CrowdStrike Field CTO Warns of Identity-Based Attacks Shift

Share
CrowdStrike provides AI-powered endpoint protection and threat intelligence services
Endpoint security technology firm predicts surge in credential theft as criminals move away from malware, with visibility emerging as key defence priority

The cybersecurity industry faces a fundamental shift in attack methods as criminals move away from malware towards credential theft and identity-based breaches, according to CrowdStrike, the endpoint security technology firm.

The trend reflects broader changes in enterprise technology infrastructure, where cloud adoption and remote work have expanded the attack surface for potential breaches. CrowdStrike, which provides AI-powered endpoint protection and threat intelligence services, sees this evolution as a critical challenge for security teams.

Identity-based attacks now account for 75% of initial access attempts, marking a shift away from traditional malware-based approaches, according to the company’s analysis.

“Identity is the new major battleground in cybersecurity – and visibility is critical to building a strong defence,” says Zeki Turedi, Field CTO Europe at CrowdStrike.

Zeki Turedi, Field CTO Europe at CrowdStrike. Pic: CrowdStrike

The move towards credential-based attacks presents new challenges for security teams, as attackers using stolen credentials leave minimal evidence compared to malware-based intrusions. These attacks often manifest as legitimate login attempts, making traditional detection methods less effective.

Security teams face challenges in detecting these attacks due to organisational structures that separate IT and security functions. Each team typically uses different tools, creating gaps in visibility across systems.

“To effectively identify and stop these attacks, teams need an AI-native cybersecurity platform that unifies visibility across cloud, endpoints and identities,” he says.

CrowdStrike reports 62-minute window for criminal breaches

The speed of modern cyber attacks demands rapid response capabilities from security operations centres (SOCs). Current data shows cybercriminals can move laterally through networks – a process known as breakout – in 62 minutes.

Youtube Placeholder

Traditional security information and event management (SIEM) systems – platforms that collect and analyse security data from across an organisation – often impede response times by overwhelming teams with excess data.

Organisations require platforms capable of managing modern data volumes while reducing redundant tools. These systems need to integrate with existing security infrastructure to provide comprehensive coverage.

Zeki advocates for cloud-based platforms that can process modern data volumes while integrating with existing security tools. “Teams need real-time intelligence, high-fidelity detections and automation that provides actionable context to outpace today’s sophisticated adversaries,” he says.

The integration of AI and machine learning technologies enables real-time response orchestration, providing security teams with the speed needed to match modern threats.

EY research shows board-level security focus

Research from professional services firm EY indicates 72% of public Fortune 100 companies now list cybersecurity expertise as a board requirement. The proportion of companies with directors citing cybersecurity experience in their biographies has increased from 34% in 2018 to 71%.

Key facts
  • 62 minutes - Average time for cybercriminals to achieve network 'breakout'
  • 72% - Fortune 100 companies requiring cyber expertise on boards
  • 71% - Fortune 100 directors with cybersecurity experience, up from 34% in 2018

This shift reflects growing recognition of security’s importance at executive level, though experts emphasise the need for security expertise throughout organisations.

Security advisors now work across multiple organisational levels to align security strategies with business objectives. Their role includes overseeing the deployment of security tools and ensuring adherence to security practices.

These professionals play a crucial role in developing organization-wide security awareness, ensuring teams understand their responsibilities in maintaining security posture.

UK public sector faces new cyber security bill requirements

The introduction of the UK’s Cyber Security and Resilience Bill creates additional pressure for public sector organisations facing budget constraints. The legislation establishes new cybersecurity standards for public bodies at a time when resources are limited.

Identity is the new major battleground in cybersecurity — and visibility is critical to building a strong defence

Zeki Turedi, Field CTO Europe, CrowdStrike

The disparity between public and private sector security capabilities continues to widen due to budget differences. This gap raises concerns about the public sector's ability to maintain adequate security measures.

Budget reductions affect organisations’ ability to maintain security expertise, often leading to IT teams making security decisions without specialised knowledge. This situation creates risks in areas such as AI adoption and vulnerability management.

The impact extends beyond immediate security concerns. As Zeki explains, organisations making short-term budget decisions may face increased costs from security incidents and compliance issues.

“Investment in robust security measures is critical to counter evolving threats and ensure compliance with future regulations,” he says.


Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 


Cyber Magazine is a BizClik brand

Share

Featured Articles

Apple's Siri: How The Most Private AI Assistant Works

After a lawsuit, Apple is eager to prioritise privacy in Siri through its on-device processing, minimal data collection and advanced security protection

How The UK’s AI Plan Will Impact The Cybersecurity Sector

The UK’s £14bn AI investment requires enhanced cybersecurity measures as Kyndryl and Vantage Data Centres prepare for infrastructure expansion

Darktrace to Acquire Cado Security in Cloud Defence Push

AI cybersecurity firm Darktrace expands its cloud investigation capabilities through purchase of Cado Security, following recent acquisition by Thoma Bravo

Sophos MDR Reports 37% Customer Growth in Cybersecurity Push

Cyber Security

Netskope Data Shows Phishing Success Rate Tripled in 2024

Cyber Security

Gartner: How to Align Risk Management and Governance in 2025

Operational Security