UPDATED 15:00 EDT / APRIL 06 2023

CLOUD

Q&A: Cyber resiliency starts with cyber culture: Insights from Mercury Financial’s cybersecurity leaders

During the recent Fal.Con event, CrowdStrike Holdings Inc. announced new Cloud Native Application Protection Platform capabilities for its CrowdStrike Cloud Security line of products. These capabilities offer new features like Cloud Infrastructure Entitlement Management, which helps enterprises prevent identity-based threats resulting from improperly configured cloud entitlements across cloud service providers.

So how are these new capabilities affecting actual businesses? Anthony Cunha (pictured, left), chief information security officer of Mercury Financial LLC, and Alex Arango (pictured), deputy chief information security officer of Mercury Financial, offered some insight. Cunha and Arango spoke with theCUBE industry analysts Dave Vellante and David Nicholson at last September’s theCUBE @ Fal.Con event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. (* Disclosure below.)

They discussed cybersecurity issues and CrowdStrike’s role within Mercury Financial[The following content has been condensed for clarity.]

Vellante: Tell us first about Mercury Financial. What are you guys all about? 

Cunha: So Mercury Financial is a credit card company that serves people who are near [a prime credit score]. So be it some kind of hardship in their life — they had … a financial impact, maybe a medical impact, an emergency, something, a death family where somehow their credit was impacted. We give them the opportunity … to build up that credit car score to add livelihood to their ability to be financially stable.

Vellante: When it comes to cybersecurity, no one company can do it alone. Talk a little bit more about the importance of ecosystem and partnerships.

Cunha: I use the metaphor of having a restaurant. So we run a restaurant really well. We know what we want in the menu. We have a chef … but we need excellent ingredients. You make muffins well. Bring your muffin into the restaurant. I want the menu to be rich and empower people. Therefore, no matter what we do when we present it, it’s perfect, it’s palatable.

Nicholson: What would surprise someone who maybe isn’t a security specialist in terms of the things that you’re dealing with as far as threats are concerned?

Arango: The … most common ways that applications and businesses are getting owned right now … [are] misconfigurations on your web app or a vulnerable application or phishing. A lot of development teams, they want to get things to market as soon as possible, and maybe security’s on the back foot.

Cuhna: Everything starts with people. The human firewall has to be front of mind. Security can’t be an afterthought. Cyber resiliency starts with cyber culture.

Nicholson: Do your responsibilities touch on things like fraud detection as well? Is there segregation between what we would think of as IT and the credit card transaction that fires up a red flag?

Arango: It’s definitely important. It’s converging that intel, that fraud intelligence and making it into a process where we’re reducing the risk and the losses that the business is incurring. It’s so important … that we build that culture within the fraud teams, the operational teams … really anybody who has a large stake in whatever the business product is.

Cunha: CrowdStrike will be an integral piece of the overall solution that we have. It hits so many different aspects and looks at so many different potential attack vectors. I think integrating fraud in other parts and other functions of the business will start to see that they can leverage CrowdStrike — that there’s tooling within CrowdStrike innovatively … ahead of the game. And I always like that about CrowdStrike, being way ahead of the game and thinking in front of our adversaries.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of theCUBE @ Fal.Con 2022:

(* Disclosure: CrowdStrike Holdings Inc. and Mercury Financial sponsored this segment of theCUBE. Neither CrowdStrike and Mercury nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU