Image default
Cyber SecurityInterview

Capturing a Needle in a Haystack

Offering a modern approach to security that relies on continuous comprehensive Endpoint visibility, CrowdStrike  ensures nothing is missed when it comes to stop a breach.

[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f9f9f9″]

“We want to capture every needle that is in the haystack and remove it from that haystack. And that is our compelling differentiator.”

Girish Gargeshwari,
Channel Director, Asia,
CrowdStrike

[/quote]

As a global cybersecurity major, CrowdStrike has redefined modern security with one of the most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities – all through a single, lightweight agent which in turn helps its customers simplify and consolidate security layers in their respective organisations.

With CrowdStrike, customers benefit from superior protection, better performance, reduced complexity and immediate time-to-value delivered by the cloud-native Falcon platform.

Here in a special interaction with SME Channels, Girish Gargeshwari, Channel Director, Asia, CrowdStrike, reveals his organisation’s business priorities, channel strategy, Partner Upskilling programs, growth outlook for the current as well as coming year, his predictions for the security industry   and much more. Edited excerpts…

After the pandemic struck, there had been a significant uptick in demand for cyber security solutions. As a frontline cybersecurity player, how has CrowdStrike been leveraging this uptick in demand?

If we look at the current demand environment for cyber security, I definitely find it more robust than ever. In fact, a recent IDC report, which tracks the market share across endpoint security, has ranked CrowdStrike as number one there.

So, I can safely say that we have leapfrogged miles ahead of other vendors and have demonstrated year over year growth.

And if I look at why this is happening, the answers are there on the table to see. Largely, it is happening because of the nature of the microenvironment here. Also, if you look at this from an organization perspective also, cyber security has become essential utility now. It’s no more a discretionary item. No more, it’s discretionary for any organization. It has become an essential utility and largely because the threat environment has heightened even further. CrowdStrike does a lot of market research, and in our recent global Security Attitude Survey, we found that Indian firms suffered more ransomware attacks than any other country in the world in the year 2021.

Several of these companies gave in to extortion demands to avoid an attack. That was one aspect. Second, there is an increasing regulation and disclosures. We have seen GDPR, CSR reporting mandates, and recently even the Indian CERT has been making it mandatory for organization on the disclosures related to cyber security incidents. CERT-In issued a direction relating to “information security practices, procedures, prevention, response, and reporting of cyber incidents for Safe & Trusted Internet.  Last but not the least, it’s a top priority for businesses across all the organisations now. We see customers of all sizes – whether it’s large, midsize or small – are just looking for an outcome and which is stopping the breaches. That is where CrowdStrike is stepping in because if you look at our solutions, they are largely centered around how we can help organisations by stopping breaches by leveraging a modern approach to security.

So, there is a significant uptick in demand. There is a significant uptick in customers adopting CrowdStrike and we continue to see growth happening for us.

As you rightly pointed out Security solution has gone from being an option to a compulsion. But choosing the correct solution from a crowd of solutions is like searching a needle in a hay stack. So what sort of product differentiation do you bring to the table that makes you distinct from others?

As I mentioned earlier, customers are just looking for an outcome which can stop the breaches. So they are no more looking at Band-Aid solutions. I have been in the field of cyber security for more than a decade now. In the past, some organizations used to offer Band-Aid solutions and used to tell their customers, “If you have this issue, please have this kind of a signature. If you have some zero-day fileless attacks coming in, you can look at APD solution.” So, no one was helping customers look at an outcome or help them stopping the breaches. And that’s why when CrowdStrike came into the fore, our mission vision right from the day we started till date has been just three words. It says, “We stop breaches.” And that’s how you know we coined; that’s how that led to a whole platform-centric approach that was cloud delivered.

So, I would say our differentiator is that we offer a modern approach to security that relies on continuous comprehensive Endpoint visibility, which is extremely important in the cybersecurity world that spans detection, response, and forensics to ensure nothing is missed.

As you rightly said, the search is like a needle in haystack, we want to capture every needle that is in the haystack and remove it from that haystack. And that is our compelling differentiator.  We have various solutions in our stable. but if I have to put what do they do, we look at it ensuring that nothing is missed.

