PUBLIC POLICY RESOURCE CENTER
Cybersecurity is central to today’s most important technology, privacy policy and regulatory developments. CrowdStrike informs decision makers around the globe based on what it sees in the field and how it thinks the trends it observes today will affect the security environment tomorrow. We are at the forefront of these issues globally. Learn how CrowdStrike can help.
HIGHLIGHTS
CrowdStrike’s Privacy and Public Policy practice engages on some of the key issues at the intersection of security and technology policy.
RECENT TESTIMONIES, COMMENTS & BLOGS
CrowdStrike engages with policymakers globally to advance the causes of privacy and cybersecurity. Select examples include:
Testimonies
- Drew Bagley Testimony on “CISA 2025: The State of American Cybersecurity from a Stakeholder Perspective” before the U.S. House of Representatives Committee on Homeland Security, Subcommittee on Cybersecurity and Infrastructure Protection
- Zeki Turedi Call for Evidence on “Inquiry into Ransomware” before the UK Joint Committee on the National Security Strategy
- Rob Sheldon Testimony on “Protecting American Innovation” before the U.S. Senate Intelligence Committee
- Adam Meyers Testimony on “Mobilizing our Cyber Defenses and Securing Critical Infrastructure Against Russian Cyber Threats” before the U.S. House Committee on Homeland Security
- George Kurtz Testimony on “Cybersecurity and Supply Chain Threats” before the U.S. Senate Select Committee on Intelligence
Request for Comment Responses
- SEC Cybersecurity Risk Management Proposed Rule (May 2023)
- Australia Privacy Act Review Report (March 2023)
- California CPPA Cyber Comments (March 2023)
- NIST 2.0 Comments (March 2023)
- FCC E-Rate Comments (February 2023)
- FCC Data Breach Requirement Comments (February 2023)
- TSA Enhancing Surface Cyber Risk Management (January 2023)
- Proposed Second Amendment to 23 NYCRR Part 500: Cybersecurity Requirements for Financial Services Companies (January 2023)
- India's Digital Personal Data Protection Bill 2022 (December 2022)
- Cyber Incident Reporting for Critical Infrastructure Act of 2022 (November 2022)
- Office of the National Cyber Director (ONCD) Cyber Workforce, Training, and Education (November 2022)
- CISA Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA) (May 2022)
- European Union Data Act (May 2022)
- Proposal for New Telecoms Security Regulations and Code of Practice (May 2022)
- Securities and Exchange Commission (SEC): Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (May 2022)
- Consultation on Draft Regulations to Saudi Arabia’s Personal Data Protection Law (March 2022)
- Zero Trust Maturity Model (October 2021)
- Cloud Security Technical Reference Architecture (October 2021)
- Federal Zero Trust Strategy (September 2021)
- Modernizing Privacy in Ontario, Canada (September 2021)
- Strengthening Australia's Cybersecurity Regulations and Incentives (August 2021
- Cybersecurity Labeling Programs for Consumers: Internet of Things (IoT) Devices and Software (August 2021)
- Software Bill Of Materials Elements & Considerations (June 2021)
- Cybersecurity - Uniform Rules for EU institutions, bodies and agencies (January 2021)
- Public Consultation on Data protection - standard contractual clauses for transferring personal data to non-EU countries (implementing act) (December 2020)
- Public Consultation on the European Data Protection Board Guidelines (October 2020)
- Cyber and Critical Technology International Engagement Strategy (CCTIES), Australia (June 2020)
- Public Consultation on the EU’s General Data Protection Regulation (GDPR) (April 2020)
Blogs
- Data Protection Day 2023: Misaligned Policy Priorities Complicate Data Protection Compliance
- Four Takeaways as the European Union's General Data Protection Regulation (GDPR) Turns 4
- Data Protection 2022: New U.S. State Laws Reflect Convergence of Privacy and Security Requirements
- Data Protection Day 2022: To Protect Privacy, Remember Security
- Data Protection Does Not Exist Without Data Security
- New Cybersecurity Executive Order: What It Means for the Public Sector
VIDEOS, WEBINARS, TALKS & PODCASTS
We have additional resources covering specialized topics and issues. See here:
- Podcast: Adam Meyers on the Cyber Threat Landscape- Cipher Brief Open Source Report (Jan 16-20, 2023)
- Talk: Adam Meyers on Securing Cyberspace - Global Cybersecurity Landscape, Washington Post Live
- Video: Fal.Con 2022: Shawn Henry with Kemba Walden, Principal Deputy National Cyber Director, on Government-Industry Collaboration on Cybersecurity
- Video: Fal.Con 2022: AI Myths and Realities: Navigating Global Regulation to Enhance Your Cybersecurity Program
- Video: Fal.Con 2022: Falcon and U.S. State Law Cybersecurity Requirements
- Webinar: Workshop on Cybersecurity Labeling Programs for Consumers: Internet of Things (IoT) Devices and Software
- Webinar: CrowdCast: DATA PROTECTION DAY 2022: The State of Data Protection; Cyber Risks are Privacy Risks
- Podcast: Data Protection & Data Security: Two Sides of the Same Coin
- Webinar: Navigating Data Protection with a Newly Deployed Remote Workforce
- Webinar: USAID Digitalization & Cybersecurity series
- Data Sheet: Quick Start Guide To Securing Cloud-Native Apps
COMMITTEES & MEMBERSHIPS
CrowdStrike representatives serve on a number of boards and committees. CrowdStrike also belongs to a number of trade associations. These include:
- Europol EC3 Advisory Group on Internet Security
- European Data Protection Board (EDPB) Pool of Experts
- Department of State International Digital Economy and Telecommunication Advisory Committee
- IT Sector Coordinating Council
- International Association of Privacy Professionals (IAPP), KnowledgeNet
- Bundesverband der Datenschutzbeauftragten Deutschlands (BvD) e.V.
- European Federation of Data Protection Officers
- The German Association For Data Protection And Data Security (GDD)
- BITKOM
- IT Security Association Germany (TeleTrust)
- OneTrust PrivacyConnect Frankfurt Chapter
- ICANN Competition, Consumer Choice, and Consumer Trust Review Team
- NASCIO Privacy & Data Protection Working Group
- U.S Chamber of Commerce
- Information Technology Industry Council
- Alliance for Digital Innovation
CONTACT
Email: Policy@CrowdStrike.com