Governments are known for being slow to change. But, sometimes, private bodies create and enact laws that spark far-reaching advancement.
President Biden’s Executive Order 14028 may prove to be one such law. It seeks to bring cutting-edge cybersecurity technologies to the United States’ critical infrastructures and federal government networks, as well as to protect the private sector.
“To see the White House put it out, and the fact that all government agencies will now be embracing that, I think it puts them on a much surer footing and it makes the government better able to identify vulnerabilities before they get exploited,” said Shawn Henry (pictured), president of the Services Division and chief security officer of CrowdStrike Holdings Inc. “It allows them to much more quickly identify, have visibility on, and respond to threats.”
Henry spoke with theCUBE industry analyst Dave Vellante at theCUBE @ Fal.Con 2022, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the concerted efforts being made at the public-sector level toward bolstering national cybersecurity. (* Disclosure below.)
Directing real action beyond mere grandstanding
Governments often openly embrace ideas in principle, only to behave differently when it comes time for action, according to Henry. But, the Executive Order lays down clear, actionable directives for government agencies.
“I think this is the type of action that gains gradual support and approval as people begin to see it succeed,” Henry explained. “They understand that they’re becoming safer, that they’re reducing risk. It really is something of a self-fulfilling prophecy.”
In becoming more cyber-savvy, the public sector will have to contend with one nagging problem currently plaguing the enterprise — the talent gap. Over 700,000 unfilled cybersecurity positions remain unfilled in the U.S., a number that has steadily risen through the last five years. Automation may prove helpful in finding a solution, according to Henry.
“The automation piece is what allows this to scale,” he said. “You have to have automation and, using the cloud, artificial intelligence and machine learning, sort through and really look for the malicious needle in a stack of needles.”
Henry also revealed key information about CrowdStrike’s OverWatch: Managed Threat Hunting solution, which has 24/7 threat hunters operating in customer environments.
“They’re hunting, looking for malicious activity, malicious behavior … and detecting them very, very quickly,” Henry said. “We found 77,000 potential intrusions this past year in 2021, up to the end of June 1, one every seven minutes from those detections.”
Using human intervention and then automation, CrowdStrike stops news attacks from happening, according to Henry.
“With the 77,000 attacks that we identified, we then stopped over a million new attacks that would’ve come in and exploited a network,” he said. “So it really is kind of a big circle where you’ve got human beings and intelligence and technology all working together to make the system smarter, to make the people smarter and make the customers safer.”
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of theCUBE @ Fal.Con 2022:
(* Disclosure: CrowdStrike Holdings Inc. sponsored this segment of theCUBE. Neither CrowdStrike nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)