CrowdStrike outage raises multi-faceted security concerns

CrowdStrike's global IT outage in July impacted circa 8.5 million devices and showed us that security threats can come from all angles – providing food for thought among channel leaders.

ROY SHELTON
CEO, CONNECTUS BUSINESS SOLUTIONS

This has made clear the need to prioritise operational stability and emphasised the risks of relying on a single supplier. While larger enterprises were significantly impacted most UK MSPs, being SMEs, were largely unaffected. This incident underlines the economic importance of the MSP sector, which contributed £52.6bn in revenue in 2022. Many of these providers were small or micro-sized businesses that used lesser-known but cost-effective alternatives to CrowdStrike. I believe that the industries most affected like transportation, utilities and financial services should focus on thorough testing and strong regression planning to prevent similar disruptions in the future.

CHARLIE BOISSEAU
CTO, COMMSWORLD

We encourage businesses to enquire with their service providers about what goes on 'under the hood' of the infrastructure they provide and signpost the areas where risk might be introduced. This incident underlined and reinforced messages to our customers when designing their digital infrastructure solutions, which ultimately come down to risk management: Yes, your Windows devices should be secured, so Crowdstrike might be a sensible option, but using third party software may introduce additional risk. The same might be true of decisions to move your hosting to the cloud or your network to SD-WAN. All these solutions mitigate risks in some areas but may also add risks in other areas. 

RICHARD MAY
CEO, VIRTUALDCS

Businesses must proactively implement strategies like diverse vendor use to safeguard their operations against future outages. The recent outage highlighted the challenges of relying solely on automated updates and single-provider solutions. It underscores the need for improved testing protocols and more flexible update mechanisms. One potential solution for organisations is to adopt a multi-provider strategy. By utilising two different antivirus vendors across different systems, companies can mitigate the risk of a single outage impacting their entire platform. This approach both limits the scope of potential disruptions and enhances security, as one vendor might detect threats that another misses.

BRITT MEGAHEY, MD
BARCLAY COMMUNICATIONS

No matter how big or small an organisation, the importance of rigorous disaster recovery planning is paramount. We invest heavily in our security measures but have still initiated a full review of all our third party suppliers to ensure they are adhering to their advertised standards and Service Level Agreements. The issues seem to have been focused on the Global Presence Enterprise organisations but of course this has a ripple effect right down to SMEs and micro business that rely on their services. SasS providers from all sectors must ensure they stick to their defined testing and deployment processes, even for the smallest release.

CHRIS THOMAS
CEO, INCOVO

Disaster recovery should be a priority for any business that cares about its operation. We did see a surge of issues in critical areas such as the health sector, travel and manufacturing. When such sectors can't operate the wider public faces problems as well. On our level of SME, we need disaster recovery and resiliency planning to know exactly what steps we take in these types of events. We’re always thinking about ways to improve and this case sparked a wider conversation. Adaptations are constantly being made to reposition us stronger. 

MARK MITCHELL
CTO, CWSI

This event has reinforced the importance of cybersecurity and operational agility, not only for businesses but also for end users, driving a more serious consideration of these aspects in IT strategies. The sectors most severely impacted were healthcare, travel and finance, highlighting the necessity for comprehensive support and protection strategies in the aftermath. To prevent future occurrences it is imperative to adopt a Zero-Trust approach, ensure regular updates and backups and employ AI-powered security analysis tools. It is necessary to develop and test recovery and business continuity strategies.

SOHIN RAITHATHA,
CEO, REDSQUID

This incident exposed the risks of relying on a single technology, prompting many to rethink their cybersecurity strategies and business continuity plans. It's crucial to continuously assess and strengthen IT systems, diversify technology choices and implement robust security measures. The disruption to sectors like film production, education and pharmaceuticals underscores the need for IT partners with industry-specific expertise and tailored solutions. We advocate for developing resilient IT infrastructures and keeping business continuity plans up-to-date. Keeping proactive measures in place is essential to protect operations and prepare for future challenges. This outage reinforces the need to embed cybersecurity and resilience at the heart of every strategy we create with our customers.

MIKE IANIRI
MD CLOUD GEEKS

The incident highlighted the vulnerability of organisations dependent on one cybersecurity provider as any disruption can lead to widespread operational and security issues. It has prompted many businesses to reassess their security frameworks, placing greater emphasis on diversification and contingency planning. The sectors most affected rely heavily on real-time data and uninterrupted cybersecurity, making them particularly vulnerable. To prevent future incidents businesses should diversify their IT vendors to avoid single points of failure. Enhanced monitoring tools, regular disaster recovery drills and clear communication channels between IT vendors and clients are essential. It also raises concerns about vendor accountability and may lead to increased regulatory scrutiny.

ALEX COBURN
SECURITY PRACTICE DIRECTOR, NODE4

All businesses must evaluate their preparedness for disruptions whether caused by malicious acts or system failures. Accepting these failures as unavoidable is not sufficient, especially for smaller enterprises unfamiliar with operational resilience. Financial market participants prioritise security and resilience based on important business services. Understanding and protecting critical assets including people, processes, technology, facilities and third parties is essential for minimising disruption impacts. Any organisation should have workaround plans, backup plans and parallel efforts to maintain operations during crises. This is a business challenge based on the premise that ‘severe but plausible’ events are becoming more common.

IAN DUNSTAN,
MD, COBALT

The recent outage had significant repercussions particularly in critical sectors like healthcare, finance and transportation. The impact of 8.5 million devices being unavailable was at the top of anything we had imagined for one day. Total or partial loss affected every system we used. The technical element was fixed very quickly but the human effect took somewhat longer. The impact has been little to none at many small to medium enterprises. They saw it as a freak situation that probably won’t happen again. This will happen again, like a giant mobile provider forgetting to renew a security certificate. It’s down to us as an industry to educate and not use it as a fear-selling technique.