UPDATED 16:52 EST / SEPTEMBER 21 2022

SECURITY

Data security strategies continue to evolve in response to expanding threat landscape

What is the difference between a chief information security officer and a chief security officer? In some companies, it’s a matter of semantics rather than responsibilities.

But for Shawn Henry (pictured, right), president of the Services Division and chief security officer of CrowdStrike Holdings Inc., the distinction is important. While a CISO oversees all things related to information technology security, a CSO is responsible for all things security, whether physical or virtual.

“If you’ve got adversaries that want to gain access to your organization, they might do it remotely by trying to hack into your network,” Henry said. “But they also might try to get one of your employees to take an action on their behalf, or they might try to get somebody hired into your company to take some nefarious acts. So, from a security perspective, it’s about building an envelope around all things valuable.”

Henry and Kevin Mandia (pictured, left), chief executive officer of Mandiant Inc., spoke with theCUBE industry analysts Dave Vellante and David Nicholson at theCUBE @ Fal.Con 2022, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed changes in the threat landscape and how collaboration between companies is important to build a strong defense against criminals. (* Disclosure below.)

Cybersecurity community collaborates against the common enemy

CrowdStrike has both a CSO and a CISO who work together to secure the company against potential threats. But CrowdStrike was founded on the premise that the unstoppable breach is a myth. While the statement is still far more of a future vision than a statement of fact, CrowdStrike is still striving toward the goal.

“It’s like healthcare; you’re not going to stop every disease, but there’s a lot of things that you can do to mitigate the consequences of those things,” Henry stated. “The same thing with network security. There’s a lot of actions that organizations can take to help protect them.”

As with personal health, companies that take a lackadaisical “don’t-care” attitude to security should expect to suffer the consequences, according to Henry. Companies have learned that battling an enemy that is well-funded and motivated requires collaboration. Mandiant and CrowdStrike may compete head-to-head in the market, but they put that aside to work together in the greater fight against their common adversary.

“If I see something that’s new and novel, I certainly contact Shawn and the team at CrowdStrike … because they protect so many endpoints and they defend nations,” Mandia said.

Microsoft Inc. and other companies that “have a large capability to do shields up,” are also on his immediate contact list.

“You can’t sit on new and novel [vulnerabilities]. You get to the vendor where the vulnerability is,” he added.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of theCUBE @ Fal.Con 2022:

(* Disclosure: CrowdStrike Holdings Inc. and Mandiant Inc. sponsored this segment of theCUBE. CrowdStrike, Mandiant and other sponsors do not have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU