EY and CrowdStrike alliance
The EY – CrowdStrike alliance brings our clients a market-leading CrowdStrike platform and services team together with leading cyber transformational consulting focused on reducing risk to the enterprise and its customers.
Securing the Working World
EY and CrowdStrike bring together the leader in cloud-delivered endpoint and workload protection, and the leader in risk and cyber consulting — seamlessly integrating cybersecurity operations and risk management within the enterprise.
In today’s complex cyber risk landscape, organizations recognize the value of establishing comprehensive and reliable cybersecurity strategies and operations. The EY-CrowdStrike alliance combines CrowdStrike’s leading-class cybersecurity technologies with transformational consulting capabilities and cyber services provided by EY teams. The alliance capabilities are focused on addressing cyber risk and threat management, cyber incident response and cyber threat intelligence. The collaboration offers broad security services to help clients identify and address cyber threats unique to their businesses, while effectively managing those risks.
EY’s Next Generation Security Operations and Response (NGSO&R) services and solutions help build a more secure and trusted working world by helping our clients protect their business with proven strategic and tactical solutions to defend, detect, respond and recover from cyber attacks.
Organizations face a critical challenge, ensuring they are protected and secured against ransomware threats. Financially motivated threat actors, using ransomware attacks, have raised havoc in multiple industries, many resulting in disruption of business operations that cost millions of dollars in damage, or worse.
- Ransomware attacks take advantage of security gaps at multiple levels, across people, processes and technology
- In response, a multi-pronged approach is needed to address the ransomware threat
- Understanding your security posture is critical to ensuring your organization is not the next victim, resulting in public disclosure, data theft and costly business disruptions
EY and CrowdStrike have partnered to develop a comprehensive risk assessment reviewing a company’s preparedness to defend against and recover from a ransomware attack, with specific focus on vulnerability management, assessment of endpoint controls aligned to attacker techniques, securing of privileged identities, and assessment of disaster recovery programs with regards to preparedness for direct targeting by ransomware groups.
Ernst & Young LLP (EY US) is well-known for employing a diverse and deep bench of cyber talent. We’ve brought in highly experienced professionals from some of the largest technology companies in the world and paired them with executives from the most pioneering technology start-ups. We combine that with leaders who have served in the public sector through the FBI, the CIA and Homeland Security, and through the U.S. Army, Air Force and Marines. Our ecosystem of talent allows us to bring a broad perspective, deep experience and innovative strategies. Our ecosystem of talent allows us to bring a broad perspective, deep experience and innovative strategies in:
- Cyber threat readiness and response
- Cyber strategy and security architecture
- Security operations and managed services
- Cyber risk identification and reduction
- Risk governance and compliance
- Technology and innovation
EY and CrowdStrike work with companies to ensure they are better prepared for the threats that face them, ensure their defences are stronger, and are positioned to respond and recover to a successful attack when one occurs. Through the alliance, clients will be enabled to align threats to their defensive controls, measure the effectiveness of controls with regards to the changing trends of attacker techniques, respond to attacks in a more comprehensive manner, and remediate and recover from impactful attacks to enable focused improvement in areas needed.
Zero trust refers to the security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead, an organization must verify anything and everything trying to connect to its systems before granting access. Zero trust breaks down into six key areas:
EY supports the CrowdStrike Falcon platform as a zero trust leader in the Identity, Application, and Devices pillars of the zero trust framework.
EY’s alliance with CrowdStrike simplifies the adoption of a zero trust framework by leveraging the CrowdStrike Zero Trust solution which enables secure access to applications from any endpoint, regardless of the user or location. Utilizing the expansive telemetry of the CrowdStrike Falcon® platform that processes over 5 trillion events a week, the solution grants dynamic conditional access based on continuous real-time security posture assessments of device health and compliance checks.