Safeguarding Your Business Against Outages: Lessons from CrowdStrike
Understanding the Threat Landscape
The recent CrowdStrike outage serves as a stark reminder of the vulnerabilities even the most sophisticated systems face in our increasingly digital world. For data-heavy enterprises, such disruptions can have catastrophic consequences, leading to immediate financial losses, eroded trust, damaged brand reputation, and hindered long-term growth prospects. Organizations must take proactive steps to fortify their infrastructure and safeguard their valuable data to prevent such outages.
The CrowdStrike Crash: What Happened?
On July 19, 2024, CrowdStrike experienced a significant outage caused by a faulty update to the CrowdStrike Falcon sensor configuration. The CrowdStrike Falcon sensor is a software agent installed on endpoint devices (laptops, desktops, and servers) to provide advanced threat protection and visibility for the CrowdStrike Falcon security platform.
Affected Systems and Scope
The faulty update impacted Windows 10 and later versions, specifically those running sensor version 7.11 and above 2. Approximately 8.5 million devices were affected, leading to disruptions in various sectors, including airlines, healthcare, and financial institutions 1 3. The impact was significant:
- Disrupted major airlines, hospitals, banks, and other critical infrastructure. 6
- Nearly 7,000 flights were canceled. 6
- Took down 911 systems, factories, courthouses, and television stations. 6
- The outage is projected to incur billions in losses, potentially equaling the damages caused by the most devastating cyberattacks on record.6
So, how do you prevent this from happening to your business?
Initial Steps to Ensuring Business Continuity
- Identify Critical Systems: Pinpoint the systems that, if compromised, would severely impact your operations.
- Assess Vulnerability: Regularly conduct vulnerability assessments to identify potential weaknesses in your systems.
- Threat Modeling: Simulate potential threats and their impact to develop effective mitigation strategies.
Protect Your Business from Similar Disasters
- Redundancy: Implementing multiple, duplicate systems and infrastructure can ensure continuous operations and prevent service disruptions. This can include redundant hardware, data centers, and network connections. Learn More.
- Disaster Recovery Planning: Businesses develop detailed plans outlining the steps to recover systems, restore data, resume operations after a disaster, and conduct regular testing. Learn More.
- Cloud Adoption: Consider cloud-based solutions for scalability, flexibility, and disaster recovery capabilities. Cloud providers typically offer robust data backup and disaster recovery capabilities, helping ensure your critical data and systems are protected and can be restored in the event of an outage or disaster. Learn More.
- Data Backup: Maintain regular and secure backups of your critical data and safeguard against data loss due to hardware failures, human errors, or malicious attacks. Many industries have regulatory data backup and retention requirements, which can be met through a robust backup strategy. Learn More.
- Network Security: Implement robust network security measures, including firewalls, intrusion detection systems, and encryption. Learn More.
- Effective Change Management: Rigorous testing and phased rollouts with detailed rollback plans are essential to minimize the risk of disruptions when deploying software updates and changes. Learn More.
- Real-time Monitoring and Analytics: Implement 24/7 monitoring, use advanced analytics for anomaly detection, and automate routine tasks and response procedures to identify and respond to threats promptly. Learn More.
- Third-Party Risk Management: Thoroughly evaluate the security practices of your third-party vendors and ensure your vendor contracts include precise security requirements to mitigate the risks posed by your digital supply chain. Learn More.
- Compliance and Governance: Maintain the security and integrity of critical information by adhering to relevant data protection regulations, establishing robust data governance practices, including clear data ownership and access controls, and conducting regular security and compliance audits.
How To Get Started
These steps may seem overwhelming, but help is available. The easiest way to ensure you've covered all these suggestions is to contact an Optus advisor to custom-fit the best solution for your business—with no vendor preference. We compare and contrast each solution and bundle them for you. The best part? We handle everything so you can focus on your business.
By following these tips, you can significantly reduce the risk of outages and ensure your business remains resilient in the digital age.
For more information on how Optus can help you safeguard your data-intensive operations, please book a free consultation with our technology advisors.
References
[1] - https://www.bitsight.com/blog/crowdstrike-timeline-mystery
[2] - https://www.crowdstrike.com/blog/falcon-content-update-preliminary-post-incident-report/
[3] - https://www.techtarget.com/whatis/feature/Explaining-the-largest-IT-outage-in-history-and-whats-next
[4] - https://www.americanbanker.com/news/crowdstrike-hints-at-root-cause-of-fridays-sweeping-it-outage
[5] - https://www.spiceworks.com/it-security/endpoint-security/news/crowdstrike-blames-windows-outage-on-testing-software
[6} - https://www.lawfaremedia.org/article/the-crowdstrike-outage-and-market-driven-brittleness