Skip to main content
close search
site logo
Dive Brief

CrowdStrike CEO pushes ‘resilient by design’ framework, promising changes

The cybersecurity vendor is embracing a new business framework to address security deployment lapses and the fragility of interconnected systems.

Published Sept. 26, 2024
Matt Kapko's headshot
Senior Reporter
CrowdStrike booth at Black Hat USA 2023 in Las Vegas.
CrowdStrike's booth on Aug. 10, 2024, at Black Hat USA in Las Vegas. CrowdStrike CEO George Kurtz introduced a new business framework during the company's annual Fal.Con conference designed to mitigate the fragility of interconnected systems. Matt Kapko/Cybersecurity Dive

Dive Brief:

  • CrowdStrike introduced a new framework designed to catch errors early and mitigate the fragility of systems, CEO George Kurtz said last week. The release follows the company’s defective software update that caused one of the largest global IT outages in history over the summer.
  • The framework, dubbed “resilient by design,” borrows language and principles from the Cybersecurity and Infrastructure Security Agency’s secure by design initiative, which aims to shift the responsibility for security from customers to vendors. CrowdStrike was one of the first companies to sign CISA’s voluntary secure-by-design pledge in May.
  • “Resilient by design expands on the concepts of CISA’s secure by design to help ensure that our systems and companies are built to anticipate, withstand, adapt and recover from any disruption that might compromise security, operations or availability,” Kurtz said in a Wednesday blog post. He revealed the framework during CrowdStrike’s annual Fal.Con conference last week.

Dive Insight:

CrowdStrike made a relatively simple but far-reaching mistake that caused Windows computer systems to crash across the globe in July. The error impacted the company’s reputation and caused CrowdStrike to pursue strategic shifts, similar to those taken by Microsoft after its internal security practices caused widespread harm.

The outage directly impacted Microsoft Windows systems because of CrowdStrike’s reliance on deep control and access to the Windows kernel, the central-most part of the Windows operating system. On Tuesday, Adam Meyers, CrowdStrike’s SVP of counter adversary operations, described Windows kernel access as critical for cybersecurity tools.

Kurtz invited Microsoft Chair and CEO Satya Nadella to join him via video conference during his Fal.Con keynote last week.

“If we are back here talking about this next year, we should have achieved two things,” Nadella said. Tangible progress on secure safe deployment and a new abstraction layer in Windows that builds a foundation for more resilient security products, Nadella said.

Kurtz’s plan for the company he co-founded in 2011 is to embed three pillars of resilient by design into every CrowdStrike process and activity.

  • Foundational: Make resilience a core element of CrowdStrike and make improvements designed to enhance the resiliency of interconnected systems. This effort spans process improvements already implemented by CrowdStrike and an ongoing commitment to strengthen code, deployment, configuration and support.
  • Adaptive: Focus on the diverse needs of customers and the industries they operate in, and adapt to those diverse needs with more resilient security solutions.
  • Continuous: Develop a perpetual feedback loop across the cybersecurity industry to foster consistent learning and improvement.

“Our commitment to our customers means CrowdStrike must become a positive example of resilient by design. We are resolved to do exactly that,” Kurtz said. “Pursuing resilience is not optional — it’s essential for all of us.”

Filed Under: Strategy

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell