News | Story

Cloudflare, CloudStrike, Ping Identity Offer Free Services To Protect US Critical Infrastructure

Cloudflare, CloudStrike, Ping Identity Offer Free Services To Protect US Critical Infrastructure

The announcement was made on Monday by a trio of big cybersecurity businesses that they would be providing free cybersecurity services and assistance to susceptible sectors for the next four months.

Companies in particularly vulnerable industries — such as hospitals and water and power utilities — will benefit from the new Critical Infrastructure Defense Project, which will provide them with access to the full suite of Cloudflare’s Zero Trust solution, CrowdStrike’s endpoint protection, and intelligence services, and Ping Identity’s Zero Trust identity solutions, among other services.

In addition, the project provides a roadmap with step-by-step security procedures that any organization can use to defend itself against cyberattacks, which can be downloaded for free from the project’s website.

According to Cloudflare Co-founder and CEO Matthew Prince in a statement, “We depend on our infrastructure to power our homes, to give access to water and basic commodities, and to ensure crucial access to healthcare.”

The president continued by saying that “it is now more necessary than ever for the security sector to come together and guarantee that our most crucial businesses are secured and prepared.”

CrowdStrike’s co-founder and CEO, George Kurtz, said that the program is first and foremost a public service to protect the endpoints and data of some of the most vital critical infrastructure companies in the nation.

Equal Parts Altruism and Marketing

Gartner Research Vice President Katell Thielemann pointed out that similar security promises were given in the case of the Covid pandemic outbreak, Thielemann. In her words, “from a vendor viewpoint, they are equal parts philanthropy and marketing – yet these firms should be commended for their efforts to benefit the community.”

“From the perspective of the end-user, they may be quite beneficial, whether it’s to improve their security posture or just to experiment with new services,” she said.

Thielemann advised end customers to “read the small print” before engaging in any agreements, to install services with prudence, and to have an exit plan in place in the event that things don’t work out or the cost of post-offer services is too expensive.

“Cloudflare, CrowdStrike, and Ping Identity are among the most respected names in the security industry. As Kevin Dunne, president of Pathlock, a unified access orchestration supplier in Flemington, New Jersey, put it, “By delivering their solutions to operators at no cost for four months, they are eliminating one of the main hurdles to entry for these enterprises.”

“However, the most significant barrier to entry is often the expense and friction associated with implementing these solutions, particularly in the absence of the necessary know-how or preparedness, which frequently hurts these vulnerable businesses,” he said to Dailion.

“However, although not a disadvantage in and of itself, organizations should be aware that acquiring a solution for free cost does not imply that they will be able to gain benefit and protection without incurring any expenses.”

Boost to Zero Trust

Purandar Das, CEO, and co-founder of Sotero, a data protection firm based in Burlington, Massachusetts, said that the Critical Infrastructure Defense Project might be a significant advantage to businesses considering whether or not to undertake a cybersecurity program.

“It goes without saying that any safety precautions are beneficial under these circumstances,” he told Dailion. “If this offer assists companies in overcoming whatever money and time constraints they may have encountered, it may be able to help them better safeguard themselves.”

On the other side, he went on to say, they may find themselves in a long-term commitment that they hadn’t planned for at all.

Das went on to say that there might be challenges with resources and skills as well. According to him, “Many businesses and organizations, particularly legacy businesses, are either not changing or have not moved quickly enough to keep up with the attack vectors that have changed.” It is possible to have both skills-based issues and unanticipated consequences on their infrastructure if they deploy software such as this in haste and without proper planning.

He believes that Zero Trust, in which every user, resource, and machine activity is continually watched for misbehavior, will benefit from the initiative, and that it will flourish as a result. In his opinion, “this might serve as a significant motivator for enterprises to reconsider their whole security strategy and upgrade their security stack.”

‘Shields Up’

These technologies are unquestionably Zero Trust competent, which means that they may assist in enforcing Zero Trust in situations where it does not currently exist, according to Dunne. However, it is vital to emphasize that Zero Trust is a mindset rather than a collection of tools.

“Even the most basic technologies may be effective in enforcing Zero Trust if they are designed correctly,” he stated. “In order to achieve success in implementing a Zero Trust strategy, strong security leadership and a focus on Zero Trust from the top down are essential.”

The start of the Critical Infrastructure Defense Project follows the release of a “Shields Up” advisory by the Cybersecurity and Infrastructure Agency of the United States Department of Homeland Security earlier this month.

According to the alert, “While there are no specific or credible cyber threats to the United States homeland at this time,” Russia’s unprovoked attack on Ukraine, which has included cyberattacks on [the] Ukrainian government and critical infrastructure organizations, may have ramifications for organizations both within and outside the region.

This includes “big and small organizations,” which must be prepared to react to disruptive cyber activities, the report says.

Executive Assistant Director of Cybersecurity at the Center for Internet Security (CISA) Eric Goldstein said that many companies, both public and private, have a high number of targets but little resources. To close this gap, the Center for Internet Security (CISA) created a free catalog to assist such firms in improving their security posture, he told Dailion.

In addition to offers from CISA, the open-source community, and essential partners in our Joint Cyber Defense Collaborative, such as Cloudflare and CrowdStrike, he noted that the catalog included products from other organizations. “When used in conjunction with fundamental cybersecurity principles, these services may assist companies in detecting, preventing, and responding to cybersecurity problems,” the authors write.

Targets for Retaliation

Das said that critical infrastructure providers are now more vulnerable to cyberattacks than they were before to the outbreak of the Ukrainian conflict in 2014. As a result, “both the volume and the frequency of assaults are expanding rapidly,” he said.

‘The second danger,’ he said, “is that infrastructure providers will become the major targets of retaliation against the sanctions imposed on Russia.’

Dunne went on to say that although the United States has not yet witnessed a significant spike in notable breaches since the conflict started, a large portion of the combat is taking place on cyber battlefields.

“We can anticipate that Russian cyber forces would respond against NATO members that are backing Ukraine during the invasion,” he warned. “The targets most ripe for assault will be critical infrastructure, where most of the IT landscape is based on legacy technologies and the consequences of even a single day of interruption may be devastating,” according to the report.

Infrastructure for energy production and distribution, in particular, might be a prominent target. Cyberattackers may once again target domestic pipelines as the United States considers reducing its reliance on Russian oil, according to Dunne. “If they are successful in crippling the transportation of oil and increasing reliance on Russian oil imports in the United States,” he said.

Related News


Your email address will not be published.

Share The News

Follow Us