(00:21):
Welcome to Now.
That's it.
Stories of MSP success, where wedive into the journeys of some
of the trailblazers in ourindustry to find out how they
used their passion fortechnology to help turn managed
services into the thrivingsector it is today.
Speaker 2 (00:35):
In the spring of 2016 , robert Johnson was working at
CrowdStrike.
Just months after he led cyberoperations for the Pentagon Late
20s brilliant and alreadyresponsible for some of the most
sensitive digital missions innational security.
And then that same year, he'dend up at the center of one of
the most high profile cyberattacks in modern history the
(00:57):
Russian hack of the DNC.
And yet, just a few monthslater, robert would walk away
from it all.
Why?
Because he thought I can buildsomething better.
So today we have Robert Johnson, who's the co-founder of
Adlumen, one of the fastestgrowing cybersecurity tools in
MDR and XDR space, now an Enablecompany.
(01:18):
I'm so excited to have you heretoday, robert.
Thanks so much for being here.
Speaker 1 (01:22):
Yeah, thanks.
Thanks for having me.
Speaker 2 (01:24):
Awesome.
So I read that you enrolled inthe Naval Academy and your focus
was on wrestling.
Speaker 1 (01:32):
You were an all-star wrestler in high school.
I was All-state.
I wouldn't say I majored inwrestling.
Speaker 2 (01:35):
Of course, of course.
Speaker 1 (01:37):
I did get a degree while I was there but, yeah,
wrestling, the sport ofwrestling, it has always been a
big part of my life.
I competed in high school, Icompeted in college and the
wrestling team at the NavalAcademy had we were a top 15
team actually in the countrywhile I was there and we had a
(01:57):
fantastic coach who was thetwo-time Olympic team head coach
and, yeah, I love the sport ofwrestling.
Speaker 2 (02:03):
I love it.
It's been really interestingright now.
I've been watching some ofthese uh, um, you know, guys,
these heavyweights that aregoing back and wrestling, and
and one of those guys is amilitary guy, so it's a.
It's really, really interestingto see the, the power of the,
the wrestling community, uh,through the armed services it's
a really tight.
Speaker 1 (02:19):
It's a really tight-knit group.
You'll you'll meet a wrestleranywhere in the world, right,
and there's an instantaneousbond.
Some might say a shared pain, ashared pain and suffering that
takes place there.
But you know, it's a reallytight group.
Speaker 2 (02:35):
You've survived any sort of major disfiguration no
cauliflower ear or anything likethat right?
Speaker 1 (02:41):
No, I took.
You know, I wore my headgear, Itook good care of my ears, but
I still.
One's a little different thanthe other.
In truth, one's slightlydifferent than the other, but
not overly noticeable, yeah.
Speaker 2 (02:52):
So how did you find your way behind a?
Speaker 1 (02:53):
computer, robert.
It was in college, it was, youknow, information technology and
computer science was a newdomain to the Naval Academy at
the time.
This is 2000 and you know 2008.
And I took to it immediately,you know.
I thought, well, do I want todo you know political science or
(03:17):
engineering in some way?
And I landed on, you know,information technology and
computer science to be where Iwanted to focus my studies and
at first, in truth, I didn'tlike it that much because it was
just all computer programming.
But then I got to theinformation assurance classes
and that's where interest reallypeaked for me, because it was
(03:42):
like you got to be a cyber copor a criminal, depending on
which way you got to look at it,and it became exciting.
Speaker 2 (03:50):
Wow.
So you became the leader of theMarine Corps Red Team and a
team lead for the Cyber NationalMission Force.
You must have gotten the hangof IT, of computers, pretty
quickly then, huh.
Speaker 1 (04:01):
Well, I wanted to shape my career pretty quickly
then.
Huh, well, I wanted to shape mycareer.
I became so interested inschool with this domain that
when it came time to go into theMarine Corps, I wanted to shape
my Marine Corps career doingsomething similar.
