Providing Full Cybersecurity Coverage: CrowdStrike

Q: What new possibilities have come to Crowdstrike by being recognized with industry awards, and what could come with these titles? 

A: Winning industry recognition from analysts and third-party organizations is an honor and continues to demonstrate how highly CrowdStrike is regarded in the industry. We’ve announced a number of industry awards and recognitions recently. In fact, we are the only cybersecurity vendor that Gartner, Forrester and IDC have all recognized as a leader in modern endpoint security. This, along with being the World’s most tested next generation endpoint protection platform emphasizes our leadership position.

Q: What are CrowdStrike’s strategies and focus areas for 2022 to continue being the ideal technological strategic partner? 

A: CrowdStrike is redefining security with the world's most advanced cloud-native platform, providing a single lightweight agent architecture that ensures our customers benefit from unmatched scalability, superior protection and performance, reduced complexity and immediate time to value. In 2022, we will continue to focus on delivering industry-leading automated prevention and detection, offering both world-class automation and elite threat hunting and human expertise.

Other industry solutions struggle with the number of false positives they generate. Third-party testing shows that we generate zero false positives, providing certainty for our customers. We are a cloud-native platform built on cloud-native architecture, offering fast deployment and instant operationalization without requiring a reboot after installation. Only CrowdStrike provides full automated protection across endpoints without impacting performance and end-user productivity.

Q: What are some mistakes companies continue to make that put them at risk when it comes to ransomware prevention? 

A: It is not about mistakes; it is about steps companies can take to effectively and proactively defend against ransomware threats, starting with training all employees on cybersecurity best practices. Employees are on the frontline of security and they need to follow good hygiene practices, such as using strong password protection, connecting only to secure Wi-Fi, never clicking on links from unsolicited emails and keeping operating systems patched and up to date because cybercriminals are constantly looking for holes and backdoors to exploit. It is essential to keep systems updated because it will minimize exposure to known vulnerabilities.

We recommend implementing an email security solution that conducts URL filtering and also attachment sandboxing. We integrate threat intelligence into our client’s security strategy, develop ransomware-proof offline backups and implement a robust identity-protection program. 

Q: What are new ways in which cyberattackers are putting companies in danger? 

A: This past year, we saw the rise of the double-extortion ransomware model, in which threat actors will demand one ransom for the return of the data and an additional ransom to prevent the data from being leaked or sold. In 2022, we expect to see these attackers achieve higher levels of sophistication, possibly with a shift away from encryption to a sole focus on extortion. We have also seen an explosion in containers and container-based solutions. With the exponential rise in containers, we have seen a similar uptick in container-targeted threats. However, security for this technology has not caught on yet, as we continue to see them being deployed without proper security measures.

Adopting a Zero Trust approach means averting potential malicious actions. More than 80 percent of all attacks involve use or misuse of credentials within the network. In the Sunburst attack, it was clear how any tool, especially one commonly used in a network, can be taken over from the update mechanism. Zero Trust architecture principles should be applied to mitigate these threats.

Q: What are the most critical areas for an SME?

A: The most critical areas for businesses are endpoints and cloud workloads, identity and data. Each provides potential avenues for attack and is essential to the ongoing running of a business. All of these areas are secured by CrowdStrike. 

Q: How does having a cloud protection service and reducing its complexity through a single-agent provider improve cybersecurity? 

A: CrowdStrike Falcon was purpose-built in the cloud with a single lightweight-agent architecture to provide unmatched scalability, superior protection and performance, reduced complexity and immediate time-to-value. It is also purpose-built in the cloud to eliminate complexity and simplify deployment across an organization's entire estate of endpoints and workloads.

Falcon XDR provides industry-leading Endpoint Detection and Response (EDR) capabilities to deliver real-time detection and automated response across the entire security stack. It gives security teams the data and tools to quickly respond, contain and remediate sophisticated attacks. It offers extended detection and response across environments, visualized context-rich detections across domains, improved efficiency and efficacy and accelerated full-cycle response. 

An organization is only secure if every asset is protected. CrowdStrike's design enables the industry's fastest deployment and instant operationalization without requiring a reboot after installation. Only CrowdStrike provides full, automated protection across endpoints without impacting endpoint performance and end-user productivity. 

Q: How is CrowdStrike different from other cyber protection services? 

A: CrowdStrike beats the competition in many ways, including by providing real-time visibility through the use of world-class AI. The CrowdStrike Security Cloud creates actionable data, identifies shifts in adversarial tactics and maps tradecraft in the patented Threat Graph to automatically prevent threats in real-time, providing complete visibility and insight into everything happening on endpoints to keep clients ahead of today's threats and stop a breach. It correlates trillions of security events per day with indicators of attack, the industry's leading threat intelligence and enterprise telemetry from across customer endpoints, workloads, identities, DevOps, IT assets and configurations. Finally, 24/7 threat hunting is necessary because sophisticated attacks require a mix of automation and human expertise in the form of elite threat hunting. Falcon OverWatch proactively searches for threats on our customers' behalf. An elite team of threat hunters works 24/7 as an additional layer of protection to catch what other solutions miss.

Q: How much is cybersecurity education needed in Mexico? 

A: Mexico's cybersecurity landscape faces the same talent shortage we see in other parts of the world. With the threat landscape continuously changing, most companies are constantly redefining the criteria needed for cybersecurity professionals. Mexico's main universities and technical institutes have also launched targeted cybersecurity academic programs to address the talent shortage and provide an entry-level program to suit current market requirements. While most companies require a four-to-five-year bachelor's degree in computer science, engineering, mathematics or information technology, it is possible to land your first security specialist job with a two-year associate or technical degree. In either case, hands-on experience will be one of the most important classifications for individuals as well as relevant IT security certifications. Advancing to higher positions will require expanded training and knowledge. This will greatly vary according to the company's policy and career development strategy.

CrowdStrike is a leader in cloud-delivered, next-generation endpoint protection and the first and only company to merge next-generation antivirus, endpoint detection and response (EDR) and a 24/7-managed hunting service into a single lightweight agent.