The CrowdStrike Incident Means Companies Must Review Their Cloud Strategies

Uploaded on 2024-07-23 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The global disruption caused by the CrowdStrike software update failure, which led to a global outage of MS Windows systems resulting in 8 million computers crashing and has sent shockwaves through the IT community. The outage brings severe economic consequences, as well as having a widespread impact on the healthcare and airline sectors, as the personal well-being of those affected. 

The CrowdStrike incident affected computers running Microsoft Windows across various sectors, including airlines, banks, retailers, brokerage houses, media companies, and railways. 

The travel sector was notably impacted, with airlines and airports in Germany, France, the Netherlands, the UK, the US, Australia, China, Japan, India, Singapore, and Taiwan facing significant issues with check-in and ticketing systems, leading to flight delays and airport chaos. 

CrowdStrike is used by thousands of the biggest brands and companies around the world. The issue began when an error in the code of their Falcon system, which is designed to prevent cyber attacks, resulted in an error message across millions of Windows 10 PCs, taking out critical systems and IT infrastructure.

For CISOs, the event serves as a stark reminder of the inherent risks associated with over-reliance on a single vendor, particularly in the cloud. The incident, which saw IT systems crashing and displaying the infamous ‘Blue Screen of Death’ exposed the vulnerabilities of heavily cloud-dependent infrastructures.

While grappling to understand and rectify the problems causes bu their own defective work, Crowsdtrike also struggled to communiniacte with end-users::-

  • “Customers are advised to check the support portal for updates. We will also continue to provide the latest information here and on our blog as it’s available. We recommend organisations verify they are communicating with CrowdStrike representatives through official channels." read one statement.
  • “We assure our customers that CrowdStrike is operating normally and this issue does not affect our Falcon platform systems. If your systems are operating normally, there is no impact to their protection if the Falcon sensor is installed,” said another CrowdStrike update.

While the issue is being slowly resolved, it has cerainy  served to demonstrate the potential for catastrophic consequences when a critical security component fails. This has forced CISOs to question the resilience of their cloud environments and explore alternative strategies. In particular, CISOs to revisit and fortify their cloud strategies and implement robust risk management practices, enhancing security measures, and diversifying cloud solutions, organisations can better protect themselves against future disruptions. 

As the cyber security  industry grapples with the implications of this event, the focus must shift towards building resilient, adaptable, and well-tested cloud strategies to navigate an increasingly complex digital landscape. This should include the following:

  • Empower authorised system administrators to fix the problems quickly and effectively: This includes backing up hard disk encryption keys (BitLocker or another third party), as these may be critical for recovery in such instances, as well as using privileged identity management solutions for break-glass emergency situations.
  • Communicate effectively and clearly: Communicate clearly, both internally and externally, on the impacts, status, and progress of your remediation efforts. Enlist marketing and PR to craft that messaging. Stay grounded on the realistic impacts (not the theoretical worst-case scenario), and keep an even tone.
  • Re-evaluate third-party risk strategy:  If a third-party risk management program is overly focused on compliance, you’ll likely miss significant events like this one that impact even compliant vendors. 

Business  leaders can’t afford to ignore assessing their service supplier against multiple risk domains such as business continuity and operational resilience, not just cybersecurity. They also need to map their third-party ecosystem to identify significant concentration risk among vendors, especially those that support critical systems or processes.

  • Use the contract as a risk mitigation tool: Tech leaders along with procurement and legal teams should update language to include new security and risk clauses that assign accountability during disruptive events and clearly outline timeframes for vendors to patch and remediate. 
  • Use such incidents as a basis for implementing measures in contracts and service-level agreements: If vendors push back, you’ll need to consider whether the price you negotiated still makes sense and, possibly, whether to do business with them at all.

CrowdStrike is a $multibillion corporation and will likely survive, but, its commercial reputation and those of services suppliers with a similar degree of responsibilty, simply cannot risk  another incident like this.

Crowdstrike   |   Microsoft   |   CIO   |   BBC   |   Forbes   |   NextGov   |    GBNews 

Image: BigNazik

You Might Also Read: 

Resilience Is Essential To Protecting Critical Infrastructure:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Proposed British Digital Information & Smart Data Bill
Beware The Ghost Stories Of Cyber Space »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ClearedJobs.Net

ClearedJobs.Net

ClearedJobs.Net is a career site and job fair company for professionals seeking careers in the defense, intelligence and cyber security communities.

European Council on Foreign Relations (ECFR)

European Council on Foreign Relations (ECFR)

ECFR is a pan-European think-tank conducting research and promote informed debate on European foreign policy. Cyber security is becoming an intrinsic element of foreign policy debate.

Qualitest Group

Qualitest Group

Qualitest is the world’s largest pure play Quality Assurance and software testing company.

IPCopper

IPCopper

IPCopper specializes in network packet capture appliances for cybersecurity, cybersurveillance and network monitoring, and encrypted data storage.

World Wide Technology (WWT)

World Wide Technology (WWT)

WWT is a technology solution provider in the areas of big data, collaboration, computing and cloud, mobility, networking, security and storage.

Vesta

Vesta

Vesta Corporation is a global provider of a scalable suite of fraud and payment solutions for online commerce.

Infodas

Infodas

Infodas provides Cybersecurity and IT consulting / system integration services as well as a range of innovative Cybersecurity products to public sector and commercial clients.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

Cloudsine

Cloudsine

Cloudsine (formerly Banff Cyber Technologies) is a cloud technology company specializing in cloud adoption, security and innovation.

Sierra Ventures

Sierra Ventures

Sierra Ventures is an early-stage venture firm investing globally with a focus on Next Generation Enterprise and Emerging Technologies.

Advantex Network Solutions

Advantex Network Solutions

Advantex Network Solutions are a leading provider in Mitel, IT Solutions, Networking, and iP surveillance.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

J.S. Held

J.S. Held

J.S. Held is a global consulting firm providing technical, scientific, and financial expertise across all assets and value at risk.

Zitec

Zitec

One of Europe's largest and most prominent full-cycle software development services companies, Zitec is the digital transformation partner to companies in the EU, UK, USA, Canada and ME.

InterSec Inc.

InterSec Inc.

InterSec Inc. is a cybersecurity company that offers a variety of services to small and medium-sized businesses including CMMC Compliance, Program Management, Governance, & Cybersecurity.

Siometrix

Siometrix

Siometrix addresses digital identity fraud. It steals your attacker's time and prevents many prevalent attack vectors.