The CrowdStrike outage serves as a deterrent tale for organizations of all sizes to reiterate how important it is to be resilient in nature to face incidents effectively without business impact.
This is an exclusive article series conducted by the Editor Team of CIO News with Kavitha Srinivasulu, Global Head – Cyber Risk & Data Privacy: R&C BFSI – Tata Consultancy Services (TCS).
A recent CrowdStrike outage on July 19th, 2024, was a big hit in history that affected more than 8.5 million Windows devices across the industries. A software update by CrowdStrike firm triggered systems issues that grounded flights, forced broadcasters off air, and left customers without access to services in various sectors. This global IT outage affected Windows computers running CrowdStrike’s software, causing widespread disruptions across various sectors, including airlines, hospitals, banks, and government agencies.
An unexpected fault in the software update of Falcon Sensor (the endpoint protection programme of CrowdStrike) caused the Windows operating system to crash and several users were faced with the Blue Screen of Death (BSOD). This BSOD flashed on a user’s screen, suddenly halting complete access to their devices linked to CrowdStrike’s Falcon platform. CrowdStrike is a cybersecurity firm that provides antivirus software to Microsoft for its Windows devices. Hence, a huge number of Windows devices were highly impacted due to this unexpected disruption. Clients experienced downtime in security monitoring and threat detection services, leading to operational disruptions.
A robust business continuity planning (BCP) and disaster recovery (DR) function is very important to enable businesses to protect operations, sustain business, re-assure customer confidence during disruptions, and reduce business impact. The CrowdStrike outage serves as a deterrent tale for organizations of all sizes to reiterate how important it is to be resilient in nature to face incidents effectively without business impact. It also emphasizes the need for organizations to relook into their current cybersecurity posture to improve their business resilience and safeguard the business environment.
CrowdStrike Outage Business Impact:
The CrowdStrike outage had an immediate and evident impact on businesses across various sectors. Many businesses rely on CrowdStrike for real-time threat detection and mitigation. Due to the high dependency the organizations were having on CrowdStrike services, they were left exposed to potential cyber threats with this unexpected disruption.
Key impacts include:
- Operational Disruptions: Organizations experienced significant operational disruptions as they were highly dependent on CrowdStrike services to deliver some of their critical services.
- Customer Trust: banks, airlines, supermarkets, and hospitals had to close or struggle to deliver a few services due to checkout system failures.
- Data Integrity: Concerns over data integrity and loss were vital. Organizations were afraid of losing potential data or corruption of some important data files due to this unexpected huge outage.
- Financial Losses: The downtime resulted in financial losses due to ceased operations, missed transactions, and operating zero tolerance projects.
- Reputation Damage: Trust in CrowdStrike’s reliability took a major hit; even though CrowdStrike was able to recover effectively within a few hours, the reliance on the service provider raised the concerns.
Best Practices to Reduce Security Incidents:
The CrowdStrike outage highlights the critical need for robust business continuity planning (BCP), disaster recovery (DR), and business resilience to manage the unexpected disruptions effectively with minor or no impact.
Some of the key activities recommended to increase business and operational resilience are:
- Reducing Downtime: Identify and mitigate potential risks, including natural disasters and cyber threats. Ensuring rapid system restoration to minimize operational disruption.
- Data Backups: Protecting critical data through regular backups and replication strategies.
- Reputation & Trust: Service and security assurance to customers with preparedness and continuity of services.
- Financial Investment: Ensuring the right investment is made to improve the current cybersecurity posture to increase cyber resilience. Invest in backup systems and failover solutions to ensure continuity of operations.
- Regular Testing & Monitoring: Regularly test plans to verify effectiveness of incident response and continuous monitoring to eradicate the unforeseen risks/threats.
- Regulatory Compliance: Meeting industry standards and regulatory requirements to enhance overall business resilience.
- Regular Audits and Assessments: Regular audits of the infrastructure and periodic assessments of the environment can help organizations to identify the unforeseen risks or vulnerabilities in a timely manner and ensure that organizations are prepared for facing unexpected disruptions.
Improving Cyber Resilience:
The global outage caused by an update to CrowdStrike Falcon, CrowdStrike’s endpoint detection and response (EDR) system, served as an explicit reminder of the importance of a layered cyber security control in place to achieve and increase cyber resilience in this digital landscape. As seen in the CrowdStrike incident, a faulty update or variance with other software can trigger an unexpected impact on devices used, causing widespread disruption. So, it’s very important that the organizations take proactive approaches to identify, mitigate, and improve the system’s resilience to ensure that they are prepared to face the unexpected disruptions in an effective manner. Some of the key recommendations include:
CrowdStrike was able to recover efficiently in a couple of hours; however, the global impact was evident and had a high impact on business services. The CrowdStrike outage serves as an important reminder to all organizations that no organization is fully resilient to face disruptions and a key intervention is required across all the business functions to evaluate and improve the current business resilience.
About Kavitha Srinivasulu
Kavitha Srinivasulu is an experienced cybersecurity and data privacy leader with over 20 years of experience focused on risk advisory, data protection, and business resilience. She has demonstrated expertise in identifying and mitigating risks across ISO, NIST, SOC, CRS, GRC, RegTech, and emerging technologies, with diverse experience across corporate and strategic partners. She possesses a solid balance of domain knowledge and smart business acumen, ensuring business requirements and organizational goals are met.
Disclaimer: The views and opinions expressed by Kavitha in this article are solely her own and do not represent the views of her company or her customers.
Also read: Achieving Rapid Outcomes with AI-Driven Cloud Analytics
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
