Advertisement

Drudge Retort: The Other Side of the News
Thursday, August 01, 2024

The silicon dust is beginning to settle on the CrowdStrike outage (described as the largest IT outage in history -- one that will cost Fortune 500 companies in the U.S. alone more than $5 billion in direct losses), yet there remains a considerable amount to debate and to puzzle over.

More

Comments

Admin's note: Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed.

More from the article...

... The incident related to a software update that caused a widespread outage to Microsoft systems, resulting in grounded flights and disruptions to other major industries.

To gain different perspectives, Digital Journal reached out to three leading cybersecurity experts to garner a new take on the situation.

Vendors are still suffering impacts

First up is Jake Williams: former NSA hacker, Faculty at IANS Research, a Boston-based cybersecurity research and advisory firm, and VP of R&D at Hunter Strategy.

Williams begins [by] assessing the shockwave: "Vendor management teams should take inventory of which of their vendors are still suffering impacts from the CrowdStrike event. This will be important for future Business Continuity Plan (BCP) planning. If an organization can't recover quickly from a relatively simple fix like this, they will fare far worse if hit with ransomware."

This leads to Williams' substantive point -- the need for businesses to be ready for any eventuality: "One of the most important things you can do for your security program this week is to proactively discuss security controls with your stakeholders. Acknowledge that automatic content (signature) updates pose a risk, but delaying those updates is an even greater risk." ...


#1 | Posted by LampLighter at 2024-07-31 02:17 AM | Reply

It all depends on how good their IT departments were and how well they were funded.

A good 50% of my job was convincing management of the upcoming dangers and to fully fund the IT department so we could be ready.

#2 | Posted by donnerboy at 2024-07-31 01:44 PM | Reply | Newsworthy 1

@#2 ... It all depends on how good their IT departments were and how well they were funded. ...

Absolutely, with an emphasis upon the latter part of your comment.

Funding.

When I was in IT, I always had a battle to get the funds I needed.

But then one thing occurred... we were attacked and we lived through the attack. I then was able to show a direct link between the funds allocated the prior years and the protection those funds provided to allow us to survive the attack. Subsequent to that event, it was a bit easier to get funds.

Not all IT teams are that lucky, as IT is typically seen as a cost-center in companies, and nothing to do with generating profits.

#3 | Posted by LampLighter at 2024-08-01 07:05 PM | Reply | Newsworthy 1

Most were not prepared:(.

Re: orgs and funding, I wish folks took the impact of loss of availability more seriously as it's tough to run any business that has an online presence/portal when it goes offline.

As Joe once said, "it's a big f'n deal."

#4 | Posted by GOnoles92 at 2024-08-02 07:51 AM | Reply

A low amount of total % of Microsoft endpoints were affected, but from what I understand from brief notes of the incident it widely impacted those who use this crowdstrike service AND Microsoft as an endpoint.

#5 | Posted by GOnoles92 at 2024-08-02 07:54 AM | Reply

Comments are closed for this entry.

Home | Breaking News | Comments | User Blogs | Stats | Back Page | RSS Feed | RSS Spec | DMCA Compliance | Privacy | Copyright 2024 World Readable

Drudge Retort