Who would have guessed 15 years ago that Martin Roesch's free computer network-security program would turn into a $2.7 billion deal?
Roesch used the no-cost software he developed in 1998 — called Snort because it sniffs out trouble — as the foundation for Columbia cybersecurity firm Sourcefire Inc. On Tuesday, the company announced that it had agreed to sell itself to tech giant Cisco Systems Inc.
The price speaks to the business potential in developing good defenses as high-profile hacking of corporations and government agencies mounts. It's also a recognition of Sourcefire's reputation.
The company's share of the global market for one type of cybersecurity — detection and prevention of intrusion on computer systems — rose from 8.4 percent in 2011 to 11.2 percent last year, according to William Blair & Co. That's behind only McAfee, Cisco and IBM.
Roesch, who goes by Marty, talked with The Baltimore Sun on Friday about the acquisition, the company's early years and the state's aspirations of becoming top dog in detecting and blocking hackers.
Did you have any inkling when you developed Snort that it could lead to a valuable business down the road, let alone one worth $2.7 billion?
No, I certainly didn't. In fact … six months before I started Sourcefire was the first time I ever entertained the idea that I could build something around Snort.
What appealed to you about Cisco as an acquirer — why was this the right deal for Sourcefire?
I think it's a good match. … Sourcefire brings great products in the threat space for dealing with modern threats; we have a lot of deep-security DNA within the company and we have a track record of being the best at what we do. … They have a huge platform for bringing these good ideas we have at Sourcefire to market.
What are your plans? Do you expect to be with Cisco for a while?
The plan is to make me the chief architect for Cisco's security business. … So, yeah, I'm planning to stick around and take all the great things that we do and all the great things that they do and build powerful capabilities that customers will love and will provide better security for everyone on the Internet.
Analysts say big tech firms are buying smaller cybersecurity companies because that's where the innovation is. Do you think Sourcefire can continue to innovate as a small piece of a huge business?
The way that Cisco is structured, their security business unit is … certainly not anywhere as huge as the whole company. What they're really encouraging us to do is come in and be an innovative part of that team. We feel like there's a lot of opportunities to continue to do innovative things.
How has cybersecurity and the threat landscape changed since you started the company?
It's changed significantly. You know, back when I got going with Sourcefire back in 2001, people knew about hackers and they knew about hacking, but their day-to-day exposure to it wasn't what it is today. … It's changed from being this abstract 21st-century problem to this "Oh, geez, I've got to remember another credit card number" problem for everyone. And that's just the tip of it. …
These things used to happen on a small scale when we got going, but now they're industrialized. … The stakes are very different.
This recognition of cybersecurity's growing importance helps explain why Maryland says it wants to be the Silicon Valley of cybersecurity. What needs to happen for the state to get there?
It's kind of happening on its own to some degree because there's so much cybertalent and cyberactivity in this part of the world, with Cyber Command over at Fort Meade … and companies like Sourcefire in the region. It's just kind of a natural occurrence with that much concentrated knowledge base and skills base in one part of the country.
What does the Cisco deal mean for cyber in Maryland?
Well, it means there's a large market for good ideas out there, and people who can execute on their ideas … have opportunities to build something really special and take it to a global audience. For entrepreneurs out there like I was when I started out in my house … sometimes, it seems pretty daunting. If you focus and stick to it, real good things are possible.
You've said before that cybercriminals have a leg up on cybersecurity companies. How do you mean that, and what's your strategy for dealing with it?
The bad guys can go out and buy one of everything. … They can buy all the security technologies and put them into their own lab and analyze how they work. … When they go after a potential target, they have the ability to really figure out what they're facing and devise ways to get by it. …