Inflection Point | $5B Wake-Up Call
Last week’s software update disaster by CrowdStrike is a wake-up call for the world.
Will anyone respond to this call to action?
This massive IT outage affected millions of Windows computers worldwide, causing flight cancellations and hospital disruptions.
The videos of Delta Airlines passengers stuck for over four days in the airport terminals are awful.
In other words, a lot of human suffering.
The damage?
Insurers estimate over $5 billion in direct losses for Fortune 500 companies alone.
Let’s break this down:
·???????? Healthcare took the biggest hit, losing $1.94 billion
·???????? Banking lost $1.15 billion
·???????? Airlines lost about $860 million (so far)
Less than 20% of these losses might be covered by cybersecurity insurance.
What went wrong?
CrowdStrike’s testing system failed to stop a buggy update from going out the door.
This bad update was live for just 90 minutes, but that was enough to cause all the damage.
The fallout? All 8.5 million devices need manual resets by a human at each keyboard. That’s a lot of IT overtime.
This incident highlights a growing problem: single points of failure.
That’s a recipe for widespread disruption when things go wrong.
Who are you completely dependent on?
CrowdStrike is promising changes:
1.??? They’re adding new checks to their validation system
2.??? They plan to stagger future updates instead of releasing them all at once
3.??? They’ll give customers more control over when updates are installed
These are good steps, but we need to be proactive.
We need to be cyber-resilient.
Doesn’t matter if an outage is caused by accident, error, or cyber-attack.
Here’s what you can do:
1.??? Review your critical dependencies. Do you have a plan B for each one?
2.??? Test your disaster recovery plans regularly. Don’t wait for a real crisis.
3.??? Consider cyber insurance, but read the fine print. Many policies have limitations and exclusions you might not expect.
Remember, it’s not if a major disruption will happen, but when. And how you’ll respond.
What’s your take on this? Are you rethinking your approach to cybersecurity after this incident?
领英推荐
Please just hit comment and let me know.
I read every comment you post.
-Kip
P.S. Please share this "Inflection Point" with someone you care about.
Subscribe here !
Current Podcast Episode: “Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), part 2”
Let’s continue unpacking the “Cyber Incident Reporting for Critical Infrastructure Act”.
What else do you need to know?
Let’s find out with your hosts Kip Boyle , CISO with Cyber Risk Opportunities LLC , and Jake Bernstein, CISSP, CIPP/US , Partner with K&L Gates .
By the way...
We’re in the midst of the most beautiful Seattle summer weather.
Watching the sunset from the shores of Puget Sound.
Taking a long look at Mt. Rainier on a cloud-free, sunny day.
Enjoying all the trees everywhere with their dark green leaves.
Walking in the woods.
Just lovely...
Kip Boyle is a husband, dad, entrepreneur, and experienced cyber risk manager. He founded Cyber Risk Opportunities LLC in 2015, after seven years as the CISO of PEMCO Insurance in Seattle. As a captain on active duty in the US Air Force, he served in the Combat Archer and F-22 Stealth Fighter programs where he was the director of enterprise network security. These days, he serves as virtual chief information security officer for many customers, including a professional sports team and fast-growing FinTech and AdTech companies. Over the years, Kip has built teams by interviewing hundreds of cybersecurity professionals. And now, he’s sharing his insider’s perspective with you!
113 Cherry St #92768, Seattle, WA 98104-2205Kip Boyle, Founder, vCISO, Best-Selling Author, Speaker, Podcast Host, Entrepreneur, Trainer, Consultant, Cyber Resilience Subject-Matter-Expert
Staff Threat Intel Analyst, Adversary Tactics
3 个月Wait, what do you mean "inflection point"? I took the CISSP exam in 1999, and for some reason, something tells me that this was a concept during part of the training, to test your updates before rolling out to production. This is really rudimentary stuff, folks! The simple fact is, if you're auto-updating your critical assets, they aren't critical.
Let's talk about #cybersecurity #cyberresilience #cr-maps #cyberinsurance #cyberriskmanagement #cyberpolicies #cyberprocesses #networking
3 个月I appreciate the practical steps you suggest. More than ever, cyber resilience is where it's at. We are very dependent on this digital world we live in, and bad things, intentional or otherwise are going to happen. There is always so much focus on blame, I like your focus on "What can we learn and how can we improve?"