Technology expert and author Dan Woods has published a series of articles in Forbes magazine that explore how companies can build effective, balanced cybersecurity portfolios. In his latest article in this series, titled “An Ounce of Prevention – How CrowdStrike Fits Into A Balanced Cybersecurity Portfolio,” he interviews CrowdStrike CEO and Co-Founder George Kurtz.
“You cannot achieve perfect security. You need a plan for how you respond to threats that risk the most important parts of your business,” Woods states in his premise. For developing a response plan, Woods recommends starting with the National Institute of Standards and Technology (NIST) Cybersecurity Framework, which emphasizes five core activities: identify, protect, detect, respond, and recover. Woods also recommends that companies follow a five-step process that includes determining needs, allocating spending according to risk, designing a portfolio and choosing the right products. He talked to Kurtz to get an in-depth look at how the CrowdStrike® solution fits into the NIST framework and building a balanced security portfolio.
The first point Kurtz raises in the interview is the need for good IT hygiene. “You have to know what assets are in your environment — what you have — and what assets are protected and not protected. We help companies establish that baseline,” Kurtz said. That baseline is particularly important considering factors like today’s BYOD environments, a highly mobile workforce, networks that extend to the cloud, and organizations with sometimes hundreds of thousands of endpoints, according to Kurtz. CrowdStrike’s own solution for IT hygiene is Falcon Discover™, part of the CrowdStrike Falcon® platform.
However, understanding what’s on your network is only half the battle, Kurtz points out; bolstering your defenses to protect those assets as much as possible is key. To achieve that, Kurtz recommends deploying a next-gen antivirus solution, such as CrowdStrike’s Falcon Prevent™, which is able to predict if something is a threat without relying on a signature. Especially when dealing with today’s sophisticated malware-free and fileless attacks, Kurtz explained, it’s important to have technology that focuses on threat patterns rather than the specific threats themselves. He also described how Falcon Prevent looks for indicators of attack (IOAs), applying machine learning algorithms to behaviors for immediately identifying and preventing threats. “If we see it, we can immediately identify it and prevent it — and It’s repeatable,” Kurtz said.
Kurtz also talked about CrowdStrike’s proactive threat hunting service, Falcon OverWatch™, a team of expert hunters who provide 24/7 coverage, identifying breach indicators and helping companies respond to threats. “With this coverage, we stop, on average, about three breaches per hour,” he explained.
The article concludes with Kurtz’s recommendations for organizations as they work toward achieving balance in their security portfolios. “At the end of the day, this is all about risk reduction — not total elimination,” he said, “and deciding how many dollars should be spent to get the maturity up to a certain level and reduce that risk.”
Learn how CrowdStrike fulfills the five essentials of next-generation endpoint protection: CrowdStrike Falcon: Setting the New Standard in Endpoint Protection (EPP)