Zero trust is a conceptual destination, not an application. As with all destinations, there are different routes to it, and even different descriptions of it. CrowdStrike (NASDAQ: CRWD) believes it will complete its own zero trust destination on the endpoint by acquiring and integrating SecureCircle’s data encryption into its existing identity and access capabilities.
CrowdStrike announced, November 1, 2021, that “it has agreed to acquire SecureCircle, a SaaS-based cybersecurity service that extends zero trust security to data on the endpoint.”
Financial details have not been disclosed, but the all-cash transaction is expected to complete during CrowdStrike’s fiscal fourth quarter and will enable customers to enforce zero trust at the device level, the identity level, and the data level.
The growth in remote working over the last two years has not merely increased the attack surface, it has simultaneously increased the potential for data loss through the remote workstations. Just as CrowdStrike defined itself as a revolutionary technology designed to replace legacy endpoint protections, it now claims that CrowdStrike plus SecureCircle will remedy DLP’s long-term failure to evolve with the modern enterprise.
“This is why I’m pleased to announce that CrowdStrike has agreed to acquire SecureCircle to modernize data protection and secure data on, from and to the endpoint,” says CTO Mike Sentonas in an associated blog.
“Despite the critical need for data protection to be part of any security strategy today,” he continues, “legacy data loss prevention (DLP) tools have failed to rise to the challenge. As a result, security and risk teams struggle with rampant insider threats (both inadvertent and malicious), resource-intensive policy and control management, and a lagging workforce experience hampered by these burdensome and opaque rule sets.”
Once SecureCircle’s data encryption capabilities are combined with CrowdStrike’s zero trust assessments and Falcon zero trust, customers will have fine-grained visibility and control over their data through user-based data access management and policy enforcement from CrowdStrike’s zero trust scoring system. The intention is for customers to gain continuous risk monitoring that allows detection and response to threats at the device, identity or data layer.
CrowdStrike is bringing data protection and not just data access into its description of the zero-trust destination.
“Data loss prevention has suffered from a lack of innovation, and legacy tools have completely failed to live up to the promise of preventing breaches,” said George Kurtz, co-founder and CEO of CrowdStrike. “At the same time, the endpoint has become the focal point for how data is accessed, used, shared and stored. CrowdStrike will be setting a new standard for endpoint-based data protection by connecting zero trust enforcement to the device, the user identity and, with this acquisition, the data users are accessing and using.”
This purchase strengthens CrowdStrike’s drive into zero trust following the September 2020 acquisition of Preempt Security, a provider of Zero trust and access control technology, in a deal valued at roughly $96 million.
SecureCircle, based in Santa Clara, California, was founded by Jeff Capone in September 2016.