Understanding the recent technology outage: key insights and recommendations

Last week the world experienced an unprecedented technology outage, and its impact is still affecting businesses, small and large. Many people were left stranded in airports, unable to access their finances, or without needed healthcare and medications. For all affected businesses, productivity came to a halt.

In the wake of this outage, our team has provided guidance and advice to our clients including insight into what conditions might make a business vulnerable and how to address them. We’ve summarized the key takeaways and provided a list of recommendations below to help you understand the risks and navigate them effectively.

What caused the outage?

The outage was triggered by an automatic update released by a software product called CrowdStrike, a popular security platform used by many companies globally. The automatic update interfered with Microsoft Windows operations, causing the notorious “Blue Screen of Death.” The fix required manual intervention to roll back the update and reboot the computers.

Are you at risk of a similar outage?

If you use a security product like Heimdal®, SentinelOne, Sophos, or Cyclone, you were not impacted by the recent outage. However, a similar outage could affect your system. It’s important to understand the precautions taken by the security solution you use and whether it has built additional risk mitigation into its architecture and controls. If you’re unsure about your exposure to a similar outage, our team is here to help. 

Should you hold off on installing or updating your security products?

No, we don’t recommend delaying the implementation of best-practice security products. The risk of a security incident without the recommended suite of security products and services is far greater than the risk of a system crash like the one we just witnessed. In fact, many cyber experts fear that hackers will capitalize on this event as companies may opt to lessen security measures. We strongly advise against this course of action. 

What else can you do to make your business more resilient?

Maintaining a strong, proactive approach to managing your security is key and must include rigorous testing. But beyond testing, your critical response processes should be reviewed to enhance your team’s ability to reduce downtime and mitigate risks.

Key takeaways

In short, don’t underestimate the effectiveness of a managed update process. But more importantly, refine and test business continuity plans, both from a technical and operational standpoint. 

If you are a business that was impacted by the CrowdStrike outage, we empathize with your situation. While deeply unfortunate, businesses affected by the outage can learn from it. Use this opportunity to assess and refine your critical response plans to help prepare for the unexpected. 

These assessments should be part of every business’s ongoing IT management program. If you would like to evaluate your security products and protocols or test your critical response plans, our expert team is ready to assist.

GET STARTED>>

CYBER INSURANCE READINESS AND RISK MITIGATION CHECKLIST

Follow these guidelines to manage your exposure to a security incident or widespread outage.

• A next-generation security platform.
• Automated user awareness training: Most security incidents can be mitigated through strong user training with tracking.
• Application whitelisting: Block all applications except what is allowed.
• Multi-factor authentication: The password alone isn’t enough anymore.
• Segmented backups: Keep a separate backup of server and cloud data in a different location or with a different service provider.
• Updating systems: Despite recent events, keeping systems up to date remains one of the most effective ways to stay safe.
• Strong email filtering: Phishing emails are a favorite tool of cyber attackers.
• Web filtering: Block access to known malicious websites.
• Firewall management: Ensure systems are updated and configured securely.
• Dark web monitoring: Monitor the dark web to ensure passwords for key executives are not published.
• Administrative access management: Monitor key administrative level groups to ensure only authorized users are included.
• Disk encryption: Ensure data stored on local PCs, servers, or cloud services is encrypted.