CrowdStrike questions could give CISOs pause — with options available
- by nlqip
Ironically, the answer on updates is in large part because many enterprises have historically found CrowdStrike’s quality to be quite high. “We trusted them too far because they have been really good for too long,” Zalewski said, stressing that the decision was also made because enterprise IT was cutting back extensively.
“We didn’t have the resources or the time so we had to trust the vendor,” he said. Many IT operations considered halting the patches and doing their own testing before allowing them to be deployed, but they concluded that “in our minds, the latency of delaying was great. It was higher risk for us to do the testing.”
‘Prove to me that you can test’ or risk defection
Charles Blauner, former CISO for both JPMorgan Chase and Deutsche Bank, and former head of information security for Citi, disagreed with Zalewski regarding the ROI of testing patches before deploying them.
Source link
lol
Ironically, the answer on updates is in large part because many enterprises have historically found CrowdStrike’s quality to be quite high. “We trusted them too far because they have been really good for too long,” Zalewski said, stressing that the decision was also made because enterprise IT was cutting back extensively. “We didn’t have the…
Recent Posts
- Hackers abuse Avast anti-rootkit driver to disable defenses
- Microsoft testing Windows 11 support for third-party passkeys
- Windows 11 24H2 update blocked on PCs with Assassin’s Creed, Star Wars Outlaws
- Windows 10 KB5046714 update fixes bug preventing app uninstalls
- Eight Key Takeaways From Kyndryl’s First Investor Day