The CrowdStrike outage in July 2024 has been well-commented on. For those who aren’t familiar, the short of it is that CrowdStrike – a company well known for its Endpoint Detection and Response (EDR) (think: anti-virus software), pushed a software update to all of the subscribers that were internet connected, and due to a bug in the code, crashed all of those Window’s machines. Because of the popularity of CrowdStrike, the result of this was incredibly widespread and affected multiple sectors of the economy.
A few points that I haven’t seen directly commented on as a result of this outage:
- Diversifying your anti-virus / EDR / XDR / etc. Software like these have the highest privilege on your computer as a result of your installation. A bug like the one recently seen can cripple your organization, so diversifying your provider may make sense – this probably makes more sense for larger companies.
- Supply chain attacks, or issues in this case, is a topic of it’s own right that is not new. However, the tech stack a company uses becomes increasingly complex as vendors and products solve more and more niche problems. I am not suggesting bringing your anti-virus in-house, but more of just being aware of the other organizations who have a say an implicit, but loud, say in the operations of your company. In short, is the additional tech that you are integrating worth the risks and overhead.
- Having an understanding and appreciation of the scope that cybersecurity has on other industries. For example, in some airports, the kiosk computers that are used by airline employees in front of the boarding gate went offline due to this outage. To be honest, I was surprised when I saw this. It makes sense, at least at a theoretical level, but exploring alternative ways of defending your network and computers may be worth the effort.
- Lastly, having a pen and paper way of doing things if and when the tech goes down is helpful. Hospitals had issues putting in work orders for patients with this outage. If you are a home service based company, like HVAC or plumbing, and utilize some ticketing software to push out to the field, are you able to pivot and organize via phone calls and hand-written note taking in the event something like this presents itself.
This event was substantial and rare, but it’s consequences were real. The suggestion here is not to create a full-blown business continuity plan or disaster recovery plan because of this, but to at least think through what would happen if some critical systems in your business went down, and how you would be able to continue to operate in the interim until either things were restored, or a long term solution presented itself.
If you found this article interesting, check out some other posts:
- Cybersecurity: A Tale of Two Perspectives
- 5 Unique Cybersecurity Threats You Need to Know to Protect Your SMB
Or head over to the Contact Us page if you have a particular question that you would like answered.