Palo Alto & Crowdstrike Acquisitions: Addressing Only Half the Zero Trust Equation

The recent acquisitions of Flow Security by CrowdStrike and Dig Security by Palo Alto Networks represent a significant shift in the cybersecurity landscape. Both acquisitions are strategically similar, as they exemplify the consolidation of the zero trust control plane from the outside in, with security controls increasingly moving closer to the data itself.

The Acquisitions Mark the Importance of Data Security Posture Management

Traditionally, cybersecurity measures have focused on protecting the perimeter of an organization's network. However, with the growing adoption of cloud services and the increasing distribution of data across various platforms, it has become evident that a more comprehensive approach to data security is necessary. CrowdStrike and Palo Alto Networks have recognized this need and have taken steps to bolster their data protection capabilities by acquiring Flow Security and Dig Security, respectively.

These acquisitions highlight the importance of Data Security Posture Management (DSPM) in the modern cybersecurity landscape. DSPM solutions help organizations discover, classify, and protect data in all states, whether at rest or in motion, as it flows through the cloud, on-premises, and within applications. By integrating DSPM capabilities into their existing platforms, CrowdStrike and Palo Alto Networks will empower their customers to consolidate cloud point solutions and protect their entire cloud estate more effectively.

One Thing's Missing: The Offensive Play

While these acquisitions represent a significant step forward in the evolution of zero trust security, it is essential to recognize that they are primarily focused on playing defense and protecting data from unintentional loss due to malicious theft or honest mistakes.

However, truly comprehensive zero trust security requires organizations to take a two-pronged approach:

1. Play defense by protecting sensitive data that we possess from unintentionally leaving, and
2. Play offense by being proactive and having agency to control sensitive data that is intentionally shared with others.

Play Better Zero Trust Offense with Layered Security with Virtru

To play better zero trust offense, organizations can leverage solutions like Virtru to govern sensitive data intentionally shared externally via email, file, and SaaS workflows. Virtru products are powered by the Trusted Data Format (TDF) and enable organizations to maintain control over their data even after it’s been shared with others.

How does it work? Virtru products apply granular access controls and encryption that persist with the data wherever it travels. By implementing such proactive measures, organizations can increase shareholder value by sharing data with others without sacrificing security, privacy, or control.

When organizations have control over their data destiny – the ability to protect their information with cryptographic controls, securely share it with chosen entities, and retain the ability to revoke access if necessary – they become better stewards of sensitive data.

To achieve truly comprehensive zero trust security, organizations must adopt a proactive approach that goes beyond merely playing defense against external threats. They must also implement granular policy controls on data that they choose to share, ensuring that they maintain agency and control over their sensitive information.

In conclusion, the acquisitions of Flow Security by CrowdStrike and Dig Security by Palo Alto Networks represent a significant shift in the cybersecurity landscape, emphasizing the importance of Data Security Posture Management and the consolidation of the zero trust control plane. However, to achieve truly comprehensive zero trust security, organizations must adopt both defensive and offensive measures, minimizing the risk of unintentional data loss while also proactively controlling and securing data that is intentionally shared with others.

Virtru helps organizations play better zero trust offense by giving them simple tools to maintain agency over sensitive information shared with others – which enables them to increase shareholder value.