Cyber Resilience: Key Takeaways from a Global IT Outage

It has now been a few weeks since one of the industry's largest IT outages affected airlines, hospitals, and businesses worldwide. We have all seen the reports on the impact so I won't rehash it here but what is also very painful about this event is that it could easily have happened to so many others. Crowdstrike is one of the most revered cyber vendors in our industry but at the end of the day it is a software provider. Software is written by humans and neither software nor humans are perfect. As a community we spend a lot of time looking to detect/prevent events caused by bad actors. We see here that even when there is no malicious actor involved, a compromise of a critical application can cause widespread impact.

No Application is Invulnerable

That a software package could introduce a quality issue in an update or misconfiguration is not in and of itself, news.Veracode reported in 2023 that 70% of software applications they examined still had at least one identifiable flaw 5 years after shipping. [TS1]?Synopsys found that vulnerabilities existed in as many as 92% of applications tested.

I would go as far to say this number should really be 100%.

The issue is complexity

As we have described in our Cyber Resilience Risk Index 2024 Report, the complexity we face in this industry is enormous. For example, there are hundreds of variants of Windows X, and over 100 applications installed on every computer - each with its own patches and fixes and updates, on a variety of networks, connecting to a profound number of peripherals. There is not a test matrix on the planet that will get you to perfection. And even if an application were to be perfect the day it shipped, it changes over time through usage, updates, combinations with other applications, upgrades, and patches….resulting in by new flaws.

Where you have complexity, you will find risk

I am in no way absolving technology vendors from their obligation to deliver quality products – especially in mission critical applications. ??Clearly security and quality from design to delivery is crucial. However, there is value in understanding the reality of this situation, that this is not purely a software quality problem. Where you have complexity, you will find risk - and where there is risk, your resilience plan is as critical to your business continuity as your detection/prevention plan.

Absolute's Commitment to Cyber Resilience

As the leader in Cyber Resilience for remote and hybrid work, we have a unique view on the state of endpoint computing and around this most recent incident and we have been working to help our partners and customers to be on track for a fast recovery. For example, we recently made available to Absolute customers (and non-customers) the ability to scan for latent CRWD events as well as the ability to remotely automate remediation to a BSOD event leveraging our platform already embedded in their devices. At #RSAC we also demonstrated our unique Endpoint Rehydration and Resilience 3.0 platform that specifically enables remote healing of devices overcome by ransomware or other compromise.?? Learn more about our newly released capability on our blog or check us out this week at #BlackHat.

What Can We Responsibly Do?

As we reflect on the aftermath of this historical global outage, what can we responsibly do across our industry to better mitigate these types of events?

1. Technology Providers: Continue striving for quality and security from design, incorporating resilience strategies into customer success plans and roadmaps. In addition, by enabling applications to automatically remediate problems and maintain health, organizations can ensure they can address issues responsibly.

2. Enterprise Customers: Implement resilience strategies in your environments by conducting thorough tabletop exercises that extend to business continuity and disaster recovery (BCDR) plans. Utilize built-in capabilities already within the devices you own to remediate or restore devices promptly.

3. Shared Responsibility: Managing risk requires partnership and collaboration. Leverage tools that enhance resilience today and work together to eliminate complexity over time.

Cyber Resilience is Critical in our Complex Digital World

As organizations clean up from the latest event, the key takeaway is the critical need for investing in cyber resilience in our highly complex digital world. Whatever the next event may be, will you be ready with a plan and the tools required to return your business and get users back online quickly, safely and effectively?

Word on the Street

We are already hearing here at Black Hat 2024, the CrowdStrike BSOD incident is top of mind, according to a news report from today. We encourage CISOs and all security and risk professionals in attendance to look into not only the solutions available to assist with detection and prevention, but also those that will ensure resilience across their hardware and software deployments. We will be demoing our solutions designed to ensure your remote and hybrid workforces are prepared for anything that could disrupt their normal course of work and look forward to showing you how our firmware-embedded remote capabilities work. Visit is at booth 4312 to learn more.