CrowdStrike Extends Scope and Reach of Cybersecurity Portfolio
CrowdStrike this week acquired Flow Security to add data security posture management (DSPM) to its portfolio in addition to agreeing to offer a managed detection response service from Dell Technologies that is integrated with its core CrowdStrike Falcon extended detection and response (XDR) platform.
Those additions come on the heels of CrowdStrike making generally available a generative artificial intelligence (AI) tool, dubbed Charlotte AI, and Falcon for IT, an IT service management (ITSM) platform based on the same agent software CrowdStrike uses to collect security telemetry data.
CrowdStrike has also updated Falcon Data Protection to include an ability to prevent sensitive data from being inadvertently shared with a generative artificial intelligence (AI) platform.
Raj Rajamani, head of products for CrowdStrike, said as threats continue to increase in volume and sophistication, there is a clear need to centralize the management of both security and IT operations to reduce costs while simultaneously improving security. The more siloed these teams are within organizations, the easier it becomes for cybercriminals to exploit any weaknesses they discover, he added.
In fact, a CrowdStrike report finds the average breakout time between an IT environment being breached and cyberattacks being launched is only 62 minutes. The report also noted that cybercriminals deploy discovery tools in only 31 seconds.
The report also finds there has been a sharp increase in interactive intrusions and hands-on-keyboard activity (60%) as adversaries increasingly exploit stolen credentials to gain initial access to targeted organizations.
At the same time, intrusions into cloud computing environments increased by 75% year over year, the report found.
It’s not clear how much the increased number of cyberattacks is driving organizations to consolidate cybersecurity tools and platforms, but it’s clear many organizations require a different strategy. Having too many cybersecurity tools in place can be counterproductive because teams wind up being overwhelmed by alerts. Each of the tools also typically requires organizations to incur annual licensing fees to use it. As cybersecurity evolves platforms are emerging that provide many of the same capabilities as those tools via a module that is integrated into a centralized console.
Of course, many cybersecurity professionals have more faith in one tool versus another, so organizations will need to determine what capabilities are important for them to have. However, as business leaders continue to enquire about why the cost of cybersecurity continues to increase with little apparent progress, many cybersecurity and IT leaders are under increased pressure to reduce tool sprawl.
Regardless of the path forward, one way or another, cybersecurity will become more centralized as organizations look to take advantage of artificial intelligence (AI) to improve security. Most of those AI capabilities are only going to be found in cloud platforms capable of aggregating enough data to effectively train multiple types of AI models. The average cybersecurity team isn’t going to be able to first collect enough telemetry data to train an AI model, much less hire and retain the data scientists need to build and maintain it. The challenge, as always, will be convincing business leaders to fund that transition in an uncertain economic climate.
