Video: 10 Minute IT Jams - CrowdStrike's security cloud focus for 2021
Cybersecurity threats are intensifying. That is the message from Jay Porter, Regional Director for Australia and New Zealand at CrowdStrike, who spoke to TechDay about the evolving risks facing businesses and the changing landscape of IT security across the Asia-Pacific.
Porter's perspective is grounded in alarming statistics. "Risks are really growing and evolving at an alarming rate," he said. "We saw a 330% increase in e-crime year on year last year." While cyber criminals have long been a concern, Porter explained that the nature of adversaries has become more sophisticated. "The evolution of both e-crime and adversaries from a nation or a state-based adversary perspective as well, really using more sophisticated tactics and techniques, is a really worrying threat," he said.
In CrowdStrike's view, no industry is immune. Healthcare, logistics, and especially online and mobile banking platforms are all in the crosshairs. "Our intelligence shows that really all industries are at risk," Porter noted.
The pandemic has accelerated remote work, amplifying these risks. "The accelerated rate of technology and remote working is also giving rise to inherent cyber security risks," Porter said. "Now devices, networks, data and the management of all these things is no longer a straightforward problem."
As more employees work from home or from non-traditional settings – cafes, pubs, beaches, or home offices – organisations can no longer rely on legacy systems or traditional infrastructure to keep data safe. "Legacy systems can't keep up," Porter stated. "Really, organisations need to engage a lot with vendors like CrowdStrike who were born in the cloud and have that cloud native capability."
He cited a recent survey commissioned by CrowdStrike to illustrate the problem. "We have a great survey we've recently released – the 2020 CrowdStrike Global Security Attitude Survey. There were around 2,000 respondents globally, with a couple hundred of those here locally in Australia and New Zealand. They estimated that it would take around 117 hours to detect a breach." In contrast, CrowdStrike encourages organisations to adopt what it calls the "1-10-60 rule" – detect a threat in one minute, investigate it in ten, and remediate within sixty.
Cloud-based security, he argued, is not just a trend but a necessity. "In 2020 we saw an increased spike in adoption of cloud technologies and workloads that sit within the cloud, as you'd expect during the pandemic initiative to remote work," Porter said.
CrowdStrike's response has been its own "security cloud", which Porter described as leveraging vast stores of data and artificial intelligence. "Our Falcon cloud security platform's single lightweight agent architecture leverages cloud-scale AI and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints on or off the network," he explained.
The scale, he suggested, is enormous. "It correlates over four trillion endpoint-related events per week – so that's trillion with a 't', not billion with a 'b' – on a weekly basis in real time from all around the globe, fueling what's one of the world's most advanced data platforms for security," Porter said.
Asked about the key benefits of CrowdStrike's offering for enterprises, Porter highlighted four: better protection against evolving threats, rapid deployment for digital transformation, reduction in operational costs, and help in overcoming the cybersecurity skills shortage. "Customers are looking for ways to reduce operational costs and the operational overheads that's often associated with managing these types of complex environments," he said. Porter added that working with cloud-native vendors can help bridge gaps in internal expertise: "There is absolutely a cyber security skill shortage, so customers need to work with organisations like CrowdStrike that have that deep level of expertise and people that can help augment the skill set of an organisation that they already have today."
The conversation then shifted to how channel partners – those who resell or integrate security solutions – can help customers deploy the security cloud. "The partner community is really important to us," said Porter. "We're absolutely committed to continuing to build an elite network of partners." He explained that CrowdStrike's partner programme, CrowdStrike Elevate, is designed to help partners deliver "better detect, investigate and respond security threats for their customers, quickly and more efficiently as well," reiterating the importance of coping with both tight budgets and persistent skills shortages within IT teams.
With the threat landscape moving so rapidly, where should business leaders focus their limited resources? According to Porter, identity protection should be at the top of every CEO's to-do list. "We're seeing 80% of all breaches are actually the result of compromised identities, giving adversaries the opportunity to remain undetected in an organisation's network for lengthy periods of time," he said.
This means a "zero trust" approach is vital. "No one can be trusted," Porter explained. "This is something that requires the vetting of every user and every access request." He said that relying solely on a firewall or traditional antivirus systems is no longer sufficient, especially with an ever-expanding remote workforce.
Speed remains of the essence. "Organisations need to work with a cloud native platform vendor that's born in the cloud ... to drive those metrics around that 1-10-60 rule to help investigate and respond to events within 60 minutes," Porter said.
Finally, he stressed the importance of education at every level. "Education is absolutely critical. Organisations need to investigate and implement educational programmes at all levels within the organisation to ensure that they're meeting all their security requirements," he said.
For those interested in partnering with or procuring CrowdStrike's services, Porter encouraged a proactive approach. He recommended reaching out directly to connections within the company for guidance, while underscoring the company's core focus. "It would be remiss of me not to talk a little bit about our mission statement. We actually say we don't have a mission statement but we're on a mission, and that is that we stop breaches. We're committed, we have the right technology, people and process to really help address customers' requirements, whether you are a partner or a customer. So do reach out," he said.