alexteoh90
2021-06-21

$CrowdStrike Holdings, Inc.(CRWD)$

Biden's Cybersecurity Executive Order Should Worry Hackers

The risks that cyber threats pose to American critical infrastructures, supply chains, and government networks have been forewarned by cybersecurity experts for nearly two decades. On May 7, 2021, hackers from Eastern Europe leveraged a ransomware attack against the Colonial Pipeline company, marking the largest, critical infrastructure cyberattack to ever reach American soil.

The Colonial Pipeline attack wreaked havoc and chaos in the southeastern US, leading to a panic-driven gas shortage throughout the region. But as damaging as the attack was, experts have cautioned that it could have been potentially more devastating, and that future attacks could occur with increased frequency, boldness, and destruction.

In the weeks leading up to the Colonial Pipeline attack, the Biden administration was in the midst of crafting a wide-sweeping Executive Order (EO) that would address threats, vulnerabilities, and solutions within the federal government cybersecurity landscape. On May 12, 2021—five days after the Colonial Pipeline attack—President Biden signed and issued the EO.

Last month, CrowdStrike held a special briefing to examine the key takeaways from the EO and discuss how their solutions are designed to meet the cybersecurity standards it addresses.

James Yeager, Vice President of Public Sector at CrowdStrike, opened the briefing by sharing CrowdsSrike’s response to the EO. Yeager relayed that CrowdsStrike—and the cybersecurity community-at-large—was incredibly encouraged by the contents found within the long-overdue EO, describing it as the “teeth of the government on the problem.”

More specifically, Yeager said CrowdStrike applauds the administration’s renewed focus on cybersecurity, especially through the White House’s push for new funding resources and the President’s recent appointments for federal cybersecurity positions. Yeager explained that all of these moves by the administration will be catalysts in solving the challenging and critical problems facing today’s federal digital infrastructures. “We are certainly in a position here to impact change which is long overdue,” said Yeager. “The government, with the support from the private sector and industry alike, has a generational opportunity to get this right.”

Key Takeaways

The first Executive Order directive that Yeager highlighted was the call for the federal government to advance towards Zero Trust architecture. Zero Trust, Yeager noted, has been a part of virtually every recent discussion involving cybersecurity solution design. Designating Zero Trust as a requisite component of cloud migration and adoption is a huge win for modernizing the federal government’s cybersecurity infrastructure.

Cloud adoption was another theme woven throughout the EO. In the last decade, federal strategies and policies like Cloud First and Cloud Smart have encouraged the migration to cloud-based services, but traditionally the response from government agencies has been sluggish and hesitant. President Biden’s EO takes a much more aggressive approach concerning cloud adoption, directing federal agency heads to immediately prioritize resources in order to accelerate the move towards cloud technology.

The EO also acknowledges the need for increased threat visibility, as well as enhanced vulnerability and exposure management systems. To that point, the EO directs federal government agencies to deploy an endpoint detection and response (EDR) initiative for their information systems. The EO states that implementing sound EDR approaches will “support proactive detection of cybersecurity incidents within Federal Government infrastructure, active cyber hunting, containment and remediation, and incident response.”

Additionally, Yeager highlighted the EO’s emphasis on removing contractual barriers and restrictions that hinder the sharing of cyber threats and incident information, in both an intragovernmental and private way. Increasing cloud service providers’ ability to share threat information with federal agencies will immensely improve incident deterrence, prevention, and detection.

CrowdStrike is Ready

Andrew Harris, Senior Director, Public Sector Technology Strategy, at CrowdStrike, took the stage to discuss how CrowdStrike solutions are specifically designed to assist the federal government in bridging the cybersecurity gaps outlined in the Executive Order.

Pertaining to the EO’s cloud adoption directive, Harris shared that CrowdStrike has been building one of the largest clouds in the world and is the first vendor to offer an adversary-focused cloud security posture. CrowdStrike currently supports all of today’s major cloud service providers and enables users to monitor multiple cloud service providers from one single console.

Harris also noted CrowdStrike’s DevSecOps approach to application development lifecycles. By “shifting to the left” and baking security testing into each phase of the application development process, vulnerabilities are detected and remediated early on, ensuring new applications and updates are deployed faster and more secure.

Yeager rounded out the briefing by acknowledging that CrowdStrike is uniquely positioned to capitalize on the current market opportunity, but that they are also in the position of fulfilling their mission of stopping breaches and supporting federal, state, and local government customers. He pointed out that supporting this market and delivering value to its government partners begins with the understanding that they are first.

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Comments

Leave a comment
31