The United States and like-minded nations face unprecedented threats from today’s adversaries. Continuous cyberattacks on critical infrastructure, supply chains, government agencies and more present significant ongoing threats to national security, and the critical services millions of citizens rely on every day. At CrowdStrike, we are on a mission to stop breaches and rise to the challenge by protecting many of the most critically important organizations around the globe from some of the most sophisticated adversaries. This is why I am especially enthusiastic about recent initiatives in our work to help strengthen the cybersecurity posture of departments and agencies at all levels (federal, state, local, tribal and territorial) of government by empowering key defenders of U.S. critical infrastructure with our innovative technologies and services.
Earlier this year, the Administration issued an Executive Order to help address these threats, emphasizing the use of capabilities like endpoint detection and response (EDR) and Zero Trust. Based on our experience in preventing some of the world’s most sophisticated threat actors from impacting customers representing just about every industry, we believe that these measures stand to help. We also know that the road to protecting the nation’s most critical assets and infrastructure will require a strong partnership between government and private sector. Only by working together can we prevail.
CrowdStrike has long been committed to working with federal, state, local, tribal and territorial governments to furnish them with the world-class technology and elite human expertise required to stay ahead of today’s attackers. Strategic partnerships with the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the Center for Internet Security (CIS) are key milestones that continue to enhance CrowdStrike’s efforts to protect the public sector and its partners.
Today, we’re proud to announce that CISA and CrowdStrike are strengthening their partnership to secure our nation’s critical infrastructure and assets. CISA will deploy the CrowdStrike Falcon® platform to secure CISA’s critical endpoints and workloads as well as multiple federal agencies. This partnership directly operationalizes the president’s Executive Order on Improving the Nation’s Cybersecurity, the landmark guidance that unifies several initiatives and policies to strengthen the U.S. national and federal government cybersecurity posture.
By applying CrowdStrike’s unique combination of intelligence, managed threat hunting and endpoint detection and response (EDR), CISA will strengthen its Continuous Diagnostics and Mitigation (CDM) program, advancing CISA’s mission to secure civilian “.gov” networks. This partnership also further improves CISA’s capabilities to better understand and manage cyber and physical risks to the nation’s critical infrastructure.
Validation to Fulfill the Mission
CrowdStrike Falcon is a FedRAMP-authorized endpoint protection platform (EPP) that rapidly enables agencies to detect and prevent cyberattacks, a goal of the cybersecurity Executive Order.
Importantly, CrowdStrike has recently been prioritized by the FedRAMP Joint Advisory Board (JAB) to begin work toward achieving a Provisional Authority to Operate (P-ATO). FedRAMP JAB is composed of major departments in the U.S. government, including Department of Defense (DoD), DHS and the General Services Administration (GSA). The FedRAMP JAB prioritizes only the most used and demanded cloud services within the U.S. government, selecting only approximately 12 cloud service offerings a year. This prioritization and our commitment to the FedRAMP JAB demonstrates CrowdStrike’s continued support and commitment to deliver our best-of-breed Falcon platform to help defend some of the most targeted departments and agencies in the world.
Strengthening Cyber Defenses for State, Local, Tribal and Territorial (SLTT) Governments
CrowdStrike’s work in the SLTT government space is not only critical to supporting these agencies but also vital to protecting critical infrastructure and ensuring the resilience of the communities they serve. In fact, CrowdStrike Falcon is currently being leveraged by more than a third of all U.S. state governments. Despite our success in this space, there is still more work to do. That is why after many years of partnership, CrowdStrike and CIS are taking our work to protect SLTT governments to the next level. CIS’s new fully managed endpoint security services (ESS) solution is now powered exclusively by CrowdStrike.
CrowdStrike brings direct deployment to endpoint devices with the cloud-native, intelligent single agent of the CrowdStrike Falcon platform. This provides CIS with a full suite of solutions to protect CIS managed endpoints, including next-generation antivirus (NGAV), EDR, asset and software inventory, USB device monitoring, user account monitoring and host-based firewall management.
Previously, CIS chose CrowdStrike to protect its Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®). The new solution expands on the existing partnership, providing a new, fully managed 24/7/365 next-generation cybersecurity offering exclusively tailored to SLTT organizations. This includes more than 12,000 Multi-State Information and Analysis Center® members across the U.S., with more than 14 million endpoints in total.
Moving the Needle Forward for the Public Sector
CrowdStrike has operated a FedRAMP-authorized government cloud since 2018, giving SLTT governments a secure and compliant service that provides innovative and best-of-breed technology to secure their digital assets. Since then, more than one-third of states have standardized on CrowdStrike as their EPP vendor of choice.
To deepen our relationship, we continue to build partnerships with CIS, while formalizing our federal government partnership by becoming an industry launch partner to CISA’s Joint Cyber Defense Collaborative (JCDC). We continue to gain the trust of our government customers as they seek best-of-breed technology to defend their infrastructure and begin their journey to Zero Trust. Our prioritization by, and commitment to, the FedRAMP JAB will only bolster this trust and partnership. Put simply, empowering government defenders with the very technologies successfully embraced by complex private sector organizations is an important step in thwarting adversaries that target governments and, consequently, the functions upon which citizens depend.
George Kurtz is Chief Executive Officer and Co-founder of CrowdStrike.