3 Key Takeaways from the CrowdStrike Outage

July 19, 2024, will long be remembered as the most extensive system and infrastructure outage in recent memory.

Systems worldwide faltered—and outright failed in many circumstances—due to a faulty update to the Falcon sensor configuration for Windows systems. Consequently, mass-scale outages hit many vital industries, stirring up turmoil for those waiting for flights, appointments, bank transfers, and just going about their daily lives. If you experienced the dreaded BSOD (Blue Screen of Death) on Friday 19th, you’d be one of millions.

We’ll discuss three key takeaways, both positive and negative, from the CrowdStrike outage.

1. Lack of Prior Testing

CrowdStrike didn’t test their update enough before deploying it live, which led to the outage.

The fault happened due to an oversight in testing. There may have been a presumption that the update was ready for deployment before it actually was. This has had colossal consequences – not just for CrowdStrike themselves but for companies and organizations running on Windows systems across the globe.

2. Quick and Transparent Response

Once the update went live, the effects hit instantaneously. However, CrowdStrike responded to the situation quickly and transparently. They kept their lines of contact open and accessible throughout the crisis, which they’ve received praise for.

Despite the odds, CrowdStrike has emerged from the situation quite favorably because of its response. It has set a shining example of how to manage a crisis, not just because of its response but also because it effectively managed the massive scale of the issue. They may stand out in this way because this isn’t always the outcome when large-scale problems arise. It’s important to note that they aren’t free from scrutiny – in fact, they’re far from it. But compared to similar incidents, they have fared well.

When things go wrong, companies often encounter internal turmoil. When this inevitably meets the public eye, it can negatively affect their reputation and diminish trust among their consumers. So far, this has yet to happen to CrowdStrike.

3. A Worldwide Impact

For many, the sheer scale of the outage is the most astounding part of the whole event. It has become one of the most significant technological failures ever, leaving no industry unaffected (aside from those using Mac and Linux!).

It highlighted how dependent companies and individuals globally are on Windows-based technology and how issues can bring vital systems crashing down. What happened might make people apprehensive about Microsoft and CrowdStrike and how much of their infrastructure they should base virtually, especially with cloud-based systems.

Don’t put all your eggs in one basket!

While it was a stressful day for Windows-based databases, systems, and operators, it was business as usual for Mac and Linux users.

The outage begs a few questions all companies should consider:

• Should companies take measures to ensure they can continue operating despite tech issues?
• Has the modern world become too dependent on the systems and frameworks that conglomerates like Microsoft have set up?
• Should companies diversify their range of software and hardware suppliers to give themselves back up if this happens again?

This event has taught us that mass-scale outages are definitely possible in the modern age, and mishaps can quickly occur. Contrary to many big tech failure stories, no data spilled into the public domain, and no malicious third parties were involved in the outage. It all chalked up to one minor oversight, which unfortunately had dire consequences.

Notably, CrowdStrike are certified to ISO/IEC 27001:2022. Despite the oversight, the standard has served them well in risk management, information safeguarding, and adhering to global security standards. IMSM has certified thousands of businesses to this standard.
We pride ourselves on our commitment to compliance and business development. ISO/IEC 27001:2022 equips you with the right tools, measures, and actions to protect you from security risks, data breaches, and of course, outages like this one.