The Day the Digital World Froze: Lessons from a Global Tech Crisis

July 29, 2024

The Windows outage caused by bugs in a CrowdStrike update has brought a lot of attention to the security world, with concerns about how a cybersecurity company could accidentally cause a disruption as bad as some of the worst cyberattacks, bringing back memories of WannaCry and NotPetya. Because cybersecurity is such a universal concern, as it should be, CrowdStrike was installed across devices in countless different business sectors. Airports, banks, hospitals, and many more critical infrastructure services were all affected. While it is good that all these services had devices with CrowdStrike installed, meaning that they were taking measures to protect themselves, this ended up becoming a single point of failure when an update caused these crashes.

It’s easy to blame CrowdStrike for creating this problem in the first place, and while it certainly highlights systemic issues in quality assurance as a whole in the tech industry, the basic fact is that accidents happen, and no amount of quality assurance will ever provide a one hundred percent guarantee of freedom from bugs.

The largest problem is that too many companies were relying on CrowdStrike, and only CrowdStrike, for their cybersecurity solutions. A single point of failure provides too many risks. It would be wise for the recent trend of consolidation to be reversed, and for companies to employ a multi-vendor strategy for their managed detection and response needs. This not only is more robust in the face of failure, but allows for multiple perspectives on the cybersecurity problems faced by companies on a daily basis, providing more tools to solve them with.

More from Blackwired

December 16, 2024

CISOs need to consider the personal risks associated with their role

CISOs face personal liability for cybersecurity incidents, boosting accountability but increasing stress and deterring professionals.

Read more
December 9, 2024

The Shocking Speed of AWS Key Exploitation

AWS keys exposed online are exploited in minutes, highlighting the need for faster detection and response to prevent breaches.

Read more
December 2, 2024

Advanced Cyberthreats Targeting Holiday Shoppers

The holiday season sees increased e-commerce scams, with AI-driven phishing, fake sites, and data theft targeting consumers and businesses.

Read more