Five Things The Largest IT Outage In History Taught Businesses

On July 19 of last year, we found out. When cybersecurity firm CrowdStrike distributed a faulty configuration update to its Windows systems, it resulted in a bug which dropped 8.5million of its Microsoft users from its services.

This led to what many have called the largest cyber incident in history,¹impacting critical infrastructure across industries, countries and continents.

In short, it was a global catastrophe – fortunately, it taught businesses around the world a few crucial lessons about business continuity.

Lesson #1: no corporation is too big to fail

Trusted by the lion’s share of Fortune 500 Companies – 300, to be exact –  and eight out of 10 top financial firms²,CrowdStrike was surely too trusted, too established, to fail. And yet it did. Its failure wasn’t the result of a sophisticated fault, either, but happened because of a small error that was distributed to every one of its Microsoft-hosting clients and caused their systems to go dead.

Action: Identify any single points of failure in your tech processes so you can work out emergency alternatives.

Lesson #2: work out incident response planning

The CrowdStrike outage caused untold chaos around the world. Flights were cancelled and delayed³. Doctors, unable to access IT systems, were unable to send out cancer referrals⁴. Card payments were unable to be taken from major providers worldwide⁵. The CrowdStrike outage was a lesson that many organisations lacked the plans for vendor-related failures.

Action: Work on business continuity, disaster recovery, and cyber incident response plans to include third-party risks.

Lesson #3: develop emergency manual alternatives

Thought to be the worst cyber incident in history, the CrowdStrike outage showcased something on the global stage that we really already knew: that businesses are extremely dependent on technology.

Action: Businesses’ dependency on technology isn’t a bad thing, and it isn’t going to change. But it does mean that in rare cases where usual IT systems aren’t available, you should have manual backup plans in place.

Lesson #4: resilience, not reactivity

Few businesses plan for events like the CrowdStrike outage, and instead are forced to take a reactive approach. But it’s important to recognise that while the CrowdStrike outage was particularly severe, it won’t be the last time businesses are sent scrambling for reasons beyond their control.

Action: Foster a resilience culture within your workforce, and remember that resilience isn’t just a mindset but a plan your workforce know by heart.

Lesson #5: have a plan for when vendors fail

No one would have thought that CrowdStrike, the first in line endpoint protection product for companies around the world, could fail so catastrophically – but it did. Here, the lesson is that no vendor is too large to fail – especially if that vendor is one you particularly rely on.

Action: Make sure to incorporate vendor-related risks in your incident planning.

Consistent with our policy when giving comment and advice on a non-specific basis, we cannot assume legal responsibility for the accuracy of any particular statement. In the case of specific problems, we recommend that professional advice be sought.

Sources:

[1] CrowdStrike IT outage affected 8.5 million Windows devices, Microsoft says - BBC News

[2] About CrowdStrike: Our Story, Mission, & Team | CrowdStrike

[3] The CrowdStrike outage: What does it mean for airlines? – Cirium

[4] CrowdStrike: What was the impact of the global IT outage - BBC News

[5]CrowdStrike Outage: the Impact on Banks and Payments