Public Policy
Resource Center

Cybersecurity is central to today’s most important technology, privacy policy and regulatory developments. CrowdStrike informs decision makers around the globe based on what it sees in the field and how it thinks the trends it observes today will affect the security environment tomorrow. We are at the forefront of these issues globally. Learn how CrowdStrike can help.


CrowdStrike’s Privacy and Public Policy practice engages on some of the key issues at the intersection of security and technology policy.

Data Protection Compliance

Cybersecurity is central to data protection compliance obligations.

Learn how

Election security

Interference in democratic processes is on the rise globally. Here’s what we’re doing to help.

Learn more


CrowdStrike Government Summit 2023: Keynote: CISA Director Jen Easterly and George Kurtz in a Special Fireside Chat

Watch now


CrowdStrike Government Summit 2023: Fireside Chat: White House Deputy NCD Camille Steward Gloster and Drew Bagley on Supply Chain Security

Watch now


Drew Bagley on Securing Cyberspace- Next Generation of Threats, Washington Post Live

Learn more

Recent Testimonies, Comments & Blogs

CrowdStrike engages with policymakers globally to advance the causes of privacy and cybersecurity. Select examples include:


Rob Sheldon Testimony
on "Intellectual Property and Strategic Competition with China: Part III - IP Theft, Cybersecurity, and AI” before the U.S. House Judiciary Subcommittee on Courts, Intellectual Property, and the Internet

Rob Sheldon Testimony
on “Evaluating CISA’s Federal Civilian Executive Branch Cybersecurity Programs” before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection

Drew Bagley Testimony
on “CISA 2025: The State of American Cybersecurity from a Stakeholder Perspective” before the U.S. House of Representatives Committee on Homeland Security, Subcommittee on Cybersecurity and Infrastructure Protection

Zeki Turedi Call for Evidence
on “Inquiry into Ransomware” before the UK Joint Committee on the National Security Strategy

Rob Sheldon Testimony
on “Protecting American Innovation” before the U.S. Senate Intelligence Committee

Adam Meyers Testimony
on “Mobilizing our Cyber Defenses and Securing Critical Infrastructure Against Russian Cyber Threats” before the U.S. House Committee on Homeland Security

George Kurtz Testimony
on “Cybersecurity and Supply Chain Threats” before the U.S. Senate Select Committee on Intelligence

Request for Comment Responses

Brazil ANDP International Data Transfer Regulation (September 2023)

Singapore Use of Personal Data in AI Systems (August 2023)

New York Financial Sector Cybersecurity Requirements (August 2023)

Kingdom of Saudi Arabia Data Transfer Law (July 2023)

Kingdom of Saudi Arabia Personal Data Protection Law (July 2023)

Safe and Responsible AI in Australia Discussion Paper (July 2023)

EU Cyber Solidarity Act (July 2023)

White House OSTP National Priorities for Artificial Intelligence (July 2023)

NIST Cybersecurity Framework 2.0 Core Discussion Draft (May 2023)

SEC Cybersecurity Risk Management Proposed Rule (May 2023)

Australia 2023-2030 Cyber Security Strategy (April 2023)

Australia Privacy Act Review Report (March 2023)

California CPPA Cyber Comments (March 2023)

NIST 2.0 Comments (March 2023)

FCC E-Rate Comments (February 2023)

FCC Data Breach Requirement Comments (February 2023)

TSA Enhancing Surface Cyber Risk Management (January 2023)

Proposed Second Amendment to 23 NYCRR Part 500: Cybersecurity Requirements for Financial Services Companies (January 2023)

India's Digital Personal Data Protection Bill 2022 (December 2022)

Cyber Incident Reporting for Critical Infrastructure Act of 2022 (November 2022)

Office of the National Cyber Director (ONCD) Cyber Workforce, Training, and Education (November 2022)

Brazil ANDP: International Transfers of Personal Data (June 2022)

CISA Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA) (May 2022)

European Union Data Act (May 2022)

Proposal for New Telecoms Security Regulations and Code of Practice (May 2022)

Securities and Exchange Commission (SEC): Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (May 2022)

Consultation on Draft Regulations to Saudi Arabia’s Personal Data Protection Law (March 2022)

Zero Trust Maturity Model (October 2021)

Cloud Security Technical Reference Architecture (October 2021)

Federal Zero Trust Strategy (September 2021)

Modernizing Privacy in Ontario, Canada (September 2021)

Strengthening Australia's Cybersecurity Regulations and Incentives (August 2021)

Cybersecurity Labeling Programs for Consumers: Internet of Things (IoT) Devices and Software (August 2021)

Software Bill Of Materials Elements & Considerations (June 2021)

Cybersecurity - Uniform Rules for EU institutions, bodies and agencies (January 2021)

Public Consultation on Data protection - standard contractual clauses for transferring personal data to non-EU countries (implementing act) (December 2020)

Public Consultation on the European Data Protection Board Guidelines (October 2020)

Cyber and Critical Technology International Engagement Strategy (CCTIES), Australia (June 2020)

Public Consultation on the EU’s General Data Protection Regulation (GDPR) (April 2020)