So I spent some time in thefleet they would call it just
out in the Marine Corps and thenI got an opportunity to go to a
(04:23):
place called the NetworkOperations and Security Center,
which is like the security, theSOC, of the entire Marine Corps,
which is, you know, prettylarge, not as large as, say, the
Army, but that became likewhere I wanted to go, and that
was the first time I got to comeback to start the journey that
I had initially, when I leftcollege, like set out to
(04:47):
participate in, and so I got tocome back and then I got a
unique opportunity to lead thered team, which is doing
exciting work.
It's fun work.
Speaker 2 (04:55):
Yeah, so 2015, 2016, you're still in the Marine Corps
.
You're also consulting withCrowdStrike.
What was your life like at thattime?
What was going on?
Speaker 1 (05:05):
Well, I had left the Marine Corps, I had just left.
I spent eight years and I spenta little time in the reserves.
So I was technically, I guess,still in the Marine Corps and I
left the Marines and I wanted togo out to the private sector.
Like my dad spent 40 years inthe Marine Corps, I spent eight.
So it you know, I have like afamily history there.
(05:25):
But yeah, I spent eight yearsin Marine Corps.
That was, that was great.
But it was time to kind ofbegin the next, begin the next
chapter, and so I I joined aCrowdStrike and really incident
response is exciting too, it islike being a cyber cop.
And so that's what I wanted todo.
And they were.
They were a great company.
That was that was doing a lotof that work.
Speaker 2 (05:46):
So then, of course, you get called into what might
be the one of the most infamoushacks in history, the hacking of
the DNC.
Can you share anything about?
You know what that was like togo through that?
Speaker 1 (05:59):
It wasn't infamous at the time.
You know the.
You know the day that thoseengagements come, you know, to
your inbox.
You know it's just another dayat the office and so at the time
it wasn't infamous and youdidn't know what it would
eventually become.
But months after its conclusion, you know it became clear that
(06:22):
this was going to be, you know,a pretty big deal.
Speaker 2 (06:24):
Conclusion you know, it became clear that this was
going to be, you know, prettybig deal, wow.
So how did you end up on yourdesk, like what were you doing,
sort of at the time?
Speaker 1 (06:38):
I was actually on a run.
I was on a run and it was in theafternoon and they gave me a
call and said hey, you know, dnchas been breached, you know,
and it's just another IRengagement, another day at the
office, right, and you know, andI lived in DC and not far from
the center of politics, and so Isaid, yeah, you know what, if I
turn around right now on my runand I pick it up a little bit,
(06:58):
I can be back in, you know, callit 30 minutes and then I'll
head over there.
And so that's what I did, andso that was kind of day one.
It was Friday afternoon, Ithink.
All the big breaches, by theway, happened like Friday 5 PM.
Yeah, it's like, you know, it'sthey got something against it.
You know, cyber criminals areout there.
Maybe they end their day joband then they get to their, you
(07:19):
know, and and they and and theyget to their hobby.
But in this case it was RussianSVR, which is like their CIA.
But yeah, 5 o'clock on a Fridaypm, you can count something
going wrong.
Speaker 2 (07:30):
Wow, how quickly did the team, or maybe even you,
recognize really what hadhappened and how serious it was.
Speaker 1 (07:37):
Well, I had picked up anecdotal information because
how that breach came to be wasthrough law enforcement
notification initially and therewas only so much they could say
.
And so when you're hearing fromthe people that were notified
by law enforcement, they don'tknow who APT 28 is.
(08:00):
They don't know who Russian SVRis right, they don't know these
names.
And it was Cozy Bear is one ofthe names for this organization,
Russian SVR.
And so I think what came acrossmy desk was like the bears,
like that was, we've beenbreached by the bears.
(08:21):
But you know, I had been aroundthis, so I kind of put two and
two together and I said, okay,this has got to be probably Cozy
Bear.
And I had actually probably sixor eight months before that, I
had been at the Chairman of theJoint Chiefs of Staff breach by
the same threat actor, by theexact same group, while I was in
(08:43):
the military, and so it just sohappened, I had a very recent
encounter with the Russian SVRand so I said, well, okay, I
know where to look for theseguys, so let's just take a quick
peek and see if things arelining up to be the same.
