top of page
  • Writer's pictureMark Gilmor

The Crowdstrike Glitch: A Lesson in Cyber Resiliency and the Importance of the Small Things

To each person managing the downstream effects of this outage, we remember those days when it was us and are deeply grateful for your effort Friday, over the weekend, and perhaps even now. 


The recent incident where multiple internet systems experienced significant downtime due to a glitch in Crowdstrike’s infrastructure serves as a sobering reminder of the intricate web of dependencies in our digital world. This event underscores the critical importance of focusing not just on the high-profile aspects of cybersecurity, which I myself am guilty of,  but also on the myriad of small, often overlooked and oversimplified components that collectively ensure the resilience of our cyber ecosystems. 


Interdependencies and the Domino Effect

One of the most striking lessons from the Crowdstrike incident is the profound interdependence of systems. What appeared to be a minor glitch cascaded through networks, causing widespread disruptions. This phenomenon, often referred to as the domino effect, highlights how the failure of a single, seemingly insignificant component can trigger a chain reaction leading to extensive outages. Understanding and managing these interdependencies is vital for any organization aiming to maintain robust cyber resiliency.


Routine Maintenance and Updates

Cyber resiliency is not a set-and-forget solution; it requires constant vigilance and regular maintenance. The Crowdstrike glitch underscores the importance of routine tasks such as applying updates, patches, and conducting health checks on all system components. These seemingly mundane activities are essential in preventing vulnerabilities from being exploited and in maintaining the overall integrity of the system. Often in Security we make sure that the vulnerability has been checked but not if the process to release the update has the checks in place. Rigor is the hallmark of Cybersecurity hygiene. 


Comprehensive Monitoring and Response

Effective monitoring systems that can detect and respond to anomalies in real-time are crucial for maintaining cyber resiliency. This includes not only detecting large-scale attacks but also identifying and mitigating minor glitches before they can cause significant damage. Advanced monitoring tools that can provide real-time insights into the health of all system components are essential for proactive cybersecurity management.


The Crowdstrike incident illustrates the need for a holistic approach to cybersecurity. This approach should integrate various aspects such as infrastructure security, application security, operational security, and human factors. By considering all these dimensions, organizations can build a more robust and resilient cyber infrastructure. Book a time to talk!


The recent Crowdstrike glitch serves as a good reminder of the importance of all the small details in maintaining cyber resiliency especially when it comes to third parties. This incident highlights that cybersecurity is not just about defending against big attacks but also about ensuring that every small part of the system is secure and functioning correctly. 


Next Steps For You To Take


What this moment should do is teach you to re-evaluate your cybersecurity strategy but concentrate on the parts you take for granted.


Here's a list of things to check when evaluating your third-party providers like Crowdstrike and others:

  • You, as an organization, should reconsider your deployment plan. Not change it necessarily but consider it again.  Does it still fit your business model?

  •  Are the experts still there that created the update v. just deployment people?

  •  Is it still necessary to update on weekends when no one is around? 


Some questions you can ask your third-party providers like Crowdstrike:

  • What is your testing strategy?

  • What kind of simulation test environments do you have?

  • What is the rollout strategy? Is it phased?

  • What is the scale of the phase testing?

  • Do you have a rollback strategy?

  • Do you test the rollback strategy prior to each rollout? 


What would you add to this list? 

30 views0 comments

Comments


bottom of page