The security problems that plague organizations today actually haven’t changed much in 30 years. Weak and shared passwords, misconfigurations and vulnerabilities are problems that have tormented the industry for years and persist to this day. What’s changed is the speed and sophistication at which today’s adversary can weaponize these weaknesses.
There’s a misperception that stopping malware means stopping the breach. It’s important but not enough, because adversaries are increasingly launching attacks that are malware-free — according to the CrowdStrike 2022 Global Threat Report, 62% of all attacks are malware-free and feature hands-on-keyboard activity by the adversary. Attackers are adept at exploiting stolen user credentials and identities to bypass legacy defenses, move laterally across infrastructure, abuse systems and execute their attacks.
In the modern enterprise, our user identities and credentials are intertwined with the devices we use, the cloud services we access and the data that flows across all of them. This intersection is where enterprise risk is coalescing. Zero Trust security strategies hold tremendous promise for securing infrastructure and data in today’s modern enterprise, but this will require the industry to make significant strides toward realizing its promise.
That’s why I’m proud to announce that CrowdStrike is partnering with industry leaders Okta and Zscaler to support the Cloud Security Alliance in the launch of the Zero Trust Advancement Center. I believe this important initiative will give organizations the insights, education and community required to implement Zero Trust strategies. I recently joined Zscaler CEO Jay Chaudhry and Okta CEO Todd McKinnon in a panel discussion with Jim Reavis of Cloud Security Alliance on the future of Zero Trust. I encourage you to check it out.
Why Zero Trust and Why Now
Identity-based attacks have become one of the most crucial tools in the adversary toolkit. High-profile and incredibly sophisticated attacks like SUNBURST, which cascaded across thousands of supply chain partners and organizations, exploit the underlying authentication architecture and enable attackers to masquerade as legitimate employees, move laterally and reach their target destinations.
At the same time, the move to a distributed workforce has created a massive new attack surface that adversaries try to exploit. As employees work across different networks from different locations, maintaining visibility and securing endpoints from attacks is increasingly complex. Cloud workloads continue to be adopted at a record pace and could outnumber endpoints in five years. The result is a significant increase in enterprise risk, where an infiltration on one endpoint or workload could put a company at risk of a massive breach.
Zero Trust is an approach that can minimize the impact of a breach by bringing a holistic view of authorized identity to the enterprise. By enforcing continuous, real-time and automated risk-based validation for access to any resource — cloud, on-premises or hybrid and across any type of technology including legacy systems and unmanaged devices — organizations can dramatically reduce or stop lateral movement and privilege escalation during a compromise.
Like many things in our industry, Zero Trust is a concept that can be distorted. For years, vendors have tried to redefine Zero Trust to align with their current product capabilities. But Zero Trust is not a point solution. It’s about building a defense-in-depth strategy to ensure all assets have identity-based perimeters that are continuously monitored for user behaviors and device attributes to ensure that least-privileged access to enterprise resources is continually enforced. This must happen no matter where users, applications or devices are located. Zero Trust is fundamentally dynamic and requires a modern approach to security to be effective.
Point products and best-of-suite cybersecurity solutions will no longer be able to keep up in today’s environments. Customers should not be required to rip and replace their investments every time a new threat comes along. What they need is best-of-platform cybersecurity offerings that work well together and reduce staffing requirements, with each vendor focused on their respective core competencies.
This is why CrowdStrike has built a robust Zero Trust ecosystem with frictionless integrations and is extending it with industry leaders like Okta and Zscaler to work together and protect our customers from today’s and future threats.
CrowdStrike Enforces Zero Trust Across Device, Identity and Data
CrowdStrike’s Zero Trust solution is built on the best-of-platform architecture to deliver on the modern attack defense pillars: endpoint and workloads, identity and data. We take an adversary-driven approach to deliver unparalleled security efficiency and efficacy, whether the customer’s environment is in the cloud, on-prem or a hybrid environment, and across any type of technology including legacy systems and unmanaged devices.
To meet adversaries head on, we’re delivering a unified platform approach that connects the machine both to the identity and the data to deliver full Zero Trust protection, all delivered through CrowdStrike’s lightweight Falcon® agent on the endpoint. This enables customers to validate the user, the behavior associated with that user/credential, and the organization’s policies associated with the data or resource being accessed. Pulling this together in real time enables lightning-fast decisions on whether access should be granted, denied or challenged with conditional access.
In true CrowdStrike fashion, we’ll continue to innovate to deliver customer-focused solutions that solve problems. With our built-in CrowdStrike Store and mature API set, including deep integrations with Zscaler and Okta, customers can extend their existing investments to further extend protections and enforce a defense-in-depth strategy across users, applications and devices. In addition, we plan to continue growth for CrowdStrike Falcon Zero Trust Assessment (ZTA) support with our strategic partners this year. We most recently announced ZTA support for macOS and Linux platforms, extending comprehensive protection with an identity- and data-centric approach across all platforms.
What the Future Holds
The concept of Zero Trust has been around for a decade, but its moment is now. In 2021, the Biden administration issued an Executive Order emphasizing the use of capabilities like endpoint detection and response (EDR) and Zero Trust. We firmly believe these measures will help to address the sophisticated threats impacting just about every industry.
CrowdStrike recently announced a partnership with the Cybersecurity and Infrastructure Security Agency (CISA) to deploy the CrowdStrike Falcon platform to secure CISA’s critical endpoints and workloads as well as those of multiple federal agencies. This demonstrates how the industry can operationalize Zero Trust and build on the progress of existing Zero Trust standards like NIST 800-207.
Our work with the Cloud Security Alliance and our partners Zscaler and Okta will build on this foundation and accelerate the deployment of comprehensive Zero Trust industry standards that set up customers for success in enforcing a “Trust No One, Verify Always” approach to securing an increasingly complex threat environment.
To learn more about CrowdStrike’s Zero Trust capabilities, visit the CrowdStrike Zero Trust solution page.
Leave a Reply