And, sure enough, we take alook at one area on the system
(09:04):
and they're exactly where CozyBear would be.
And I said, you know, we, wetake a look at one area on the
system and they're exactly wherecozy bear would be.
And I said, all right, this isthis.
It's pretty clear, this is thesame group, same people, same
everything.
Speaker 2 (09:12):
Wow, in those types of situations, sort of a, a
normal person might get veryanxious or or or start to uh,
maybe dread the potentialreality of how big this could be
, how big of a deal that couldbe.
How do you stay focused?
Obviously you're ex-military,but how do you stay focused in
those sort of high profile or Iguess you didn't know it at the
(09:33):
time, but the potential to be ahigh profile type of a breach?
Speaker 1 (09:38):
When you're doing incident response it's a little
more like you're an EMT, right,you're showing up after the
accident has already taken place, which is an immediate kind of
stress reliever.
But you've also got to realizethat your customer or client on
the other side is having one ofthe worst days of their life.
(09:58):
Now breaches are a little moreregular and they happen all the
time, but still, you know, it'susually the customer's worst day
, and so they are stressed tothe max.
So you have to manage that, andif you manage that, okay,
you'll be all right.
But look, I had done so manybreaches at that point and so
(10:22):
many breach investigations thatit's another day at the office.
Speaker 2 (10:26):
So just out of curiosity, maybe the listeners
are curious as well.
Some people may have turnedthat into a talk show or a tour
or a book deal or something likethat, maybe even running for
Congress.
Did any of that ever cross your?
Speaker 1 (10:41):
mind Robert.
No, not at the time, not at thetime.
Not at the time it was such awhirlwind and you know, running
for Congress maybe in my futureat some point, but at that time
and today, you know, not in thecards.
Speaker 2 (10:59):
Awesome.
So let's talk a little bitabout the beginnings of Ed Luman
.
Things started to really theywere going really well at
CrowdStrike.
Then you get a marketing emailfrom this incubator I think you
mentioned Apply, and so you didthat right and you quit the day
after.
Talk a little bit about thatstory.
Speaker 1 (11:19):
Some people, when they start a business, maybe
they got this brilliant idea orthis, that, when they start a
business, maybe they got thisbrilliant idea or this, that?
Uh, for for me I got a.
There was an incubator in thearea called mock 37.
I think it still exists todayand their their thesis was, in
the DC area, which you have alot of intelligence community
agencies, that it's a good placeto breed security companies,
(11:44):
right, because you have all thisknowledge that could be coming
out of places like the CIA orthe NSA or the Defense
Department.
And so they stood up anincubator and they were sending
out marketing emails and, forwhatever reason, it landed in my
inbox.
I think I had been to a few oftheir happy hours or events or
or events.
Uh, and I figured, why not?
(12:05):
And and I just I applied to theincubator and I got in, and I
got in, and so, uh, you know, Ifigured I had nothing to lose.
That was literally it.
I figured I had nothing to loseand so I got into the incubator
.
Uh, I walked into work the nextday and I quit my job.
That was it.
Speaker 2 (12:25):
That could be extremely stressful for a risk
adverse or someone that's inrisk intelligence Sort of a
crazy thing to do.
Hindsight's 20-20, right, youcan look back.
You know it's the rightdecision you made at the time.
But what was going through yourmind?
How long did it take?
Obviously 24 hours, right Foryou just to go.
(12:47):
This is the right thing.
I feel good about it.
In my gut it feels good.
Speaker 1 (12:51):
Yeah, I felt like I had nothing to lose.
I was also working in securityand security and there's a
little job security and workingin security, just because you
can go work anywhere you know,and so I really felt like
nothing to lose and it felt likea great opportunity, fun,
exciting.
I wasn't married, I didn't haveany kids at the time.
Speaker 2 (13:11):
Yeah.
