The CrowdStrike Incident Means Companies Must Review Their Cloud Strategies

Uploaded on 2024-07-23 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The global disruption caused by the CrowdStrike software update failure, which led to a global outage of MS Windows systems resulting in 8 million computers crashing and has sent shockwaves through the IT community. The outage brings severe economic consequences, as well as having a widespread impact on the healthcare and airline sectors, as the personal well-being of those affected. 

The CrowdStrike incident affected computers running Microsoft Windows across various sectors, including airlines, banks, retailers, brokerage houses, media companies, and railways. 

The travel sector was notably impacted, with airlines and airports in Germany, France, the Netherlands, the UK, the US, Australia, China, Japan, India, Singapore, and Taiwan facing significant issues with check-in and ticketing systems, leading to flight delays and airport chaos. 

CrowdStrike is used by thousands of the biggest brands and companies around the world. The issue began when an error in the code of their Falcon system, which is designed to prevent cyber attacks, resulted in an error message across millions of Windows 10 PCs, taking out critical systems and IT infrastructure.

For CISOs, the event serves as a stark reminder of the inherent risks associated with over-reliance on a single vendor, particularly in the cloud. The incident, which saw IT systems crashing and displaying the infamous ‘Blue Screen of Death’ exposed the vulnerabilities of heavily cloud-dependent infrastructures.

While grappling to understand and rectify the problems causes bu their own defective work, Crowsdtrike also struggled to communiniacte with end-users::-

  • “Customers are advised to check the support portal for updates. We will also continue to provide the latest information here and on our blog as it’s available. We recommend organisations verify they are communicating with CrowdStrike representatives through official channels." read one statement.
  • “We assure our customers that CrowdStrike is operating normally and this issue does not affect our Falcon platform systems. If your systems are operating normally, there is no impact to their protection if the Falcon sensor is installed,” said another CrowdStrike update.

While the issue is being slowly resolved, it has cerainy  served to demonstrate the potential for catastrophic consequences when a critical security component fails. This has forced CISOs to question the resilience of their cloud environments and explore alternative strategies. In particular, CISOs to revisit and fortify their cloud strategies and implement robust risk management practices, enhancing security measures, and diversifying cloud solutions, organisations can better protect themselves against future disruptions. 

As the cyber security  industry grapples with the implications of this event, the focus must shift towards building resilient, adaptable, and well-tested cloud strategies to navigate an increasingly complex digital landscape. This should include the following:

  • Empower authorised system administrators to fix the problems quickly and effectively: This includes backing up hard disk encryption keys (BitLocker or another third party), as these may be critical for recovery in such instances, as well as using privileged identity management solutions for break-glass emergency situations.
  • Communicate effectively and clearly: Communicate clearly, both internally and externally, on the impacts, status, and progress of your remediation efforts. Enlist marketing and PR to craft that messaging. Stay grounded on the realistic impacts (not the theoretical worst-case scenario), and keep an even tone.
  • Re-evaluate third-party risk strategy:  If a third-party risk management program is overly focused on compliance, you’ll likely miss significant events like this one that impact even compliant vendors. 

Business  leaders can’t afford to ignore assessing their service supplier against multiple risk domains such as business continuity and operational resilience, not just cybersecurity. They also need to map their third-party ecosystem to identify significant concentration risk among vendors, especially those that support critical systems or processes.

  • Use the contract as a risk mitigation tool: Tech leaders along with procurement and legal teams should update language to include new security and risk clauses that assign accountability during disruptive events and clearly outline timeframes for vendors to patch and remediate. 
  • Use such incidents as a basis for implementing measures in contracts and service-level agreements: If vendors push back, you’ll need to consider whether the price you negotiated still makes sense and, possibly, whether to do business with them at all.

CrowdStrike is a $multibillion corporation and will likely survive, but, its commercial reputation and those of services suppliers with a similar degree of responsibilty, simply cannot risk  another incident like this.

Crowdstrike   |   Microsoft   |   CIO   |   BBC   |   Forbes   |   NextGov   |    GBNews 

Image: BigNazik

You Might Also Read: 

Resilience Is Essential To Protecting Critical Infrastructure:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Proposed British Digital Information & Smart Data Bill
Beware The Ghost Stories Of Cyber Space »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

Group-IB

Group-IB

Group-IB is a leading provider of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property.

Global Secure Solutions (GSS)

Global Secure Solutions (GSS)

Global Secure Solutions is an IT security and risk consulting firm and authorised ISO training partner for the PECB.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

AMETIC

AMETIC

AMETIC, is the Association of Electronics, Information and Communications Technologies, Telecommunications and Digital Content Companies in Spain.

Volexity

Volexity

Volexity is a leading provider of threat intelligence and incident suppression services and solutions.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

MENAInfoSecurity

MENAInfoSecurity

MENAInfoSecurity is a regional leader in information security solutions, assurance services and managed services.

Bridewell

Bridewell

Bridewell provide cost effective Security & Risk Assurance Services across Information Security, Cyber Security, Technology Risk, Security Testing and Data Privacy.

Bitfury Group

Bitfury Group

Bitfury Group is the largest full-service blockchain technology company in the world.

NeuroChain

NeuroChain

NeuroChain is an intelligent ecosystem that is more secure, more reliable and much faster than blockchain.

Two Six Technologies

Two Six Technologies

Two Six Technologies delivers R&D, innovation, productization and implementation expertise in cyber, data science, mobile, microelectronics and information operations.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

StealthPath

StealthPath

StealthPath is focused on endpoint protection, securing the “implicit trust” vulnerabilities of current leading information security solutions.

JLS Technology

JLS Technology

Since 2007, JLS Tech has been recognized as one of the world’s most innovative cybersecurity and technology operations leaders.

Metrics that Matter (MTM)

Metrics that Matter (MTM)

Metrics that Matter redefines how organizations approach cybersecurity by offering unprecedented insight into the value of their assets to criminals and tailored action plans to protect.