TDK Electronics Goes from Complexity to Confidence with CrowdStrike

 

TDK Electronics is a German manufacturer of electronic components, modules and systems. With more than 23,000 employees spread across 20 development and production sites worldwide, TDK serves a range of industries, including automotive, industrial and consumer electronics, IT and telecommunications. 

Its large and diverse portfolio make the company a frequent target for cyberattacks — pushing TDK executives to stay on top of the latest security best practices.

“The security goals of availability, confidentiality and integrity are priorities for us. As a reliable supplier of electronic components and systems for many industries, we must be able to guarantee a very high level of IT security,” said Thomas Zeulner, CISO at TDK Electronics.

Before TDK deployed CrowdStrike in 2020, the company relied on a traditional antivirus (AV) solution that uses signatures to detect malicious activity. However, seeing attack methods grow in speed and stealth over the years, Zeulner came to realize that a next-gen solution was needed — one that uses AI and machine learning to stop new, polymorphic and distorted malware that traditional AV solutions often miss, in addition to fileless attacks.

After an extensive evaluation process, TDK selected the AI-native CrowdStrike Falcon® cybersecurity platform and CrowdStrike Falcon® Complete for 24/7 managed detection and response across multiple attack surfaces.

 

Consolidating Cybersecurity

TDK deployed CrowdStrike Falcon® Insight XDR for endpoint detection and response (EDR) across 13,000 endpoints in just one week. It didn’t take long for the company to realize the benefits of modern endpoint security. 

“With our previous EDR solution, we were forced to run two products with different consoles. This meant our administrators had to understand two solutions and operate different dashboards, all while trying to identify possible attacks,” said Zeulner. “Plus, the high false-positive rates were a problem for our small security team.”

With CrowdStrike, both false positives and complexity dropped significantly, giving TDK superior endpoint protection from a single platform, agent and command console. 

This streamlined approach to cybersecurity gave TDK confidence to adopt additional protections through the Falcon platform. In 2022, the company licensed CrowdStrike Falcon® Identity Protection to address the growing problem of identity-based attacks. 

Zeulner saw stolen credentials as an increasingly critical attack vector, allowing adversaries to quickly gain access and control without detection. “This is why I recommended to our board that we add Identity Threat Protection to our CrowdStrike product suite,” he said.

The Falcon platform is the industry’s only unified platform for endpoint and identity security. With the addition of Falcon Identity Protection, TDK received complete visibility into identity-based threats, and real-time prevention via the Falcon Complete team.

  

Improving Log Management Operations

Since switching to CrowdStrike, TDK has deployed several additional protections through the Falcon platform, including CrowdStrike Falcon® Adversary Intelligence, CrowdStrike Falcon® Adversary OverWatch and other technologies designed to streamline operations while protecting the enterprise from cyberattacks. 

CrowdStrike® Falcon LogScale™, for example, has boosted TDK’s log management and compliance operations. In order to serve the automotive industry, TDK needs TISAX® (Trusted Information Security Assessment Exchange) certification, which includes specific requirements for IT, cybersecurity and log management. 

Falcon LogScale helps meet these requirements while enabling TDK to monitor IDS/IPS systems and VPN and proxy connections for cyber threats, receive IT alerting and store data long-term for compliance and security use cases. 

Zeulner was impressed with the fast implementation and ease of use. “The connection between Falcon LogScale and our data sources was fully set up and configured in just a few days,” he said. “Thanks to the intuitive user interface, we now have powerful visualizations of all relevant network security data to help us investigate and manage the ever-growing number of threats and vulnerabilities.”

 

Augmenting the Team with Managed Detection and Response

Along this cybersecurity modernization journey, Zeulner realized that his small security team didn’t have the resources to fully utilize their CrowdStrike technology in addition to all of the other tasks required to protect a global enterprise. Zeulner in particular felt the pressure. 

“I received all the Falcon detections because I was the only person on my team who could handle them at the time,” recalled Zeulner. “But it was almost impossible for me to manage this workload on top of my other responsibilities.”

TDK made the strategic decision to adopt Falcon Complete MDR in 2022, gaining managed protection for its CrowdStrike endpoint, identity and log management deployments. Today, Falcon Complete acts as a seamless extension of Zeulner’s team, delivering 24/7 expert monitoring, proactive threat hunting, integrated threat intelligence and full-cycle remediation by CrowdStrike experts. 

“Together, we came up with a playbook to define which decisions the Falcon Complete team can make on our behalf and what they pass to us so we can make the decision,” explained Zeulner.

Falcon Complete MDR immediately slashed Zeulner’s workload by half. “It allowed me to outsource many tasks and decisions to CrowdStrike. There are now far fewer events that require our active intervention, freeing up valuable IT capacity elsewhere.”

For TDK, deploying the Falcon platform along with Falcon Complete has strengthened the company’s security posture while reducing the complexity and manual work that trouble so many IT and security teams. As the threat landscape continues to grow and evolve, Zeulner can rest easy knowing CrowdStrike is there to deliver 24/7 managed protection.

“My CIO and I can definitely sleep much better now,” concluded Zeulner.

 

Breaches Stop Here