Speaker 1 (13:11):
These kinds of things help, and so, yeah, you know, a
little longer I might not behere today, but 24 hours was
just long enough to not reallyrealize what I was getting into.
But not long enough to notreally realize what I was
getting into, but not longenough to realize how crazy it
was.
Oh right, I think 24 hours wasjust that perfect amount of time
, and so I went in and I justdid it thank goodness you made
(13:31):
that decision back then, robert.
Speaker 2 (13:34):
So what was the responsibility split between
yourself and your co-founder?
Speaker 1 (13:38):
Tim.
I was responsible for product,so I was doing software
development and and engineering,and he was responsible for
product, so I was doing softwaredevelopment and engineering and
he was responsible for salesand marketing.
It became a very nicedistribution of duties, I think,
and then we were bothresponsible for kind of
approaching customers andselling to customers.
Speaker 2 (13:57):
You describe how long it sort of took for you guys to
go to market.
I mean, you start this businessin the incubator, you start to
build something.
You personally were building itright, I think you told me
you're sort of learning how tocode At the same time you're
sort of building this business.
How long did it take before youhad something to go to market
(14:17):
with?
You had a client, you couldbring them in, you could listen
to them, you could continue toevolve.
What was that process like?
Speaker 1 (14:23):
so, like any software company, you can't sell
anything.
It's different than services,businesses, right?
You can't sell anything untilyou have something to sell.
Yeah, so until the the softwarereaches a certain maturity
point, there's nothing to give.
I would say that took aboutprobably five months, six months
(14:43):
, reasonably just working on thesoftware.
Until then we were stillapproaching customers, but it
was more like a PowerPoint deck.
This is what we're working on,this is what we're building.
Is it interesting to you?
If it's not interesting to you,those were almost better
conversations, because then youwould ask well, what would make
(15:04):
this interesting to you, likewhat is interesting and that
reflects his customer pain?
And then you bring that backand you say, okay, you know,
maybe we should modify oursoftware to do this or do that
so that it fits the market alittle bit better.
And so that took six months,you know, six months to get a
product that was productionready, that, uh, that customers
(15:27):
would want to buy, that solvedsome of their problems.
Speaker 2 (15:31):
Did you and Tim know who your ICP was, who that
market was in those first fivemonths or so or was that a part
of it as well?
As you were talking to partners, talking to customers, and
you're realizing, ooh, I seeenterprise, I see this gap.
This is who we want to target,this is what we want to go after
.
Speaker 1 (15:47):
We did, we did, we knew we wanted to build a
cost-efficient, easy-to-use andsimple-to-integrate.
Back in 2016, siem product forthe channel and the mid-market.
Specifically, we focused onmid-market banking.
So still today we have a hugecustomer constituency in
(16:08):
regional banks, credit unions,middle market banks you know
Main Street, not Wall Streetbanks, right, and that became a
big portion of our customer basein the beginning and we focused
there.
But at the time, sim and stilllargely today, our customer base
in the beginning and we focusedthere, but at the time, Sim and
(16:30):
still largely today was a veryenterprise-focused tool.
You know it had a lot offeatures and it could do a lot
of things, but you had toconfigure it, which became
really hard for middle marketcustomers, mostly because they
didn't have the time orexpertise but mostly the time
right they don't have 40 hours aweek to work on this one thing
and we wanted to build one thathad a high level of automation
(16:51):
and a really low requirement forcustomization, that could meet
the channel where they mostly dobusiness, which is in the
middle market.
Speaker 2 (16:58):
Yeah, I think that's.
I know they weren't MSPs,weren't necessarily your initial
target, but what you just saidthere resonates specifically to
MSPs, because I remember we werea large MSP and we couldn't
afford an enterprise SIEMproduct or the expertise to be
able to deliver a SOC out of ourfour walls, and so trying to
(17:20):
find that partnership was was areally a key and and we'll talk
here a minute about, about howyou, how you led to that.
But so just just a reminder foreveryone that's listening how
much development experience didyou have when you started
Adlumen?
