Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The ubiquitous CrowdStrike incident resulted in a major diversion of resources, with some hard-hit organizations assigning almost all of their IT and security personnel to damage control. As a CISO of an impacted organization, you will likely be required to answer for a lack of resilience to this type of event. To support your decision-making as you reevaluate your resilience budgets, this post outlines four resilience strategies based on key learnings from the CrowdStrike event.

SolarWinds, MOVEit, Knight Capital, and now CrowdStrike. The vendor ecosystem will remain a major playing field for operational disruptions. But are you ready for the next inevitable event? As a CISO, your response to such a question from the board shouldn't be anything less than a resounding "Yes!" Here are five plans of action to help your organization survive the next major IT quake, whether it's due to another rusty security update or a third-party breach.

There are new generation of attack threats that AI has made much more dangerous (e.g. phishing, deep-fake schemes, and other AI-based attacks). There are also new crypto-related threats to be aware of, including attacks based on smart contract vulnerabilities, threats against exchanges, logic flaws, and more.

The decision on whether to implement the Microsoft Security offerings available with the Microsoft 365 E5 license certainly involves deep security discussions, but it's also a business decision. In that respect, this process allows security leaders to engage with their CFO and other business leaders to elevate conversations.

With the threat landscape being on the rise, CISOs need to be much more attentive while building the organization’s security strategy. Constantly arising vulnerabilities, ransomware attacks, critical workflows, outages – all of that require CISOs to stay up to date to security issues and keep their finger on the pulse to change their security strategy once the prerequisites pop up. We’ve been tracking GitHub, GitLab, and Atlassian -related incidents for the latest few years…

As businesses increasingly rely on digital infrastructures, the threats that aim to exploit these technologies also evolve. It’s no longer just about safeguarding against unauthorized access; it’s about understanding and mitigating the complex risks introduced by AI and machine learning—topics I’ve often discussed, emphasizing the need for an advanced cybersecurity strategy that evolves as quickly as the technologies it aims to protect.

Economic pressures have been leading to greater budget scrutiny and justification of resources for cybersecurity teams. Boards are asking harder questions around cyber risk and exposure. Not only are CISOs working hard to justify and measure their program, they’ve had to become more data-driven in the way they align investments towards company outcomes and business objectives.

The CISO of a major insurance company recently switched from Microsoft to CrowdStrike for endpoint and identity security following a ransomware incident that Microsoft Defender failed to block. The following Q&A explains what happened, the fallout with Microsoft and how CrowdStrike delivered the protection, consolidation and support the CISO needed. Describe your security posture before the incident. I joined the company as CISO a few years ago.