The CrowdStrike Incident Means Companies Must Review Their Cloud Strategies

Uploaded on 2024-07-23 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The global disruption caused by the CrowdStrike software update failure, which led to a global outage of MS Windows systems resulting in 8 million computers crashing and has sent shockwaves through the IT community. The outage brings severe economic consequences, as well as having a widespread impact on the healthcare and airline sectors, as the personal well-being of those affected. 

The CrowdStrike incident affected computers running Microsoft Windows across various sectors, including airlines, banks, retailers, brokerage houses, media companies, and railways. 

The travel sector was notably impacted, with airlines and airports in Germany, France, the Netherlands, the UK, the US, Australia, China, Japan, India, Singapore, and Taiwan facing significant issues with check-in and ticketing systems, leading to flight delays and airport chaos. 

CrowdStrike is used by thousands of the biggest brands and companies around the world. The issue began when an error in the code of their Falcon system, which is designed to prevent cyber attacks, resulted in an error message across millions of Windows 10 PCs, taking out critical systems and IT infrastructure.

For CISOs, the event serves as a stark reminder of the inherent risks associated with over-reliance on a single vendor, particularly in the cloud. The incident, which saw IT systems crashing and displaying the infamous ‘Blue Screen of Death’ exposed the vulnerabilities of heavily cloud-dependent infrastructures.

While grappling to understand and rectify the problems causes bu their own defective work, Crowsdtrike also struggled to communiniacte with end-users::-

  • “Customers are advised to check the support portal for updates. We will also continue to provide the latest information here and on our blog as it’s available. We recommend organisations verify they are communicating with CrowdStrike representatives through official channels." read one statement.
  • “We assure our customers that CrowdStrike is operating normally and this issue does not affect our Falcon platform systems. If your systems are operating normally, there is no impact to their protection if the Falcon sensor is installed,” said another CrowdStrike update.

While the issue is being slowly resolved, it has cerainy  served to demonstrate the potential for catastrophic consequences when a critical security component fails. This has forced CISOs to question the resilience of their cloud environments and explore alternative strategies. In particular, CISOs to revisit and fortify their cloud strategies and implement robust risk management practices, enhancing security measures, and diversifying cloud solutions, organisations can better protect themselves against future disruptions. 

As the cyber security  industry grapples with the implications of this event, the focus must shift towards building resilient, adaptable, and well-tested cloud strategies to navigate an increasingly complex digital landscape. This should include the following:

  • Empower authorised system administrators to fix the problems quickly and effectively: This includes backing up hard disk encryption keys (BitLocker or another third party), as these may be critical for recovery in such instances, as well as using privileged identity management solutions for break-glass emergency situations.
  • Communicate effectively and clearly: Communicate clearly, both internally and externally, on the impacts, status, and progress of your remediation efforts. Enlist marketing and PR to craft that messaging. Stay grounded on the realistic impacts (not the theoretical worst-case scenario), and keep an even tone.
  • Re-evaluate third-party risk strategy:  If a third-party risk management program is overly focused on compliance, you’ll likely miss significant events like this one that impact even compliant vendors. 

Business  leaders can’t afford to ignore assessing their service supplier against multiple risk domains such as business continuity and operational resilience, not just cybersecurity. They also need to map their third-party ecosystem to identify significant concentration risk among vendors, especially those that support critical systems or processes.

  • Use the contract as a risk mitigation tool: Tech leaders along with procurement and legal teams should update language to include new security and risk clauses that assign accountability during disruptive events and clearly outline timeframes for vendors to patch and remediate. 
  • Use such incidents as a basis for implementing measures in contracts and service-level agreements: If vendors push back, you’ll need to consider whether the price you negotiated still makes sense and, possibly, whether to do business with them at all.

CrowdStrike is a $multibillion corporation and will likely survive, but, its commercial reputation and those of services suppliers with a similar degree of responsibilty, simply cannot risk  another incident like this.

Crowdstrike   |   Microsoft   |   CIO   |   BBC   |   Forbes   |   NextGov   |    GBNews 

Image: BigNazik

You Might Also Read: 

Resilience Is Essential To Protecting Critical Infrastructure:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Proposed British Digital Information & Smart Data Bill
Beware The Ghost Stories Of Cyber Space »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Red Hat

Red Hat

Red Hat is a leader in open source software development. Our software security team proactively identifies weaknesses before they become problems.

KnowBe4

KnowBe4

KnowBe4 is an integrated platform for security awareness training combined with simulated phishing attacks.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

PCI Compliance Guide

PCI Compliance Guide

The PCI Compliance Guide is one of the leading educational websites available focused exclusively on PCI compliance.

Plurilock Security Solutions

Plurilock Security Solutions

Plurilock is a real-time cybersecurity solution that uses artificial intelligence to identify, prevent, and eliminate insider threats.

Penningtons Manches Cooper

Penningtons Manches Cooper

Penningtons Manches Cooper is a leading UK law firm providing high quality legal advice in areas including Data Protection, Cyber Security and Cyber Crime.

Guardian Data Destruction

Guardian Data Destruction

Guardian Data Destruction provides a comprehensive suite of onsite e-data destruction services.

ZecOps

ZecOps

ZecOps is a cybersecurity automation company offering solutions for servers, endpoints, mobile devices, and custom devices.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

Qrator Labs

Qrator Labs

Qrator Labs is a leader in DDoS attack mitigation, helping organizations protect their websites from the most harmful, sophisticated DDoS attacks.

Protected Media

Protected Media

Protected Media’s advanced cybersecurity ad fraud solution guards you against current and emerging threats across Connected TV, Display and Video advertising.

Cyral

Cyral

Easily observe, control, and protect your data endpoints in a cloud and DevOps-first world. Discover Data Mesh Security with Cyral.

Primus Institute of Technology

Primus Institute of Technology

At Primus Institute of Technology our mission is to inspire, support, and empower current and aspiring IT professionals through training and career development workshops.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.

RedNode

RedNode

RedNode is a cybersecurity service provider that offers customized security testing solutions to protect any size of business worldwide.

Calamu

Calamu

Calamu is a software-defined storage security and resiliency platform that keeps your data secure and accessible wherever you choose to store it.