CrowdStrike executive details next-generation cybersecurity needs, threats

➤ The future of cybersecurity lies in artificial intelligence and machine learning, according to Amol Kulkarni, chief product officer of new-generation cybersecurity provider CrowdStrike Holdings Inc.

➤ Cybersecurity demand has increased sharply during the pandemic, as remote work forces companies to accelerate digital transformations. At the same time, attackers have become more ambitious and sophisticated.

➤ A broad secular shift to more enterprise protection and more sophisticated cybersecurity products should maintain sector growth for the foreseeable future.

With new coronavirus variant concerns keeping workers in home offices and a string of data breaches making headlines, many executives are reconsidering cybersecurity solutions. This has opened the door for a new generation of cloud-based security vendors that offer products driven by artificial intelligence.

S&P Global Market Intelligence recently spoke with CrowdStrike's Kulkarni to get the latest on how cybersecurity's demand environment has evolved in the pandemic and where the sector may be headed next. What follows is an edited version of that interview.

Amol Kulkarni Source: CrowdStrike

S&P Global Market Intelligence: Looking at your product lineup, the Falcon platform is your main offering, and that has been around since 2013. At the same time, we are witnessing a constantly changing threat environment. How has the demand story for CrowdStrike platforms evolved, especially in the past year amid the pandemic?

Amol Kulkarni: With the Falcon platform, there are two main components. There is a lightweight agent that runs on a variety of workloads and protect laptops, desktops, servers, cloud instances, IoT devices and mobile devices. And then there is the Threat Graph, which is the graph database that's in the cloud. With those, we are able to build behavioral detections as well as machine-learning models that can tackle classes of attacks in a predictive manner. From an attack perspective, the number of attacks have increased recently, and that has really fueled demand.

A few years back, customers realized that they cannot depend on legacy antivirus solutions. That was the standard for many years before everyone realized that endpoint detection and response (EDR) was needed. Now, in the last year and a half, demand has gone through the roof. Partly because people are working from anywhere, which renders all on-premise and network security-based solutions inadequate. Then the second part was digital transformation. As companies responded to the remote workforce, they moved roadmaps that were originally three-year plans to just a month or even in a week from a cloud perspective.

Do you expect any retreat on demand once businesses adjust to the new normal?

To read more about how increased demand is impacting cybersecurity equities, see: Cybersecurity investments set to grow as threat landscape heightens

While one thing is the transformation in the industry, the second part is how adversaries have evolved, and especially what ransomware has done to industry in terms of the preparedness that people require. As our CEO says, cybersecurity is becoming the equivalent to shelter in the Hierarchy of Needs. It's so much of an essential now, and we really see that as being a transformational shift.

No, we don't. If you look at the percentage of IT that's happening in the cloud, it's still a very small percentage. So, from that perspective, there is so much runway in terms of basic digital transformations. On top of that, the number of businesses whose cloud data is actually secured with a cloud workload protection solution is much smaller. So just within that, there is a huge amount of growth possible. We are not seeing any reduction at all on the horizon. In fact, there is acceleration of the growth. And part of that is also because attacks have taken on a whole different dimension.

CrowdStrike has been relatively quiet in a busy year for tech M&A, particularly cybersecurity deals. What is your take on the M&A market and innovating through acquisition?

We are focused on our mission of stopping breaches, And everything we do — including our M&A strategy — revolves around that. We examine opportunities a lot, often 10 to 12 companies in a week in the security space and other areas.

We look for a few things. One is innovation, so is this a unique take or a unique approach to solving existing problems? That's core for us from a cultural perspective, and we look for a similar fit in an M&A target. And the second one is, of course, that the company operates in a strong market. We are also driven by what our customers are talking to us about in terms of why they need a solution. Those factors drive us when looking into potential markets to break into.

Valuations are high, but that's true across the board, right? If the potential is there, if the target market is there, if the vision is there and if the innovation is there, then you can always recover very high valuations.

Where do you think the cybersecurity space is off to next? Any trends you see looking ahead?

Looking at overall demand dynamics, the future of the sector are the next-generation companies who are focusing on machine learning, artificial intelligence and behavioral detection, what we call as IOAs, or indicators of attack. Those are the ones that are able to take advantage of this shift. And the other part, which is also critical, is the companies who are purely cloud-delivered.

For future security models, building zero trust architecture solutions — where the concept of trust is eliminated from an enterprise's network — is one trend. Zero trust was a buzz word for a long time, but it's now in a place where it can actually be built or implemented at scale.

Another one is extended detection and response (XDR), which is finding malicious activity outside of endpoint. I see a good trend there because, from a security perspective, you can serve an entire enterprise.

[Editor's Note: Endpoints can include servers, desktops, laptops and mobile devices. XDR broadens security to work across the modern distributed IT environment, collecting data from multiple security layers, such as email and the cloud.]