Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The CISO of a major insurance company recently switched from Microsoft to CrowdStrike for endpoint and identity security following a ransomware incident that Microsoft Defender failed to block. The following Q&A explains what happened, the fallout with Microsoft and how CrowdStrike delivered the protection, consolidation and support the CISO needed. Describe your security posture before the incident. I joined the company as CISO a few years ago.

Adversaries are not breaking in; they are logging in. The CrowdStrike 2024 Global Threat Report highlights an alarming trend: In 75% of cyberattacks detected in 2023, adversaries gained initial access through malware-free methods. This means they acquired valid credentials via techniques such as password spraying or phishing — or they simply purchased them off the dark web.

As workforce productivity increasingly depends on web-based applications, browsers have become essential gateways to the “connectivity economy.” According to recent data, 93% of desktop internet traffic in 2023 traversed through four popular web browsers.

We’re thrilled to share that the CrowdStrike Falcon sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes deeper into the integration and shares how customers leveraging Google Cloud Run and CrowdStrike can deploy Falcon quickly to enhance their serverless security requirements.

Phishing is the weapon of choice for many adversaries. And it’s easy to understand why: Users fall victim to attacks in under 60 seconds on average, novice cybercriminals can launch effective phishing campaigns thanks to off-the-shelf phishing kits and generative AI, and above all, it works — 71% of organizations reported at least one successful attack in 2023.

Adversaries are increasingly attacking cloud environments, as evidenced by a 75% surge in cloud intrusions year-over-year in 2023. They are also getting faster: The fastest breakout time was clocked at just over 2 minutes, according to the CrowdStrike 2024 Global Threat Report. Today’s adversaries are outpacing legacy security approaches. Disjointed point solutions can’t scale or provide visibility into a rapidly growing attack surface.

According to the CrowdStrike 2024 Global Threat Report, the fastest recorded eCrime breakout time was just 2 minutes and 7 seconds in 2023. This underscores the need to equip security analysts with modern tools that level the playing field and enable them to work more efficiently and effectively.

Security teams must outpace increasingly fast and sophisticated adversaries to stay ahead. In the most recent closed-book MITRE Engenuity ATT&CK Evaluations: Managed Services, the CrowdStrike Falcon platform once again demonstrated it stands alone in its ability to deliver the speed and efficacy needed to stop breaches.

Every day, in a high-stakes race against the clock, protectors must hunt down and stop threats before damage is done. As adversaries work faster and smarter, protectors must operate with greater agility. But legacy SIEMs are holding them back. Designed decades ago when log volumes and adversary speed were a fraction of what they are today, legacy SIEMs hinder investigations with agonizingly slow search speeds.

While every business needs technology to grow and succeed, not all businesses have the skills and resources they need to protect their environments, their data and their customers from today’s security threats. Small businesses in particular are at risk as cybercriminals realize both the potential value of the data they have — and how vulnerable they can be to cyberattacks. According to the U.S.