The CrowdStrike Incident: What CIOs Need to Know

by | Aug 6, 2024 | Cybersecurity

On July 19, 20204, the cybersecurity firm CrowdStrike released a routine software update that inadvertently crashed about 8.5 million Windows devices. The update, which was meant to enhance cybersecurity features, contained a bug. Hence, it ended up mimicking the outcome of a widespread cybersecurity attack. Flights were canceled, medical procedures were delayed, and several other businesses were disrupted.

CIOs are still reeling from the incident. The scare has left many wondering what they could do to improve their cybersecurity in the face of an actual threat. They must also consider how the incident will impact future operations.

A Mistrust of Automation

The CrowdStrike update was automated meaning, based on computer settings, it occurred without additional permissions. This strategy is generally recommended as it ensures systems are protected against emerging threats. However, the CrowdStrike incident will make CIOs wonder if automation is the way to go.

Experts now recommend canary deployment which involves testing software updates under controlled conditions before adapting it system-wide. Digital twin models and synthetic data analysis can be integrated into the process. However, executives must consider the pros and cons of this deployment strategy.

The advantages include protection from crashes. On the other hand, the testing process is time-consuming and delays systems from accessing updated protection. Executives must weigh the pros and cons and how they pertain to their company to decide.

Emergency Training

CIOs must also review how their teams handled the outage. Were they able to pivot to new systems? Were customers alerted promptly?

If the company experiences significant downtime, they may want to rethink their strategy.

Shivkumar Borade, founder and CMD of Mytek Innovations, describes the measures his company is taking to improve its business continuity plan. He is integrating, “enhanced communication management, featuring multiple layers to ensure all employees are well informed about potential issues and their resolution.”

He also mentioned the company’s in-house developed application remained unaffected during the outage as it worked on a GoDaddy hosting infrastructure. The reliance on multiple providers allowed his business to remain partially functional during the outage. It’s another strategy companies may consider.

Increased Scrutiny of Vendors

Companies may also want to enhance their vetting process when signing with new vendors. Many companies require vendors to fill out questionnaires before a contract is signed. But what do these questionnaires focus on?

In the wake of CrowdStrike, companies may want to revamp their questionnaires to focus on system resiliency, disaster recovery, data protection, business continuity, and their software update status. Increased scrutiny will ensure businesses sign with vendors that offer advanced protection from bugs and outages.

Is Encryption the Best Solution?

Many companies use encryption to protect their data. However, Prakesh Kota, CIO at the software firm Autodesk, revealed that encryption became a hindrance as his company was trying to recover from the CrowdStrike outage.

In a Yahoo Finance article, Kota described his employees struggling to decrypt their devices when attempting to get them online quickly after an outage. He recommends automating decryption to eliminate the need to unlock systems one at a time.

A Muti-Cloud Approach

The reliance on various systems and vendors is essential to avoid downtime when a system goes down. It can be integrated with a multi-cloud approach. Companies may adopt a “cloud first” mantra which starts with a single cloud provider and gradually introduces additional cloud providers following company needs.

A multi-cloud strategy may involve spreading workloads across multiple providers. If one provider has an issue, you can pivot to other cloud systems to keep your operations running.

You may also consider a hybrid cloud approach which combines private and public clouds. This strategy allows companies to have control over sensitive data while accessing public cloud scalability.

Unfortunately, the presence of multiple clouds adds risks and complexity. For example, they can present issues such as misconfigurations and troubleshooting difficulties. They also require advanced vendor management.

Companies must consider the advantages and disadvantages and determine possible mitigation strategies to decide if a multi-cloud approach is the right move for their business.

Identify and Document Critical Business Operations

At this juncture, businesses should identify and document all critical business operations. Doing so will allow IT teams to recognize weaknesses and strengths and conduct tests to determine the best processes for their companies moving forward.

Want to learn more about protecting your company from risk? Sign up for our newsletter today.

Additional Cybersecurity Resources

2024 Trends Shaping Cybersecurity Technology

Creating a Culture of Cybersecurity Awareness

Unveiling the MGM Cybersecurity Incident: Lessons Learned and Strategies for the Future

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

IT executives are invited to register to participate in this exclusive community and receive the latest news and important resources directly to your inbox: