Getty Images

CISA taps CrowdStrike for endpoint security

The U.S. government's cybersecurity authority will be watched over by security vendor CrowdStrike as part of the larger government IT security overhaul.

CrowdStrike struck a new deal that will provide its endpoint security offering to the U.S. government's Cybersecurity and Infrastructure Security Agency.

Under the terms of the deal, CrowdStrike will be outfitting endpoints within CISA and several other agencies whose network security is managed by the DHS' cybersecurity agency. Specifically, the agency will be making use of CrowdStrike's Falcon endpoint protect platform. The company declined to say exactly how many endpoints or agencies will be using its service but described the deployment as a "sizable base."

Among the projects CrowdStrike is set to work on is CISA's Continuous Diagnostics and Mitigation (CDM) effort, which oversees security for civilian networks on the .gov domain.

"This is a sizable base plus multi-year contract, making the federal government one of CrowdStrike's largest customers," James Yeager, CrowdStrike's vice president of public sector and healthcare, told SearchSecurity.

"CrowdStrike is working closely with not only the agencies directly, but the systems integrators community that are aligned with the agencies through CDM DEFEND to provide them with our groundbreaking technology."

The deal comes as the U.S. government has been undergoing a massive overhaul of its cybersecurity procedures and practices. In May, President Joe Biden issued an executive order ensuring that, among other things, mandated agencies move to a zero-trust security model and mandatory use of multifactor authentication.

The Biden administration has made cybersecurity a big point in its diplomatic dealings as well, putting pressure on the Kremlin to crack down on ransomware and cyber attacks within Russia's borders, as well as pursuing nation-state attackers in China. In particular, the attacks on SolarWinds and Kaseya have raised concern that a single cyber attack could impact both the public and private sectors.

Yeager told SearchSecurity that CrowdStrike faces some "unique and complex challenges" when crafting a security platform for CISA and the agencies it cares for.

"We have a deep understanding of the threat landscape," he said, "which allows us to equip the government with the necessary combination of cloud-native technology, automated protection and remediation and elite threat hunting to empower teams to combat cyber complexities."

The partnership could also bring benefits to CrowdStrike customers outside of Washington. In particular, Yeager suggested the deployment could trickle down in part to security setups that can be used by state and local governments.

"We have recently made numerous strategic partnerships as we continue to support our both federal and state and local government customers with the best-in-class technology to combat today's stealthy and sophisticated adversaries," Yeager said.

CrowdStrike has a history of assisting the U.S. government clients in Washington, D.C. The security firm was famously called in to investigate the 2016 breach on the Democratic National Committee, which was later attributed to Russian state-sponsored attackers, as well as the 2018 attacks on the National Republican Congressional Committee.  

Dig Deeper on Security operations and management