Malicious Bots are a problem.
According to a survey by Security Magazine focused on online retail and ecommerce business employees in the US who had full-time roles related to fraud prevention, customer experience, payments and management, 80% of respondents said there has been an increase in financial loss within their organization because of more complex and sophisticated bot attacks. One in four say a single bot attack has cost them $500,000 or more in the past year, and two in three say a single attack has cost $100,000 or more. It adds up to large losses for business.
Sam Crowther was out to change those statistics when the then 19-year-old New Castle, Australia entrepreneur founded Kasada in 2019. The innovative security company protects online, mobile, and API channels from system takeover, content scraping, DOS, and account takeover. This founding CEO journey is based on my interview with Crowther.
Crowther was working at Macquarie Bank during the time that they were transitioning from serving ultra-high net worth customers to more of a retail bank. And that exposed the company to so many things that they didn’t have to worry about before. Now, all of a sudden, anyone could come in and open up a bank account and try to access their accounts. And with that, automated fraud went through the roof. “There was a whole process of testing out all these different tools, trying to figure out ways to get it to work. And none of it was really very smooth. I had just had this random idea that maybe if we approach it this way, it could work, and we could build something pretty cool. So, I left Macquarie to whip up an MVP, and then convinced my mates to come join the business. And we sort of went from there,” says Crowther.
Hired out of high school at the age of 18 by Macquarie, Crowther was brought on as the inside “hacker” to break things, but the huge bank wasn’t interested in his ideas to solve their malicious bot problem. After leaving the bank in 2015, it took Crowther and his young team a little less than a year to build a version of their bot mitigation software that they could demo to potential customers.
The process of acquiring paying customers for a software platform created by a 19-year-old would normally be a daunting process, but according to Crowther they happened to be in the right place at the right time, combined with persistence. “We were as much of a pain in the ass and just as everywhere that we could be all at once. And the consistent thing between all of those customer calls was that the problem was getting so bad. And they’d put in so much effort to try to solve it and they couldn’t. They had basically had no choice. Good or bad we were literally the final resort, because they realized they couldn’t deal with it. And then they worked with us and realized they should have done this way earlier,” says Crowther.
With that, the business began to grow. According to Crowther the easy-to-onboard solution invisibly stops automated threats while inflicting financial damage to attackers by destroying their ROI. Today, the 100-person company still has a presence in Sydney, Australia, but its primary office is in the US in New York, as 90% of its Fortune 500 customer base is in the US. Crowther himself moved to New York City four years ago to be where his main customers were. The company now also has offices in San Francisco, London, and Melbourne.
“Every day across our customers, we interact with maybe 130 million Unique Visitors. So, it’s pretty material. And that represents from an ecommerce dollars flow perspective, about $150 billion a year,” says Crowther of his growing company who now works with the likes of Crocs, Hyatt, PointsBet and REAGroup to name a few.
The company has taken in some $40 million in venture funding to date. Its most recent $23 million Series C funding in December 2021 was led by StepStone Group with participation from existing investors Ten Eleven Ventures, Main Sequence Ventures, Reinventure (Westpac’s venture capital arm), and Turnbull & Partners, the former Australia Prime Minister’s venture firm. Turnbull himself also joined the Kasada board.
Crowther grew up in Newcastle, Australia, a steel and coal city on the coast north of Sydney, an unlikely setting for a budding tech entrepreneur. His mom was a special education teacher, and his dad was in community communication and media consulting. “I just kind of stumbled into computers. And then I found security. It was like, wow, this is kind of fun, breaking things. My parents were supportive enough to let me pursue this while I was still in high school,” says Crowther.
Through a series of fortunate events, the counterpart of the NSA in Australia, the Australian Security Intelligence Organisation (ASIO) was looking at working with high school students. Crowther was the second student they chose to engage with, and he started working for them during school holidays. “I did that for a few years. And then that set me up to go and work at Macquarie after high school,” says Crowther.
He never attended college, choosing to work instead. “I looked at the course syllabus for a software engineering degree and then I looked at what Macquarie was going to pay me and what I’d be doing there. And I was like, ‘You know what, I’m going to take a gap year and the gap year turned into a Gap 10’,” says Crowther.
The 18-year-old Crowther was hired by Macquarie after he wrote a handwritten letter to the Chief Operating Officer, explaining what he had been doing with ASIO. “The letter ended up on the CISOs desk and he met me for a coffee. He said that the whole time, I was like an energizer bunny with excitement. So, he knew that he had to give me a shot to see what I could do,” says Crowther.
After two years at Macquarie, he would leave to found Kasada. “So, in the grand scheme of things, not a whole lot of time, but because I was just given such free rein, because they needed people like me to just come in and help them break things, I got exposure to tons of different things,” says Crowther.
As for the future? “From what we’ve seen with the nature of the problems we’re solving and the sorts of companies that are trusting us to solve it as well, despite being very small in the grand scheme of things, I’ve no doubt we can build this into a very, very large security business that does a lot more than just bot mitigation, which is exciting,” concludes Crowther.
Read the full article here