Cloudflare, CloudStrike, Ping Identity Offer Free Services To Protect US Critical Infrastructure

A trio of major cybersecurity companies announced Monday that they are offering four months of free cybersecurity services and support to vulnerable industries.

As part of the new Critical Infrastructure Defense Project, organizations in high-risk industries—such as hospitals and water and energy utilities—have access to Cloudflare’s full suite of Zero Trust solutions. CrowdStrikeEndpoint Protection and Intelligence Services, and Ping Identity’s zero-trust identity solutions.

In addition, the project includes a roadmap of step-by-step security measures that any organization can follow to protect against cyberattacks.

“We rely on our infrastructure to power our homes, provide access to water and basic needs, and maintain critical access to healthcare,” said Matthew Prince, Cloudflare’s co-founder and CEO, in a statement.

“That’s why,” he continued, “it’s more important than ever for the security industry to come together and ensure our most critical industries are protected and prepared.”

“This is primarily a non-profit initiative to secure the endpoints and data of some of the country’s most important critical infrastructure assets,” added George Kurtz, co-founder and CEO of CrowdStrike.

Equal parts altruism and marketing

gardener Research Vice President Katell Thielemann noted that similar safety offers were made as the Covid pandemic spread. “From a vendor perspective, they’re equal parts altruism and marketing — but these companies should be commended for their efforts to help the community,” she told TechNewsWorld.

“From an end-user perspective, they can be very helpful, whether to strengthen their security posture or simply to try out new services,” she added.

Thielemann cautioned end-users to “read the fine print” before signing contracts, provide services with care, and have an exit strategy if things don’t work or post-offer services are priced too high.

“Cloudflare, CrowdStrike, and Ping Identity are leaders in security. By making their solutions available to operators free of charge for four months, they are removing one of the usual barriers to entry for these companies,” noted Kevin Dunne, President of pathlocka unified access orchestration provider in Flemington, NJ

“However, the biggest barrier to entry is usually the cost and friction of implementing these solutions, especially without the required expertise or preparedness, which often hamper these vulnerable industries,” he told TechNewsWorld.

“So,” he continued, “while this isn’t a disadvantage per se, organizations should understand that getting the solution at no cost doesn’t mean they can get value and protection at no cost.”

Boost to Zero Trust

Purandar Das, CEO and co-founder of Soteroa data protection company in Burlington, Mass., found that the Critical Infrastructure Defense Project could be a major benefit for companies undecided about implementing a security program.

“Obviously, all safety measures are valuable in times like these,” he told TechNewsWorld. “If this offering helps organizations overcome whatever budget and time constraints they’ve had, it could help them better protect themselves.”

On the other hand, he continued, they could make a long-term commitment that they don’t have a budget for.

That added that there could also be resource and skill issues. “Many organizations, particularly older organizations, are not moving or are not moving fast enough to keep up with evolving attack vectors,” he explained. “Deploying software like this in a hurry could have both skill-based challenges and unintended impacts on their infrastructure if not done well.”

Zero trust — in which user, resource, and machine activity is continuously monitored for wrongdoing — could get a boost from the project, he claimed. “This could be a huge catalyst for organizations to rethink their entire approach to security and modernize their security stack,” he said.

‘shields up’

These tools are certainly Zero Trust-enabled, meaning they can help enforce Zero Trust in environments where it doesn’t already exist, Dunne noted, but it’s important to emphasize that Zero Trust is more of a philosophy than a philosophy set of tools is.

“Even simpler tools can enforce zero trust if implemented properly,” he said. “Strong security leadership and a top-down emphasis on Zero Trust are required to successfully implement a Zero Trust vision.”

The launch of the Critical Infrastructure Defense Project follows a “Shields Up” warning last month by the US Department of Homeland Security’s Cybersecurity and Infrastructure Agency.

“While there are no concrete or credible cyber threats to the US homeland at this time, Russia’s unprovoked attack on Ukraine, which included cyber attacks, has continued [the] The Ukrainian government and critical infrastructure organizations may impact organizations inside and outside the region,” the alert warned.

“Every organization – big or small – needs to be prepared to respond to disruptive cyber activities,” she added.

CISA Eric Goldstein, executive assistant director of cybersecurity, explained that many organizations, both public and private, are rich in goals and poor in resources. “To fill this gap, CISA has released a free catalog to help such organizations improve their security posture,” he told TechNewsWorld.

“This first catalog includes offerings from CISA, the open source community, and key partners of our Joint Cyber ​​Defense Collaborative like Cloudflare and CrowdStrike,” he said. “Combined with core cybersecurity practices, these services can help organizations identify, prevent, and respond to cybersecurity risks.”

targets for retaliation

Providers of critical infrastructure are now at greater risk of cyber attacks than before the start of the Ukraine war, Das said. “The volume of attacks, as well as the frequency, are increasing exponentially,” he said.

“The other risk,” he added, “is that infrastructure providers will become a primary target to resist sanctions against Russia.”

Dunne added that while the US has not seen a large increase in reportable violations since the war began, much of this war is being fought on the cyber battlefield.

“We can assume that it is only a matter of time before Russian cyber forces retaliate against NATO allies supporting Ukraine during the invasion,” he said. “The most vulnerable targets will be critical infrastructure, where much of the IT landscape relies on legacy solutions and the impact of even one day of downtime can be massive.”

In particular, energy infrastructure can be a priority. “As the US begins to eliminate dependency on Russian oil,” Dunne warned, “cyber attackers may again target domestic pipelines to see if they can cripple oil transportation and increase US reliance on Russian oil imports.”

Cloudflare, CloudStrike, Ping Identity Offer Free Services To Protect US Critical Infrastructure Source link Cloudflare, CloudStrike, Ping Identity Offer Free Services To Protect US Critical Infrastructure

Related Articles

Back to top button