In the wake of the recent CrowdStrike outage, which disrupted millions of computers, businesses, and public agencies worldwide – including many in Greater Palm Springs – business and public agency leaders are grappling with the aftermath and seeking ways to bolster their cybersecurity measures.
On July 19, a routine update from CrowdStrike, a prominent cybersecurity platform provider, crashed 8.5 million Microsoft Windows PCs and servers. Instead of starting up, these machines displayed the so-called “blue screens of death,” halting operations for countless businesses and ATM networks and even delaying critical medical procedures.
While CrowdStrike released a fix the same day, the remediation process required enterprises to manually reboot tens of thousands of servers and PCs in safe mode, delete problematic files, and then install the corrective update. This was not a cyberattack, nor is it unique.
Several recent, widespread software outages have created havoc across entire value chains, like this year’s ransomware attacks that impacted three of Greater Palm Springs’ most prolific business sectors. These attacks prevented auto dealers from doing business and healthcare providers from receiving payments and destabilized aged systems that stranded airline travelers.
Though not a cyberattack, the CrowdStrike incident highlights the vulnerabilities inherent in modern software ecosystems and underscores the importance of proactive cybersecurity measures.
Questions for Local Business and Public Agency Leaders to Consider
Our entire economy runs on complicated, sometimes fragile, technology platforms. Companies have a responsibility to shareholders and customers, and public agencies have a responsibility to taxpayers/ratepayers to provide “all day, every day” support for operational processes. Leaders at all organizations can get the insight they need to support and push IT managers on this imperative by asking pointed questions about the speed of response and about preventing or limiting the impact of the next event.
In response to this significant disruption, Greater Palm Springs business and public agency leaders should take decisive steps to mitigate the impact of such outages and prepare for future incidents. Here are key questions they should ask their teams:
- Understanding the Outage:
- What exactly went wrong during the CrowdStrike update, and how did it affect our systems?
- Which systems and operations were most impacted by the outage?
- Immediate Response and Fixes:
- How effectively did our team handle the immediate fallout from the outage?
- Were there any gaps or delays in our response that need addressing?
- Communication and Coordination:
- How well did we communicate internally and externally about the outage and our response?
- Were all stakeholders adequately informed and involved in the resolution process?
- Long-Term Resilience:
- What measures can we implement to prevent similar issues in the future?
- Are there redundancies or backup systems we need to establish to ensure continuity?
- Cybersecurity Strategy:
- How does this incident influence our overall cybersecurity strategy?
- Are there specific areas of our cybersecurity infrastructure that require immediate attention or improvement?
- Vendor and Third-Party Management:
- How do we evaluate and manage the risks associated with our third-party vendors, such as CrowdStrike?
- What steps can we take to enhance our vendor management practices to mitigate potential risks?
Moving Forward
The CrowdStrike outage serves as a stark reminder of the interconnectedness of modern business operations and the critical importance of robust cybersecurity practices. Businesses and public agencies in Greater Palm Springs must prioritize resilience and preparedness to navigate the complexities of today’s digital landscape.
By addressing the questions above and reinforcing their cybersecurity frameworks, organizations can better protect themselves against future disruptions and ensure smoother operations in the face of unforeseen challenges.