CrowdStrike – Why your IT Team are partly to blame
CrowdStrike was recently put in the spotlight, with their technical issue that brought many companies to their knees globally but who is CrowdStrike? What went wrong? Could your IT Team have really prevented the issue from affecting your systems? Our CEO David Davies explains more.
CrowdStrike is a Texas based cyber security company who have been named as market leaders in security by Gartner and Forrester in 2023 and 2024. They specialise in next-generation endpoint protection, threat intelligence and response services.
Their recent problematic IT release literally brought the world to a standstill. Even though the issue impacted Microsoft customers, Microsoft was not involved and the CrowdStrike service is not part of the Microsoft solution stack. It is a separate service for cybersecurity and only Microsoft customers that also used CrowdStrike were affected. This was due to a software update that CrowdStrike made to their own security service, which subsequently caused Microsoft Windows operating systems to crash. The bug wasn’t picked up in CrowdStrike testing meaning the update was pushed out automatically to all customers, unbeknownst to them that there was a huge problem it.
Many of the world's best-known brands trust them with their cyber protection plus use Microsoft services, which is why the issue caused havoc globally impacting airlines, retail, TV, banking and healthcare.
While most of the world is blaming CrowdStrike, we have a different take on it. We think the responsibility also sits with the IT teams of all those customers affected. How could they have stopped the update from affecting their company? It’s simple – resiliency planning.
Some may think that they don’t need to do this anymore and that they can rely on software suppliers to take care of their tech services, especially with the reliance today on cloud. We think that internal resiliency planning is a much more foolproof method. It may be seen as old school, but IT departments have sometimes become too complacent when it comes to software updates, trusting third parties with their whole IT infrastructure. Some control should still be retained.
It ought to be standard practice that updates and patches from third party suppliers are contained and tested on only a few devices before being rolled out company wide. With the best will in the world mistakes happen. Why would you let your company be a guinea pig with new software updates that you have no control over? Limit any automatic updates to a select number of devices and then wait for a couple of days to see if any issues occur. If everything is fine, then you can happily allow this update to go out company wide.
If you are already doing this then great, your company should be protected and maybe CrowdStrike didn't affect you. If you don’t do this then it’s time to get a new plan in place. Part of the IT Team? Suggest this as new best practice with all third-party updates. Not in the IT Team? Book a meeting with them now and see if this is something they already do, if not then suggest this as an idea. It could make the difference between your company trading or not, and potentially losing thousands if not millions of pounds when the next IT disaster (and trust us, there will be another one), comes along.
If you need guidance and support with your IT resiliency plans, then get in contact today: Contact | Navos Technologies