The CrowdStrike Incident Means Companies Must Review Their Cloud Strategies

Uploaded on 2024-07-23 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The global disruption caused by the CrowdStrike software update failure, which led to a global outage of MS Windows systems resulting in 8 million computers crashing and has sent shockwaves through the IT community. The outage brings severe economic consequences, as well as having a widespread impact on the healthcare and airline sectors, as the personal well-being of those affected. 

The CrowdStrike incident affected computers running Microsoft Windows across various sectors, including airlines, banks, retailers, brokerage houses, media companies, and railways. 

The travel sector was notably impacted, with airlines and airports in Germany, France, the Netherlands, the UK, the US, Australia, China, Japan, India, Singapore, and Taiwan facing significant issues with check-in and ticketing systems, leading to flight delays and airport chaos. 

CrowdStrike is used by thousands of the biggest brands and companies around the world. The issue began when an error in the code of their Falcon system, which is designed to prevent cyber attacks, resulted in an error message across millions of Windows 10 PCs, taking out critical systems and IT infrastructure.

For CISOs, the event serves as a stark reminder of the inherent risks associated with over-reliance on a single vendor, particularly in the cloud. The incident, which saw IT systems crashing and displaying the infamous ‘Blue Screen of Death’ exposed the vulnerabilities of heavily cloud-dependent infrastructures.

While grappling to understand and rectify the problems causes bu their own defective work, Crowsdtrike also struggled to communiniacte with end-users::-

  • “Customers are advised to check the support portal for updates. We will also continue to provide the latest information here and on our blog as it’s available. We recommend organisations verify they are communicating with CrowdStrike representatives through official channels." read one statement.
  • “We assure our customers that CrowdStrike is operating normally and this issue does not affect our Falcon platform systems. If your systems are operating normally, there is no impact to their protection if the Falcon sensor is installed,” said another CrowdStrike update.

While the issue is being slowly resolved, it has cerainy  served to demonstrate the potential for catastrophic consequences when a critical security component fails. This has forced CISOs to question the resilience of their cloud environments and explore alternative strategies. In particular, CISOs to revisit and fortify their cloud strategies and implement robust risk management practices, enhancing security measures, and diversifying cloud solutions, organisations can better protect themselves against future disruptions. 

As the cyber security  industry grapples with the implications of this event, the focus must shift towards building resilient, adaptable, and well-tested cloud strategies to navigate an increasingly complex digital landscape. This should include the following:

  • Empower authorised system administrators to fix the problems quickly and effectively: This includes backing up hard disk encryption keys (BitLocker or another third party), as these may be critical for recovery in such instances, as well as using privileged identity management solutions for break-glass emergency situations.
  • Communicate effectively and clearly: Communicate clearly, both internally and externally, on the impacts, status, and progress of your remediation efforts. Enlist marketing and PR to craft that messaging. Stay grounded on the realistic impacts (not the theoretical worst-case scenario), and keep an even tone.
  • Re-evaluate third-party risk strategy:  If a third-party risk management program is overly focused on compliance, you’ll likely miss significant events like this one that impact even compliant vendors. 

Business  leaders can’t afford to ignore assessing their service supplier against multiple risk domains such as business continuity and operational resilience, not just cybersecurity. They also need to map their third-party ecosystem to identify significant concentration risk among vendors, especially those that support critical systems or processes.

  • Use the contract as a risk mitigation tool: Tech leaders along with procurement and legal teams should update language to include new security and risk clauses that assign accountability during disruptive events and clearly outline timeframes for vendors to patch and remediate. 
  • Use such incidents as a basis for implementing measures in contracts and service-level agreements: If vendors push back, you’ll need to consider whether the price you negotiated still makes sense and, possibly, whether to do business with them at all.

CrowdStrike is a $multibillion corporation and will likely survive, but, its commercial reputation and those of services suppliers with a similar degree of responsibilty, simply cannot risk  another incident like this.

Crowdstrike   |   Microsoft   |   CIO   |   BBC   |   Forbes   |   NextGov   |    GBNews 

Image: BigNazik

You Might Also Read: 

Resilience Is Essential To Protecting Critical Infrastructure:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Proposed British Digital Information & Smart Data Bill
Beware The Ghost Stories Of Cyber Space »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

securitycurrent

securitycurrent

Security Current's proprietary content and events provide insight, actionable advice and analysis giving executives the latest information to make knowledgeable decisions.

Federal Office For Information Security (BSI)

Federal Office For Information Security (BSI)

The BSI (Bundesamt fur Sicherheit in der Informationstechnik) is the federal cyber security agency and the chief architect of secure digitalisation in Germany.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

RevenueStream

RevenueStream

RevenueStream uses an innovative algorithmic approach to intercept and prevent payment fraud before it even happens.

VietSunshine

VietSunshine

VietSunshine is a leading provider of network security infrastructure and solutions in Vietnam.

Communications Authority of Kenya

Communications Authority of Kenya

The Authority is responsible for facilitating the development of the information and communications sectors including; broadcasting, telecommunications, electronic commerce and cybersecurity.

eLearnSecurity

eLearnSecurity

eLearnSecurity is an innovator in the IT Security training market providing quality online courses paired with highly practical virtual labs.

Broadcom

Broadcom

Broadcom is a global technology leader that designs, develops and supplies a broad range of semiconductor and infrastructure software solutions.

Qohash

Qohash

With a focus on data security, Qohash supports security, compliance and optimization use cases enhancing your risk management process.

Advantio

Advantio

Advantio offers a unique combination of technologies and managed, advisory and testing services to increase your cyber resilience and compliance.

MoogleLabs

MoogleLabs

MoogleLabs leverage AI/ML, Blockchain, DevOps, and Data Science to come up with the best solutions for diverse businesses.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

Uptime Institute

Uptime Institute

Uptime Institute is an unbiased advisory organization focused on improving the performance, efficiency, and reliability of business critical infrastructure.

Astreya

Astreya

Astreya is the leading IT solutions provider for some of the world's most recognizable and innovative organizations.

Chorus

Chorus

Chorus are a leading Managed Security Service Provider (MSSP), and member of the Microsoft Intelligent Security Association (MISA), with three Microsoft Advanced Specialisations in security.

Interlock

Interlock

Interlock are building blockchain-based security products that solve legacy web2 security issues - phishing and social engineering.