Speaker 1 (17:36):
I didn't have any professional development
experience building enterprisesoftware applications, which
which, by the way, is not, Ithink, entirely uh.
On unique, that's right, um,you know any college kids that
starts, uh, you know the nextwhatever multi-billion dollar
company has never worked inprofessional development and
still, and still gets it done.
So that's not on unique.
(17:57):
But I had an interest and I andI cared to figure it out and,
as the story goes like, I knew alot about endpoints and um and
endpoint investigations, and sothat was extremely helpful, but
I didn't know anything aboutbuilding a user interface, a web
interface, uh, and so, becauseI knew nothing, I went out and I
signed up for this online UIbootcamp, this online web
(18:22):
development boot camp, and itwas the best $10,000 I ever
spent.
I didn't even complete theprogram.
It might even be on my LinkedInas I completed the program, but
I never made it all the way.
It doesn't matter, but it got meenough knowledge where I could
build a web app.
I could build a web app userinterface for our product, and
it used to have these mentoringsessions.
Uh, I could build, I couldbuild a web app, a user
interface for, for our product,and, and it used to have these
(18:44):
mentoring sessions that's what Iremember.
Uh, uh, this bootcamp had hadthese mentoring sessions with a
guy who knew what he was doing,uh, and so I would get this
mentor on and I would make himhelp me with building the web
app for the for the company.
I'd be like, yeah, I know itwas supposed to work on those
lessons, but we're not going todo that today.
(19:04):
All right, today we're going towork on this and he would help
me out.
Speaker 2 (19:08):
That just shows the sales side of you.
Now, right, you were able toconvince somebody to do
something they hadn't really setout to do.
So well done, robert.
So you took Adlumen from andactually let me ask this what
took Adlum from?
Sort of that SIM-based to theMDR, xdr and then full security?
Speaker 1 (19:26):
operations suite.
It was the market.
You know, in the early days youreally have to listen to the
market and where they want to gowith your product, and it was
100% the market.
So we were building this SIMproduct, which later just kind
of became XDR, you know,bringing in all the data sources
, a fundamental feature of SIMor XDR.
(19:47):
Uh, and and what was happeningis, as time went on, we were
selling that product, uh, butthen customers would say, hey,
we, we love your, we love yoursoftware, we'd also be willing
to pay you to respond to thesethreats that you're detecting.
And we took that on board andwe said, okay, we'll do that too
(20:09):
, right, and then we launchedour MDR products and have been
in that business ever since.
Speaker 2 (20:15):
How have you seen clients evolve?
Obviously, you're delivering,you talk about, you saw an
opportunity.
Clients are telling you, hey,we need you to do this.
But how have you seen theirsecurity practices evolving over
the years?
Speaker 1 (20:29):
They've gotten a lot more sophisticated.
What the middle market lacks inMSPs is not necessarily
sophistication, but it iscertainly time.
That is the resource that theylack the most and that's the
area that I believe we help themthe most.
There is a knowledge gap and alabor gap.
(20:52):
That exists there as well, butthere's a huge time gap, and so
over time, I've seensophistication rise, I've seen
the need rise and I've seen theimpact that our products and
services have on these endcustomers just increase
exponentially in value, goingboth ways over time we talked to
(21:18):
our partners and I remembereven my past MSP the types of
problems we were solving 10years ago versus today.
Speaker 2 (21:30):
It is a security-first market today and
if you don't have something ascomprehensive as an MDR or XDR
solution, you feel like you're abit behind the times with
people.
Speaker 1 (21:43):
So you know, threats have to be responded to right
away, and that's the immediatepart of time.
You know, no human can be up 24hours a day, seven days a week,
365 days a year.
When a threat comes acrossthese systems, it doesn't matter
what system it is.
But a threat comes across likeit needs to be acted on
(22:03):
immediately, and and that'swhere services like mdr really
make their impact it's becausethey immediately act on them
awesome.
Speaker 2 (22:10):
So talk a little bit about you building the business
you have.