What key cyber security trends mega trends do you foresee in the security market?

Cyber security is in tune with, I would say, the way the dynamics that play out in this world. Every day you see a new kind of threat coming in and that keeps changing the trends too. But if I have to generalize on what are those major trends we are seeing. then the first one would be increased cloud adoption by organizations. So the workloads are moving into the cloud big time.

The reasons could be efficiency, could be availability could be some other thing. But workloads are certainly moving to the cloud. And that is also putting pressure back on the organizations, especially the C source.

The CIO organizations are also beef up their security measures. So, that’s one major trend. The second major trend again leads to your first question around the pandemic. The Pandemic has disrupted the whole system, it disrupted the way we all work. So, the hybrid work culture is going to stay. This means that organisations have to provide for these kind of capabilities to retain employees, which allows them to work in a hybrid manner. Now this, this definitely expands the attacks surface for the organization and it exposes them to newer vulnerabilities. So that is a second trend that we are seeing.

Picking up from what Gartner actually identified in the top seven security and risk management trends for 2022, the 3rd trend, The 3rd trend I would say, our digital supply chain risks are going to be again a major, major area that organizations will have to grapple with. We saw what Log 4 J did to some of the leading organisations. So, that’s going to be a big area that organisations will continue to grapple with. In fact, the same Gartner study also mentioned that 45% organisations worldwide will have experienced attacks on their software supply chain, which is going to see a three-fold increase over the 2021 figures. So, that’s the third trend we are seeing.

The 4th one centres around stolen credentials, around what we are doing. We are also helping organisations to tackle the issue of around stolen credentials. How do we how do they handle stolen credentials? Organizations are investing in various tools. But if the conditions are already available with the bad actors, how do we handle that? So, identity security, Identity protection is becoming a key area where organisations will start looking at and figure out solutions to help manage these stolen credentials issues that they are going to face. So, these are some of the major trends that we are seeing in the security scape.

How is your channel strategy aligning with the current market trends?

Before going into strategy, I would like to share with you CrowdStrike’s approach to this. Our approach on partnership is a little different from other players. We consider partnering as a dial and not a switch. What I mean by that is that we are looking at every facet of partnership be it profitability, be it systems engineers’ engagement, be it customer facing activities that drive new opportunities for us and our partners.

We are always looking for ways to work together to put customer needs at the center in everything we do. So our customer-centric focus creates values and enhances the path to profitability for partners also. This even comes down to the relationship developed from a seller to seller, from a manager to manager, from a leader to leader across the organisations. With this approach in mind, the way CrowdStrike has put up partnering model is clearly aimed at enabling a whole ecosystem approach, which is based on six parts to partner engagement.

The first one is Channel, obviously, where reselling is the prime focus area. So, reselling of our product is a prime focus area. The second one is technology alliances. Providing out-of-the-box integration between CrowdStrike technology and other innovative technologies is another area of partnering that we have been into for quite some time now.

The third area is now I think MSSPs. These deliver value-added services to customers and they leverage CrowdStrike as an enabling technology. That’s the third one. How we are helping OEMs to embed our leading cybersecurity technology into the third-party hardware, software and services solutions.

The other area where we are offering help to some of the innovative technology providers is around the CrowdStrike platform, building applications on the CrowdStrike platform to leverage the data from the Falcon platform that offers high value inside to customer environments.

Last but not the least, is the one around cloud procurement. As I mentioned earlier, organisations are moving heavily into the cloud. So, there are cloud-based infrastructure providers helping them. How do we partner with them, how do we ensure that they will use CrowdStrike to empower their security teams who are managing this cloud infrastructure and workloads?  So, these are six parts of our approach to channel engagement.

The more ebullient the cyber security solutions are becoming, the more resilient the cyber attackers also become. It’s line an eternal cat and mouse game. In order to get a catch, the cat would have to outsmart the mice each time. So what keeps you ahead of the cyber attacker in this game?

Well, if you if you look at when CrowdStrike came into the fore, we disrupted the way security was being looked at. We came out with a term called indicators of attack, whereas all other organisations were looking at a lagging indicator, which was an indicator of compromise. So, indicators of compromise was like a breach has happened, and the traces are there. You look at those traces and try to analyze what has happened. On the other hand, indicators of attack looks at what is happening in the environment now, whether there are certain patterns that simulate adversary behavior. And if it simulates that adversary behavior, can you know if it would potentially lead to a breach?

