State of Wyoming Looks to Expand CrowdStrike Protections Statewide

With its wild beauty, favorable tax laws and growing tech scene, the State of Wyoming is experiencing a surge in business growth. But with this prosperity comes a rise in cyber risk due to the expanding commerce platforms and digital infrastructure needed to support it.

“We’ve had several large tech companies relocate to Wyoming recently,” explained Jason Strohbehn, Deputy CISO for the State of Wyoming. “With this growth comes a bigger attack surface and more adversary activity to protect against.”

Strohbehn works in the Wyoming Department of Enterprise Technology Services (ETS), where his five-person team is responsible for providing cybersecurity and IT services to 127 state agencies. Back in 2016, ETS began looking for a modern cybersecurity platform to replace its legacy antivirus (AV) solution, which was failing in critical areas. 

“Old tools and techniques don’t work against modern attacks,” said Strohbehn. “Our AV software was missing a lot of detections, plus it was very labor-intensive and process-heavy.”

Today, the State of Wyoming relies on a suite of CrowdStrike products and services to deliver superior cybersecurity across the Wyoming state government. 

24/7 Detection and Remediation

To strengthen its cybersecurity posture, the State of Wyoming went looking for a futureproof cybersecurity platform that’s effective, innovative and able to adapt to ever-evolving attacks. Further, state leadership wanted a strategic partner in the battle against global cybercrime. 

After evaluating several options, the State of Wyoming chose the AI-native CrowdStrike Falcon® XDR platform. Not only was the Falcon platform easily deployed without impacting users, its lightweight agent and AI-powered detection engine delivered the seamless and virtually invisible protection that ETS was looking for.

“We did a proof of concept with CrowdStrike, and by the end, we had department leaders willing to give up line-item budgets in order to procure it,” said Strohbehn. “So many people championed CrowdStrike, it was a no-brainer to go with them.”

With CrowdStrike Falcon® Prevent next-gen antivirus and CrowdStrike Falcon® Insight XDR, the State of Wyoming transformed its endpoint security, replacing its legacy AV with AI-powered protection, and extending industry-leading detection and response across the organization. A few years after the initial implementation, ETS doubled down on CrowdStrike in 2020 with the addition of CrowdStrike Falcon® Complete for 24/7 managed detection and response. 

With Falcon Complete, the State of Wyoming gained a force multiplier for its internal team with around-the-clock expert management, monitoring, proactive threat hunting and end-to-end remediation, delivered by CrowdStrike’s team of dedicated security experts. 

“The constant presence of the Falcon Complete team is like having a 24/7 security operations center. For us to replicate that would require hiring 6-10 employees, plus dealing with all the challenges of fielding such a high-performance team,” said Strohbehn.


Consolidating on the CrowdStrike Falcon Platform

In today’s complex threat landscape, state governments require an array of cybersecurity solutions to detect and stop threats. However, adding new tools and agents is tough on budgets and resource-strapped teams. To add the new protections it needs, the State of Wyoming has embraced cybersecurity consolidation on the Falcon platform.

With the Falcon platform, Strohbehn and his team can easily deploy new protections using the same lightweight agent and command console. Recently, ETS deployed CrowdStrike Falcon® Identity Protection to thwart the growing problem of identity-related attacks. 

“Our team does regular cybersecurity reviews to determine what tools we need to meet the challenge of new attacks. Attackers are now misusing credentials and moving through networks differently,” said Strohbehn. “We were able to deploy CrowdStrike’s identity protection module quickly and without another agent, which is huge for us.” 

Strohbehn acknowledged the synergies of deploying both solutions on the Falcon platform. “CrowdStrike’s endpoint and identity protection solutions are like peanut butter and jelly … they’re good by themselves, but when you put them together, you’ve got something special.” 

The State of Wyoming has realized several benefits from cybersecurity consolidation. “Without the Falcon platform, I’d need a bunch of different tools, which is both hard on my analysts and slows things down. With Falcon, we get the context and enrichment we need to stop attacks without having to draw on multiple solutions.”

Cost savings is another benefit. “If I’m paying for a tool to do something CrowdStrike can do, I can get rid of that tool, which saves us money,” said Strohbehn. “Any time we can replace a product with CrowdStrike, we do. And when we can’t outright replace a tool, we require that any new tools integrate well with CrowdStrike.”

Up Next: Whole-of-State Cybersecurity

To effectively safeguard operations and citizen information, state governments are increasingly looking at a whole-of-state approach to cybersecurity. This involves collaborating across state government, local government and education to protect citizens, data and digital infrastructure.

With full confidence in CrowdStrike based on seven years without a security breach, ETS is working with CrowdStrike to deliver whole-of-state cybersecurity in Wyoming. 

“We’re getting ready to go whole-of-state and provide protections to our cities and counties. We’ve been consulting with CrowdStrike on how to provide cybersecurity down to the local level, while still giving agencies the autonomy to operate independently,” said Strohbehn. 

Strohbehn is bullish on CrowdStrike because, according to him, it just works. 

“We’ve not had a breach since starting with CrowdStrike, so we’ve been very successful,” concluded Strohbehn. “Using CrowdStrike to go whole-of-state is going to be absolutely awesome.”

Additional Resources

Leave a Reply

Your email address will not be published. Required fields are marked *