You build a business with realstructure, hr, finance,
engineering, great alignment.
You've brought some amazingfolks.
It's been great, great to meeta lot of these folks.
Why did you go that routeversus, you know, maybe just
hiring people, sort of unknownfolks?
I mean, you made a realconscious effort to bring the
(22:32):
best of the best in.
Speaker 1 (22:35):
You've got to build infrastructure to have a viable
business.
And as your business increasesin revenue, like things just get
bigger, they get bigger andbigger and bigger and and that
creates a requirement for moreinfrastructure, middle
management, executive managementUh, you know, I imagine it's
not unlike the trajectory of ofany business that makes it to
(22:56):
that stage uh, in in their, intheir life cycle, uh, it, it
becomes a natural progression.
You know, I'm not an expertmarketer or expert salesman, but
you reach a certain scale whereyou've got to get an expert in
these different domains in orderto continue to make an impact.
Speaker 2 (23:16):
Very good.
So now AdLumen is an enablecompany, and from your
perspective, robert, how did weget here and why is this such a
great fit?
Speaker 1 (23:25):
We started with a partnership and so we were
partnered for nearly 18 monthsand that went really well,
obviously.
And so, yeah, we started with apartnership and we were in the
MSP space, but you're, you know,being an RMM one of the initial
creators of it, and so that'swhere we started and this is
where we ended.
Speaker 2 (23:45):
Yeah, and how's this?
I mean, this has been obviously, this is, this is fresh.
We're going on six, eightmonths, I think, since it was
announced, and how's it beenlike to be a part of this, this
bigger entity and obviouslytalking to MSPs of all different
shapes and sizes now?
Speaker 1 (24:03):
Yeah, that's what, what?
What has been the experiencewith Naples, like the global
reach and the global output?
I mean that that that has beenan adventure.
We're sitting here in Berlinand what an adventure it's been
to speak to MSPs of all kind ofshapes and sizes.
Yeah, piece of all kind ofshapes and sizes.
Speaker 2 (24:20):
I asked you a little bit earlier about sort of the
maturation or how the securitythreats have evolved, but talk a
little bit about what's maybethe new normal for cybersecurity
.
Speaker 1 (24:34):
It's the number of breaches, I mean the level, the
sheer amount.
That has been shocking actually.
That picked up Back in 2008,.
It was only nation statesplaying this game.
All you'd hear about is China,iran, you know the usual
suspects Russia, the usualsuspects, right, but in today's
world, every day is likehand-to-hand combat, every
(24:59):
single day, multiple times a day, actually.
If you were to look at our MDRmetrics multiple times a day,
actually, if you were to look atour MDR metrics multiple times
a day, is is hand to hand combatand that and that back when I
first got into this business in2008, technically right Wasn't
like that.
Speaker 2 (25:14):
Wow, we've seen the MDR uh market sort of evolved
from being just an outsourcedetection and response to
something more proactive.
Where do you see that spacemoving?
Speaker 1 (25:26):
yeah, the the further you can get out in front of
threats.
It's just so much better.
Um, you know, left of boom, ifyou will, is where you want to
be.
Right, uh, not right of boom,right, uh.
And so you know you want it.
You want to get to them earlier,like, for example, most
ransomware attacks.
Where they start is on themicrosoft estate or cloud email
(25:48):
breach of some kind, and thoseattacks just progress over a
period of weeks into ransomware.
So where you'd prefer to stopthat is in cloud email.
Right, you'd prefer to stop theattack there and you'll never
get to ransomware and take itout of the attack zone.
(26:10):
You'd prefer to stop it as likea patched vulnerability or a
configuration change or anaccount management policy or
procedure.
Even that's the best place tostop an attack.
So the further you can move tothe left of an attack, the
better off you are.
And in our space primarily,these attackers are going to go
(26:33):
after, like, the weakest targets.
Right, if you're a hard targetand it's just too hard to reach
you, you know these criminals.
