New to GovCloud: Falcon Managed Detection and Response Transforms Government Security

July 21, 2021

| | Public Sector
Public sector organizations continue to deal with a threat landscape unlike any we’ve seen before. They’re being targeted in increasingly stealthy and sophisticated cyberattacks from both nation-state and eCrime adversaries. And at the same time, they’re slowed down by the inability to hire and retain skilled defenders to protect their networks. Compounding the problem is the massive transition to a world where employees can work from anywhere, in tandem with ongoing initiatives to modernize infrastructure and improve resilience and agility. Combined, these trends lead to massive increases in the attack surface, further testing already-burdened security teams. To help U.S. public sector organizations of all types reverse this imbalance, CrowdStrike is proud to announce that Falcon Complete™, our industry-leading managed detection and response (MDR) solution, is now available on CrowdStrike Falcon® for GovCloud — our FedRAMP-authorized endpoint protection platform — to provide cloud-native MDR for the public sector. For the first time, government organizations are able to get the 24/7 expertise they need to defend against today’s most advanced threats, in a cloud-native solution that is easy and inexpensive to operate, while maintaining the highest level of control over high value assets, mission critical IP and other sensitive data.

Speed Is Critical for Defenders

Provisions in the 2021 National Defense Authorizations Act (NDAA) reinforce the importance of speed in cyber defense, amplified by recent attacks on the US infrastructure, including energy sector and oil pipelines, supply chains, public utilities and agriculture. The NDAA highlights the need for maintaining effective cyber capabilities, and lays out requirements and funding for “pilot programs, demonstrations, and/or plans for: speed-based cybersecurity capability metrics to measure DOD performance and effectiveness.” Speed is of critical importance to all defenders. CrowdStrike’s data shows that adversaries can often inflict damaging attacks within hours of an initial intrusion, which may come at any time of day or night. To avoid a breach, defenders should strive to detect these threats within the first minute, investigate and understand each threat within the first 10 minutes, and contain and eradicate the threat within 60 minutes. At CrowdStrike we call this the rule of 1-10-60, and consider it core to a successful security operations center (SOC). Most security teams are too far from meeting this bar, often taking days or weeks to identify and respond to a threat. Modern cloud-native endpoint protection solutions and managed services can help reduce or eliminate much of the burden on over-taxed security teams. Unfortunately, many of these solutions are unworkable for federal government agencies and other public sector organizations, who must comply (or choose to comply) with the U.S. FedRAMP program.

 

 

Speed Requires the Right Platform and Expertise

Gartner predicts that by 2025, 95% of new IT investment made by government agencies will be made as a service solution (see: Gartner Identifies Top 10 Government Technology Trends for 2021, Mar. 29, 2021). Consuming “Anything as a Service” increases agility, improves time-to-value, and alleviates problems associated with limited capex and people resources. As the industry’s first cloud-native endpoint protection solution, the CrowdStrike Falcon® platform has long delivered on the promise of better protection and efficiency for our customers all over the world. CrowdStrike Falcon® uses sophisticated AI and behavioral analytics, powered by the security industry’s most extensive set of endpoint telemetry and threat intelligence, to protect customers against all types of cyberattacks. Of course it takes more than technology to stop today’s adversaries; it also requires expertise and mature processes. Unfortunately, finding, hiring and retaining expert security staff can be challenging in many segments of the public sector. Falcon Complete builds on this pioneering platform by adding CrowdStrike’s unique combination of deep expertise, providing 24/7/365 management, monitoring, and surgical remediation to threats of all types.

 

As agencies and institutions accelerate their adoption of cloud technologies and applications, CrowdStrike is proud to be at the forefront of this movement, first with the introduction of CrowdStrike Falcon® on GovCloud, and now with the addition of Falcon Complete to our GovCloud portfolio.

 

GovCloud is broadly trusted by U.S. government agencies at the federal, state and local levels, as well as contractors, educational institutions and other U.S. enterprises that run sensitive workloads in the cloud. With CrowdStrike Falcon® on GovCloud, we make it simple for these organizations to replace their legacy antivirus solutions and upgrade their security program with a more innovative and effective level of endpoint protection. By delivering our powerful MDR service from GovCloud, CrowdStrike is able to unlock additional benefits by eradicating threats in minutes, eliminating risks, and unleashing enormous savings. A recent study by Forrester Research showed that CrowdStrike’s customers recognized more than 400% ROI by partnering with Falcon Complete. The benefits don’t stop there. The Falcon platform not only provides the foundation for stopping sophisticated attacks, but it also is built to expand easily and inexpensively to solve tomorrow’s toughest security challenges. The presidential Executive Order (EO) on cybersecurity, signed in May 2021, calls out a number of priorities for government agencies, including fundamental building blocks such as endpoint detection and response, incident management and security operations center (SOC) as a service. Falcon Complete neatly checks these boxes in a single turnkey solution, while providing a platform that can address other EO priorities including Zero Trust, vulnerability management and log management.

Transforming Government with Cloud-native MDR

The cloud is helping to transform governments by reducing IT complexity, driving down costs, enabling faster innovation and delivering mission-critical services to citizens, in real time and on demand. CrowdStrike is proud to be at the forefront of this transformation. Federal agencies and government leaders have an opportunity to make lasting changes to how the public sector handles cyberthreats and attacks. Now is the time to embrace not only the need for speed, but the value of a truly effective managed service for endpoint protection. Continuous monitoring combined with speed lets organizations manage compliance challenges and budget restrictions while putting up formidable defenses against the most sophisticated adversaries.

 

Additional Resources