CrowdStrike Outage: A Warning for Critical Infrastructure
GigaOm COO Howard Holton on How Operational Failures Can Cripple BusinessesMillions of Windows machines across the world experienced a significant IT outage earlier this month due to a faulty software update deployment by endpoint detection and response vendor CrowdStrike. The outage is a warning to healthcare, aviation and other critical sectors that system disruptions have severe consequences, including fatalities, said Howard Holton, COO of GigaOm.
See Also: OnDemand | Secure Your Vendor's Access from Attacks on Third-party Vulnerabilities
The incident has put renewed focus on CISOs and CIOs and the role of backup and recovery systems, especially for organizations in the critical infrastructure sectors, Holton said. Building trust and validation into corporate processes and certifying supply chain security should be a priority.
According to a report by Parametrix, a cloud outage risk insurance company, U.S. Fortune 500 companies excluding Microsoft, may face $5.4 billion in financial losses due to the CrowdStrike outage. Global financial losses are estimated to be around $15 billion.
The incident, Holton said, was an operational failure, not a cyberattack, and should be treated as such. "Accurately defining what constitutes a cyber incident is crucial for effective management and avoiding unnecessary panic," he said. "There is a need for having clear definitions to avoid misclassification and misuse of cyber insurance."
In this video interview with Information Security Media Group, Holton also discussed:
- The global financial and operational impact of the CrowdStrike outage;
- The potential fallout of operational failures on critical infrastructure;
- The importance of having robust incident management strategies.
Holton is a trusted adviser to several Fortune 1000 organizations and has helped them develop successful strategies and execute their vision. He is experienced in delivering outcome-based strategies, building high-performing teams and enabling sales and technical capabilities.