They're just going to move onbecause, trust me, there's a
much easier target that they'llhave to not work as hard to
create pain and steal money,which is their primary objective
.
Speaker 2 (26:52):
Can you talk for a minute about AI and how AI, the
role it plays on the risk sideand then also on the protection
side?
Obviously, we see more and morevendors incorporating AI into
their software.
But what about the services?
Is there going to be an AI SOCbefore too long?
Speaker 1 (27:12):
There is.
There are three places atAdlumen and Able where AI makes
an impact.
First is on the threatdetection side.
Right, so, obviously, writingalgorithms that detect threats
faster and more accurately Insecurity.
You're dealing with billions,trillions of telemetry messages
(27:36):
and in those trillions oftelemetry messages you know one
might reflect an attack.
So that's just, it's theperfect job for a computer.
First of all, trillions ofsomething, and you know
trillions of noise, and you knowtrillions of noise and you know
a handful of signals.
Right, so, using AI to detectthreats better.
(27:57):
The second is decision making.
When an event comes across ourdesk that requires action
disable an account, isolate asystem, revoke sessions,
whatever it is You've got tomake the right decision and AI
can help with that.
(28:18):
It can help with that becausethe body of knowledge that it
can draw on is so much more thanwhat a human can.
When you put it into a humananalyst's hands and he looks at
that, he's drawing off hisexperience.
Maybe he'll look at an SOP,he'll look at an sop, he'll look
at what we've done in the past,but there's a lot of subjective
experience that's going intothat and and that's used to be
why you paid a human analyst,but the reality is an ai analyst
(28:42):
can draw on a much larger baseof knowledge and make better
decisions about what needs to bedone about a particular event.
So that's the second onedecision making.
The third is customercommunications.
In security you're often takingvery sophisticated and complex
events and you have to make thatthose series of complex events
(29:06):
easily consumable for a customerthat doesn't have a lot of time
right and you're talking about.
You know what event happened,what was investigated, what was
done about it, and AI can helpcontextualize that for the end
customer in a very clear andconcise way.
Speaker 2 (29:23):
Excellent.
So MSPs as I talk to more andmore of my colleagues, I hear
MSPs trying to figure out how totake AI to their customers,
whether it be through educationon how they can use it,
internally, training, maybe evenbuilding some GPT-type
interfaces or knowledge bases.
(29:45):
But, as a security guy, arethese things that folks should
be concerned about?
You know, are the hackers goingto get access that?
You know, the bad folks, thebad are they going to get access
to those AI modules to be ableto get access to information
that they shouldn't have?
Speaker 1 (30:05):
So the answer is yes, it's inevitable.
It is absolutely inevitable.
The same tools that we use todetect threats, make decisions
and contextualize information,they can use to conduct the same
, similar actions.
On the other side, they can useit to hide from detection.
(30:27):
You know to make decisionsright, and so it's inevitable.
It's going to become a problemand the real question will be
well, how will the securityindustry change in order to
adapt to that threat?
I've been in this business along time.
It changes every day.
Every day you're doingsomething a little different.
(30:49):
Every day you're making achange.
Every day you're doingsomething a little different.
Every day you're making achange.
Every day you're improving thesystem and how it does its job,
and I don't think that thisintroduction of new technology
is going to change thatExcellent.
Speaker 2 (31:01):
I think that's been.
The really neat thing that I'vewitnessed firsthand with
Adlumen is your developmentcycle.
You're constantly evolving,what it is that you're bringing
into market, and I think that'sa breath of fresh air because
the MSP industry andspecifically they, don't see
that it's a longer release cycle.
(31:21):
It's hey, we don't get that newversion for another year or
whatever that may be, butbecause this is a mission
critical interface, youobviously have to always be
looking at that Talk.
A mission critical interface,you know you obviously have to
always be looking at that Talk.
A little bit about what's nextfor AdLumen and EnableMDR.
Speaker 1 (31:38):
Yeah, so most recently here at Empower, we're
launching breach prevention forMicrosoft 365, which is really
an enhanced focus on just theMicrosoft estate At AdLumen.
