Lessons from the CrowdStrike Outage: Protect Your Business
Crowdstrike outage: On the 19th July, 2024, businesses worldwide were hit by a significant cybersecurity incident when a flawed update to CrowdStrike’s Falcon platform caused widespread system crashes, primarily affecting Windows machines. The update led to what’s known as the “Blue Screen of Death” (BSOD), resulting in continuous reboot cycles that severely disrupted operations in sectors such as air travel, healthcare, and financial services. The consequences were immediate and severe, with thousands of flights delayed and healthcare providers struggling to access critical electronic health records.
What Caused the Outage?
The root cause of the Crowdstrike outage was a defective sensor update intended to enhance security within CrowdStrike’s Falcon software. However, an undetected error in the code led to massive system failures. CrowdStrike responded swiftly by deploying a fix and working with affected businesses to restore their systems.
Key Takeaways for Businesses:
- Vendor Risk Management: Ensure that your organisation thoroughly assesses the risks associated with third-party vendors, especially those providing critical cybersecurity services. Have contingency plans in place to mitigate potential disruptions.
- Business Impact Assessments (BIA): Regularly conduct BIAs to identify which business functions are vital and how a disruption could impact them. This will help prioritise recovery efforts and allocate resources more effectively during an incident.
- Incident Response Planning: Strengthen your incident response plans to ensure your business can quickly address and recover from outages. This includes staff training, clear communication protocols, and reliable data backups.
- Diversification and Redundancy: Consider diversifying your vendors and implementing redundancy strategies. This might involve using multiple providers for critical services or maintaining backup systems to reduce the impact of an outage.
The CrowdStrike outage serves as a stark reminder of the importance of robust cybersecurity measures and planning. By learning from this incident, businesses can better prepare for and mitigate the impact of future disruptions, ensuring continuity and resilience in an increasingly digital world.