Q&A: Cyber resiliency starts with cyber culture: Insights from Mercury Financial's cybersecurity leaders

Q&A: Cyber resiliency starts with cyber culture: Insights from Mercury Financial’s cybersecurity leaders

Posted on

During the recent Fal.Con event, CrowdStrike Holdings Inc. announced new Cloud Native Application Protection Platform capabilities for its CrowdStrike Cloud Security line of products. These capabilities offer new features like Cloud Infrastructure Entitlement Management, which helps enterprises prevent identity-based threats resulting from improperly configured cloud entitlements across cloud service providers.

So how are these new capabilities affecting actual businesses? Anthony Cunha (pictured, left), chief information security officer of Mercury Financial LLC, and Alex Arango (pictured), deputy chief information security officer of Mercury Financial, offered some insight. Cunha and Arango spoke with theCUBE industry analysts Dave Vellante and David Nicholson at last September’s theCUBE @ Fal.Con event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. (* Disclosure below.)

They discussed cybersecurity issues and CrowdStrike’s role within Mercury Financial[The following content has been condensed for clarity.]

Vellante: Tell us first about Mercury Financial. What are you guys all about? 

Cunha: So Mercury Financial is a credit card company that serves people who are near [a prime credit score]. So be it some kind of hardship in their life — they had … a financial impact, maybe a medical impact, an emergency, something, a death family where somehow their credit was impacted. We give them the opportunity … to build up that credit car score to add livelihood to their ability to be financially stable.

Vellante: When it comes to cybersecurity, no one company can do it alone. Talk a little bit more about the importance of ecosystem and partnerships.

Cunha: I use the metaphor of having a restaurant. So we run a restaurant really well. We know what we want in the menu. We have a chef … but we need excellent ingredients. You make muffins well. Bring your muffin into the restaurant. I want the menu to be rich and empower people. Therefore, no matter what we do when we present it, it’s perfect, it’s palatable.

Nicholson: What would surprise someone who maybe isn’t a security specialist in terms of the things that you’re dealing with as far as threats are concerned?

Arango: The … most common ways that applications and businesses are getting owned right now … [are] misconfigurations on your web app or a vulnerable application or phishing. A lot of development teams, they want to get things to market as soon as possible, and maybe security’s on the back foot.

Cuhna: Everything starts with people. The human firewall has to be front of mind. Security can’t be an afterthought. Cyber resiliency starts with cyber culture.

Nicholson: Do your responsibilities touch on things like fraud detection as well? Is there segregation between what we would think of as IT and the credit card transaction that fires up a red flag?

Arango: It’s definitely important. It’s converging that intel, that fraud intelligence and making it into a process where we’re reducing the risk and the losses that the business is incurring. It’s so important … that we build that culture within the fraud teams, the operational teams … really anybody who has a large stake in whatever the business product is.

Cunha: CrowdStrike will be an integral piece of the overall solution that we have. It hits so many different aspects and looks at so many different potential attack vectors. I think integrating fraud in other parts and other functions of the business will start to see that they can leverage CrowdStrike — that there’s tooling within CrowdStrike innovatively … ahead of the game. And I always like that about CrowdStrike, being way ahead of the game and thinking in front of our adversaries.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of theCUBE @ Fal.Con 2022:

(* Disclosure: CrowdStrike Holdings Inc. and Mercury Financial sponsored this segment of theCUBE. Neither CrowdStrike and Mercury nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *