Don’t Lose Sleep Over Your Infrastructure Security
Insight President of CrowdStrike Services, Chief Security Officer, and retired FBI Executive Assistant Director, Shawn Henry shares his insights on infrastructure security in the digital economy.
In addition to being CEO of Berkeley Varitronics Systems, a cybersecurity expert and an author, Scott Schober, leads weekly video segments to find out what’s keeping C-suite security experts up at night. Schober sat down with President and Chief Security Officer of CrowdStrike Services, and retired FBI Executive Assistant Director, Shawn Henry, to learn his insights on infrastructure security in the digital economy.
Scott Schober: What are some things that keep you up at night as a cybersecurity professional?
Shawn Henry: For the past two decades, we’ve been looking at and investigating matters where nation-states and organized crime groups have been primarily targeting the commercial sector and government agencies looking for personally identifiable information and intellectual property — the type of information that would be valuable to them from an economic perspective. But what we’ve seen in the last year or two are much more destructive attacks where the actual infrastructure is impacted physically by the electronic attack.
SS: What does that mean for organizations?
SH: When you’ve got adversaries that are putting malware into a network and into the environment, that malware is actually overriding the boot sector and otherwise impairing the entire system. In some cases, it’s ransomware, where the data is encrypted and because you cannot decrypt it, you lose access to everything you own. These types of attacks carry significant danger and they’re on the rise. Unfortunately, they’ll have a significant impact on an organization’s operational capability.
SS: Wow, scary stuff! What are some things that CrowdStrike can do to support executives and mitigate these situations?
SH: CrowdStrike’s market leading expertise in machine learning and AI is what powers our security platform for Enterprise Detection and Response. To that effect, we also use our own threat intelligence to support our customers. One of the things we also look to do is attribution, where we identify who the adversaries are. We have a dedicated intelligence team that looks at the type of malware, the tactics that are being used, and other factors. That’s important from a defensive perspective as it allows organizations to proactively hunt in their environment to look for indicators that an adversary is there.
The reality is that organizations are going to have to use greater technology and better capabilities in order to defend their environment because these attacks are relentless. These incidents are going to continue because cybercriminals get so much in return on a very limited investment. We’ve got to be much more innovative and much more active in trying to mitigate the consequences of these attacks.
SS: How can executives get in touch and learn more about protecting their organizations?
SH: The best place to start is at crowdstrike.com, where we’ve got information related to our professional services, our intelligence team, and our technology which is highly advanced in helping to detect adversary activity in a given environment.
Overall, I think that people have to be tuned into what’s happening. It’s so important to be aware of your environment and to get the most up-to-date information on threats and how to protect your infrastructure. As with any crisis, the more you know, the better prepared you can be, and the better capable you’ll be in defending yourself, protecting your assets, and ensuring your organization remains safe.