Probably daily, we stop atleast one or two breaches just
on the Microsoft estate.
Forget all the other breachesin other locations that we
(32:01):
detect and stop literally juston Microsoft one or two a day.
Wow, and I've always said thiscloud email is by far the most
dangerous place on the internetat this particular time.
It wasn't that way, you know,five years ago.
Today, cloud email is the mostdangerous place, and so we're
launching this particularproduct in order to change to
(32:24):
the threats in the environment,so that we can protect more
customers in a different way andmake an impact in a much bigger
way.
Speaker 2 (32:31):
Oh, that's exciting, Robert.
Can't wait to see that and hearthe reaction from that
announcement.
So what's next for RobertJohnson?
I heard maybe congressman downthe line, but what's the
short-term future look like?
Speaker 1 (32:43):
Yeah, for now I'm the GM here at Enable and I keep
you know of Adlumen here at.
Enable the GM here at Enable andI keep you know of Adlumen here
at Enable and we're justcontinuing to build the product
and the customer base and growthe company you know worldwide.
I think it's a very excitingtime where Enable is uniquely
positioned at the crossroads ofIT operations and security
(33:07):
operations.
I've often described it as youknow two category five
hurricanes heading together tocreate the perfect storm.
Except, you know, georgeClooney's not in this movie,
right, and so that's theplatform we're building here as
a company and there's really noother platform like it in the
world where we can take theproactive vulnerability another
(33:31):
thing that's getting launchedhere today, right, uh, you know,
uh enables vulnerabilityplatform, and so you've got
vulnerability patching, endpointmanagement, uh leading into
security operations being uhprimary.
The ad lumen suite, right, simlog retention, m to data
protection and recovery, backupand recovery.
(33:52):
So from one platform being thecompany platform, they can go
from proactive to recovery froma single company.
I mean it's just an amazingplatform.
It's why we wanted to come hereand it's why, you know, the
story that we're building makesso much sense.
So the question is for nowcontinue to build that story,
(34:13):
because it is truly a fantasticand great story that we're
putting together here.
Speaker 2 (34:17):
I love it.
I love the energy that you andyour team have brought into
Enable as well.
It's been very powerful, Ithink, to watch you engage with
partners here at the conferenceand hear them say, oh you know,
listen to Robert and heard thedirection he's taken the
business.
You've been really great forEnable, so I'm glad to have you
here, Really lucky to have you,for sure.
So let me ask you, Robert, wealways love to ask this question
(34:40):
.
Right, it's the Now that's itpodcast.
Robert, when did you know Nowthat's it?
Speaker 1 (34:47):
When did I know?
Now that's it.
There's been those moments, youknow, many times, but I will
tell you that now that's it.
For me was making the decision,the big decision to come here
and enable and be part of theincredible story that you all
(35:07):
and we all now are building here.
It is truly exciting.
It's a fantastic time to be inthis domain too.
Security is taking such a frontstep to everything that
everyone is doing, and it goesto show you the size and scope
of the problem, too.
That that's the case when Italk to MSPs here.
They tell me that you know.
(35:28):
I say what's your number oneseller, what's the number one
thing that you're doing to bringto your customers, to provide
value?
They could tell me anything inthe world that they want.
They could say, oh, it's helpdesk, oh, it's coins or t-shirts
.
They could say whatever theywant to say, and every single
time they've answered thatquestion, it's been security,
(35:49):
yeah, number one.
Speaker 2 (35:51):
For sure, robert, I love it.
Thank you so much for beinghere today.
I'm so glad you got to tellyour story and can't wait for
everybody to hear this.
If you have not heard of usbefore, please come to the
enablecom and check out theAdLumen product line.
It's fantastic and thank you somuch, robert.
Really appreciate you.
Yeah, thanks for your time.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Special Summer Offer: Exclusively on Apple Podcasts, try our Dateline Premium subscription completely free for one month! With Dateline Premium, you get every episode ad-free plus exclusive bonus content.