The cyber security landscape is changing rapidly, and the way companies protect data is in flux, so must the way security professionals solve these challenges. With more organizations turning to cloud storage, SDN (software-defined networking) and webscale infrastructure, security professionals must also rethink security for these instances.
Crowdstrike CEO George Kurtz said in an interview that he sees security teams competing with hardware and software companies as they continue to converge.
“Companies are putting things in play where the security complexity has a slowing effect of [measuring] … it becomes more and more manual to be able to feed that stream and attack vectors,” Kurtz said. “It becomes much easier to monetize and abuse the system or from an intellectual property perspective.”
Kurtz said companies are also finding ways to turn into financial intelligence centers in order to amass that valuable security information.
“For us, it started about four or five years ago and we saw the switch in enterprises and governments to the realtime consumption of data,” Kurtz said. “There are three keys that were missing; there was no understanding of cyber on a global scale, there was no understanding of cross-technology behaviors, and there was no understanding of cross-app behavior, which is to understand the implications of offensive being married to defensive that we call defensibility.”
“[Marketers] were seeing the same engagement, changes in behavior, and similarities in malicious attacks in a mobile environment that their traditional teams could see in some cases 10 times better on the desktop,” Kurtz said. “That has created a new class of technologies for understanding cyber on a global scale.”
“We have seen it change across the board,” Kurtz said. “There’s actually a new breed of security in this space that went from large tier-one companies that had built out quite complex infrastructures to enterprise cyber teams that are able to define the ability to own the infrastructure; the ability to get the data and about everything; and then the ability to attack that on a global basis.”
“We think it will be called from different points a defense in depth tool,” Kurtz said. “There’s no reason any organization isn’t starting to understand the scope of the threat and how to attack it. Those are being worked in every group within an organization. It’s a whole new way of seeing the threat, it’s a whole new kind of defense in depth tool, and it’s one that the industry and every organization has never seen in their lifetimes.”