top of page

What Should You Be Asking Your Team After the CrowdStrike Outage?

In the rapidly evolving business landscape, fostering a culture of innovation and thought leadership is crucial. However, with these advancements come significant responsibilities, particularly in the realm of cybersecurity. Ensuring that your organization is prepared to handle unexpected challenges is as important as driving growth and innovation.


The recent CrowdStrike outage serves as a stark reminder of the vulnerabilities that can arise from even the most trusted cybersecurity solutions. On July 19th, CrowdStrike, a leading provider in the cybersecurity sector, released an update that inadvertently caused crashes on 8.5 million Microsoft Windows PCs and servers. This disruption not only led to the notorious “blue screens of death” but also halted critical services, from ATMs to medical procedures.


What Should You Be Asking Your Team After the CrowdStrike Outage?

While the immediate technical response was essential, this incident underscores the broader role that senior leaders must play in navigating such crises. Beyond the technical fixes, there's a need for strategic oversight, resource allocation, and effective communication to ensure resilience and trust within the organization. Here, we explore the key questions and considerations for senior executives to address in the wake of the CrowdStrike outage, aimed at reinforcing cybersecurity measures and mitigating future risks.


Key Questions to Address Post-CrowdStrike Outage

Resilience and Forward-Thinking Amidst Outages

In the wake of the July 19th CrowdStrike incident, where an update caused significant disruptions across 8.5 million Microsoft Windows PCs and servers, companies have been thrust into a state of urgent recovery. This incident, though not a cyberattack, exemplifies the types of challenges that can arise from software updates. Understanding and addressing these challenges is paramount for maintaining business continuity.


Understanding the Impact

The CrowdStrike Falcon sensor, an endpoint detection and response (EDR) product, encountered a logic error during an update. This error led to widespread system crashes, affecting a substantial portion of the global computing infrastructure reliant on Microsoft Windows. The remediation process was labor-intensive, involving manual interventions to reboot and repair affected systems. This highlights the delicate balance between deploying protective updates and managing system stability.


Questions for Senior Leaders

Senior business leaders play a critical role in guiding their organizations through recovery and mitigation efforts. Here are some pivotal questions they should consider:

  1. How can we support our IT teams during the remediation process?

  • IT teams face immense pressure during such crises. Leaders should ensure these teams have the necessary resources and support to sustain their efforts, whether it’s through additional manpower or morale-boosting visits from executives.

  1. Can end users assist in the remediation process?

  • While IT professionals are essential for server recovery, end users can often handle simpler tasks like rebooting PCs in safe mode and deleting problematic files, thus freeing up IT staff for more complex issues.

  1. Are we effectively communicating with employees and customers?

  • Transparency is crucial. Clear communication about the issue and its resolution can mitigate frustration and build trust. Leaders should ensure that their communication is honest and empathetic, addressing the concerns of both employees and customers.

Preparing for Future Incidents

Given the inevitability of similar events, proactive measures are essential. Here are strategic considerations for reducing future risks:

  1. Do we understand our economic and operational risks?

  • Companies must quantify the potential impact of disruptions and identify critical applications that need robust, resilient platforms. This involves assessing technical debt and prioritizing upgrades to mitigate risks.

  1. What architectural changes can enhance our resiliency?

  • Investing in re-paveable, cloud-based systems and geo-resilient architectures can significantly improve recovery times. Leaders should weigh the costs of these investments against the potential losses from future outages.

  1. Do we need to improve our change management processes?

  • Implementing phased updates can reduce the risk of widespread disruptions. Allocating resources for more extensive testing and staging can prevent issues from escalating.

  1. Is our disaster recovery/business continuity (DR/BC) planning robust enough?

  • Comprehensive DR/BC plans should include live scenario testing and simulations to prepare for a variety of potential crises. This ensures that both IT teams and senior leaders are ready to respond effectively.


What Should You Be Asking Your Team After the CrowdStrike Outage?

In a complex technological landscape, maintaining operational integrity requires vigilant cybersecurity measures. Senior executives must actively engage with their IT teams to support recovery efforts and proactively mitigate future risks. By asking the right questions and investing in resilient architectures, companies can uphold their commitment to uninterrupted service, safeguarding both their operations and their reputation.


Furthermore, fostering a culture of cybersecurity awareness and preparedness is essential. This involves regular training for employees at all levels, continuous assessment of potential vulnerabilities, and staying informed about the latest threats and best practices in cybersecurity. As technology continues to evolve, so too must the strategies and solutions we employ to protect our digital infrastructure. Ensuring that your organization is not only responsive but also anticipatory in its cybersecurity efforts will be key to navigating and thriving in this ever-changing digital landscape. Senior leaders play a critical role in this endeavor, driving the initiatives that fortify their organizations against future disruptions and ensuring sustained business success.


Comments


bottom of page