Interview: Zeki Turedi On CrowdStrike’s Security Platform And The Opportunities Of AI
Expert Insights interviews Zeki Turedi, Field CTO for Europe at CrowdStrike, ahead of the 2023 Infosecurity Europe conference in London.
By Joel WittsUpdated Aug 10, 2023
Up until a few years ago, the “core modus operandi” for cybercriminals was to disrupt endpoint devices in order to compromise your network, Zeki Turedi, Field CTO for Europe at CrowdStrike, tells Expert Insights. Gaining access to your endpoint devices meant getting a foot in the door of your network perimeter, the first step to unlocking the crown jewels of your organization.
But increasingly, the endpoint perimeter no longer exists. Over the past five years, we have seen immense digital transformation as organizations have shifted business critical applications and workloads to the cloud. The way we work has changed too, as users increasingly use their personal devices—such as smartphones, tablets, and even IoT devices—to work from anywhere in the world.
In this redefined endpoint security landscape, CrowdStrike is one of the dominant market leaders. The company offers a broad portfolio of automated security solutions, such as the Falcon suite of endpoint protection and extended detection and response (XDR solutions).
You can listen to our full interview with Zeki Turedi on the Expert Insights podcast:
The Opportunities Of AI
CrowdStrike is one of the leading innovators in developing and deploying AI-powered cybersecurity technologies. Expert Insights spoke to Turedi ahead of the 2023 Infosecurity Europe Conference, where we’re likely to hear a lot of debate about the impact of AI on the security industry. “I have a feeling we’ll be hearing the words AI over and over again! But I think there’s a lot of truth and reality we need to recognize about the topic,” he says.
Turedi offers some caution on the AI hyperbole in the security industry today. “A bit of reality – AI is not something that just appeared in the last several months with ChatGPT. AI has been around for a very long time and, actually, artificial intelligence has been used in the security domain for a long time as well. Because it helps organizations; it helps automate a lot of complex work very quickly and efficiently.”
CrowdStrike’s security platform uses many AI and machine learning systems to improve threat detection capabilities for new and emerging endpoint threats, and to help reduce false positives. The company has also recently introduced a new generative AI chatbot named “Charlotte AI”, enabling users to ask natural language questions to CrowdStrike’s Falcon platform, and receive real-time answers.
“We do see attackers utilizing artificial intelligence to try and create more realistic phishing attacks or be able to automate polymorphic malware more frequently,” Turedi says. “But the great thing about using AI to tackle AI, is it’s very much built to deal with those problems.” AI can be used to help organizations better manage the complex security threat landscape, powering XDR solutions that can conduct large-scale analytics across inter-connected networks such as email, identity, and the endpoint. “That data can actually help us identify threats quicker, more effectively, before it’s too late,” he explains.
“We are at this stage now where we can really reap the reward [of AI]. The attack velocity that organizations are seeing is ridiculous. Even a small organization that, five years ago, would have one incident a month, could now be dealing with hundreds a day. That capacity strains resources. We have an opportunity to use AI to be able to use those human resources in the best possible way, by firstly identifying those attacks before they become a problem.
“But there’s also an upskilling challenge we have in security. We need more people able to do complex stuff. And for me, it’s an idea about passive education. How can we utilize AI to train my junior security analysts to do quite complex hunting? How can we use the experiences of other customers and how they are tackling problems, to then train the AI to empower those users? I think that’s where we have a great opportunity.”
In the current threat landscape, there are many types of bad actors targeting organizations, Turedi explains. This includes a huge uptick in nation state-level activity, but also huge increases in malicious cyber-activity, where many attacks have become very sophisticated and mature.
One of the main reasons for this uptick in attacks is that the barrier to entry for cybercriminals to start targeting organizations has become very low.
“It’s very easy with a few bitcoins and a bit of know-how of where to look to start becoming a cybercrime actor,” Turedi says. “You can start procuring the tools, you can even procure access into businesses through the likes of access brokers. It’s very easy to start targeting organizations and making money out of them.
“That’s the scary bit, because that low, low barrier of entry, means that it’s very easy for sophisticated threat actors to start trying to target organizations. We’ll start seeing more and more of these attacks happening.” Turedi’s recommendation for teams to improve their resilience against cybercrime is to better prepare themselves to face these attacks. “My biggest recommendation is: don’t wait to be attacked. It’s a lot easier, it’s a lot more affordable, it’s a lot cheaper, to actually be proactive when it comes to cyber incidents. It’s very expensive, very complex, and very stressful doing so once you’ve actually had an incident. You never want to learn how to deal with an incident on the job.”
“Be proactive. Understand how you implement security. Work with a partner like CrowdStrike, implement technology like CrowdStrike into your organization to be better secured, but also look into your processes. How would you respond to an incident? How would you communicate? Do you know what law firms you’d work with, if necessary?” Getting these processes in place can lead to much improved security outcomes.
Joel Witts is the Content Director at Expert Insights, meaning he oversees articles published and topics covered. He is an experienced journalist and writer, specialising in identity and access management, Zero Trust, cloud business technologies, and cybersecurity. Joel has conducted interviews with hundreds of industry experts, including directors at Microsoft and Google. Joel holds a First Class Honours degree in Journalism from Cardiff University.