In an interview with CRN, Kurtz said the recent Microsoft cloud email breach and frequent bypasses of Microsoft Defender by hackers are just two symptoms of the tech giant’s massive cybersecurity problem.
Kurtz On The Record
The breach of Microsoft cloud email accounts belonging to multiple U.S. government agencies, discovered in June, is just the latest high-profile indicator that Microsoft’s “architectural flaws” pose a massive security risk that few can ignore, according to CrowdStrike CEO George Kurtz. While Microsoft’s strategy of bundling numerous applications and security tools into Microsoft 365 software licenses has proven appealing to many cost-conscious customers, a growing share of organizations are recognizing that the security trade-offs are not worth it, Kurtz said in a recent interview with CRN.
“[It’s] death by a thousand cuts,” he said. “It’s the technology which is insecure, which is your zero-day Tuesdays. It’s things like the U.S. government being breached because of Microsoft’s failures. There’s only so many opportunities to say, ‘Hey, you get it for free, use it’ when people are saying, ‘Well, you’re putting us at risk.’ And that’s really what we’re hearing from customers—Microsoft is putting them at risk.”
[Related: CrowdStrike Reports Surging Adoption Of Identity, Cloud Security Tools]
That holds true not only for Microsoft’s productivity software and Windows operating systems, but also for its Defender security tools, Kurtz said. According to CrowdStrike findings, in 75 percent breaches of Microsoft customers that CrowdStrike’s incident response team has investigated over the years, Defender was in use but was bypassed by attackers. “It really is the fox guarding the henhouse,” Kurtz said. And, he added, it’s proven to be a major source of new business for CrowdStrike, which competes with Microsoft on endpoint security and increasingly in a variety of other categories. “We routinely convert customers that have been breached using Microsoft security technologies into CrowdStrike customers,” Kurtz said.
Ultimately, Microsoft security issues “are putting millions and millions — tens of millions — of customers at risk,” he said.
In a statement to CRN, Microsoft said that “cybersecurity is a top priority for Microsoft and has been for over 20 years.” Additionally, “we believe collaboration and partnership across the security industry is essential to stay ahead of expansive advanced threats and find the
aggressive competitive framing of security issues unfortunate,” Microsoft said.
Chorus Of Critics
While Kurtz has been a vocal critic of Microsoft in recent years — in the wake of widely felt attacks that exploited its technology such as the SolarWinds compromise — he’s far from alone in that regard in the cybersecurity industry. In an interview with CRN in August, Tenable CEO Amit Yoran pointed to a “pattern of behavior” from Microsoft that “undermines security” — and in a LinkedIn post at the same time, accused Microsoft of “grossly irresponsible” handling of a critical Azure vulnerability. And earlier this month, Wiz CTO Ami Luttwak told CRN that Microsoft still has many troubling questions to answer over the cloud email breach that impacted U.S. government accounts. The breach, which reportedly affected agencies including the State Department and Commerce Department, has prompted U.S. Sen. Ron Wyden to request a federal investigation to determine “whether lax security practices by Microsoft” led to the hack.
In speaking with CRN, Kurtz said incidents such as the breach are nothing short of “scary,” given what they show about attackers’ ability to exploit Microsoft security weaknesses.
SMB Push
Kurtz, who co-founded CrowdStrike in 2011, also discussed the cybersecurity giant’s push into the SMB market with the help of channel partners. Increasingly, that will include MSPs, thanks in part to CrowdStrike’s “game-changing” partnership with cloud-focused distributor Pax8, Kurtz said. CrowdStrike has also released Falcon Go—a more affordable version of its acclaimed Falcon security platform—which offers the “core elements of what’s needed [by SMBs] in terms of prevention and visibility,” he said.
During the interview, Kurtz also discussed CrowdStrike’s growing reliance on channel partners overall for enabling the company’s growth streak to continue. The Austin, Texas-based company disclosed that annual recurring revenue reached nearly $3 billion as of the end of July, up 37 percent year-over-year, while quarterly revenue beat Wall Street estimates despite the ongoing economic uncertainty. Notably, “most of our new business is coming from partner-sourced opportunities, which is fantastic,” Kurtz told CRN. “We need to expand that out.”
The strategy, he said, is “to continue to invest and enable our partners. And I think that’s an area that we really want to focus on.” On Monday, the company unveiled its new channel program, CrowdStrike Accelerate, which introduces new incentives, improved training and increased support resources for partners. The launch of Accelerate constitutes the biggest overhaul of CrowdStrike’s partner program since it debuted in 2015, the company said.
Kurtz also discussed CrowdStrike’s new generative AI-powered technology, Charlotte AI, as well as the company’s efforts at expanding more broadly within the IT tools space.
What follows is an edited portion of CRN’s interview with Kurtz.