So, looking at the indicators of attack is what made CrowdStrike start offering very proactive solutions to customers to stop breaches. So, indicators of attack help us to stay ahead of what potentially an attacker would do in an environment.  One of the approaches we brought to cybersecurity was a rule of 110 and 60. One minute to detect, 10 minutes to investigate, and 60 minutes to respond. So this approach has really made it, as you rightly said, it’s a cat and mouse game. It’s a race against time. The sooner we are able to track an adversary in the environment, the faster or more effective it would be to stop a breach. And this has differentiated us from the rest in the world of cyber security.

I don’t remember anything more tech intensive than probably the cyber security solutions; particularly, how they’re being implemented, how they prevent a future attack or they nip in the bud some of the potential attacks. So, how do you upskill your partner ecosystem to provide a more ebullient security service?

Our partner program, which we call as Elevate 2.0 partner program, provides multiple avenues for partners to drive high margin opportunities. It is a knowledge-driven initiative which includes regular webinars to educate the partners. We also educate the customers through some of these programs about the new offerings and optimal usage of them. We also have programs like engagement license program which enables certain eligible partners to use CrowdStrike platform at no cost for a finite period of time to service their customer needs during their darkest hours, CrowdStrike is making a heavy investment around there on educating partners on our current offerings, on our new offerings and how that can help their customers in stopping the breaches there. And it’s an ongoing continuous program. Quarter on quarter, month after month, week after week, day after day, my team and our distributors continuously work with partners to drive this enablement further.

When it comes to selling a product, customer experience weighs over the rest. So, what sort of pre sales and post sales services do you offer?

We have been investing in solution architects and they are the trusted advisors to our partners. And the role of the solution architect is, as I said, is to educate our partners around the offering and on how cyber security can be interwoven into a customer complex environment.

The second aspect of our engagement rests our corporate alliance managers who focus on the down market. when I say down market, it is more of the SMB and in the mid-market. We also have regional alliance managers of corporate alliance managers, national align managers, even MSSP managers who look at specific set of partners and provide those high-touch engagements to them to understand what are their business priorities, what are their requirements to support from a cyber security standpoint and how we can enable them and their team to ensure that they are ready to serve customers now and in future.

And all these elevate 2.0 program becomes a foundation for all these things.

Are you planning any major investment towards channel expansion or in terms of expanding your head count in India?

We are seeing a strong demand in cybersecurity market. Yes, we are investing heavily in sales and in channels as well. So, you will see that investment happening. In fact, our channel team presence in India has nearly doubled over last year. Number of people that we have now focus on the different set of partners we have in the region. So, that is going to be an investment that will continue as we expand our business.

The other investments we are looking at is around how we can enable partners more because that’s going to be a corner, that’s going to be a key aspect of our way of guaranteeing an outcome to a partner in terms of their understanding of our solution.

What would be your growth outlook for the current year?

If you look at how our business has been trending globally, we are in a hyper growth mode. You can look at any of our quarterly reports. We would be talking about 60% plus year on year growth. And this is largely happening because of three approaches we are doing which is Land, retain and expand. So, land is about acquiring new customers. And if you look at our quarterly reports, our new acquisition is nearly doubling every year. So many more customers are relying on CrowdStrike to safeguard their environment.

The second aspect that we are focusing on is the 20 plus modules on our platform. Each of these modules solves a specific customer problem. And so that’s where CrowdStrike and the channel partners are working closely with the customer to see how some of our solutions can help address some of their current problems. So, there is a significant expansion that can happen by just going and selling these modules to the customers.

Thus, if I look at these three strategies of land, retain and expand, I think the growth momentum that we have seen in the past with these, we will also see a similar momentum in the future as well.

Related posts

Organisations’ should focus on performance, security, and other technology and business requirements to determine workload placement

adminsmec

Chinese APT group targets Southeast Asian government with previously unknown backdoor

adminsmec

TRANSFORMING THREATSCAPE THROUGH A ZERO TRUST APPROACH

adminsmec