The Ripple Effect

The Ripple Effect

An incredible amount of work has happened in the past 48 hours around the Crowdstrike outage. It’s been a tremendous effort by so many cyber professionals working through Friday and the weekend to get hundreds of thousands of companies and millions of people back online and protect our infrastructure. Without this village, we would never have recovered so well, and we owe them all a huge debt of gratitude. THANK YOU!

While work is still ongoing, we should also begin to look forward. Beyond the outage itself and why it occurred, the Ripple Effects of this incident are immense and must serve as a massive wake-up call for our global community. Why? They indicate an even bigger problem we must solve, or risk this happening again.

First, it highlighted the need to understand our global supply chains. The outage directly affected 674,620 direct enterprise customers of Microsoft or Crowdstrike, but that number grows to 49 MILLION when we look to two or three degrees of separation, according to interos.ai (link here to read the full report). Many of us felt this firsthand with major closures or delays at ports, airlines, shipping, hospitals and more. We must get better understanding and visibility into these ripple effects.

Second, the incident itself caused devastation but also opened the door to a new wave of threats. Adam Meyers outlined this well in his post the other day. Attackers are using phishing, impersonations of Crowdstrike staff on phone calls, posing as researchers, and selling malicious scripts supposedly to automate response. We must be vigilant.

Finally, misinformation and disinformation are on the rise. Conspiracies about the cause of the outage are rising across social media (all unfounded), as well as hate and negative content towards Crowdstrike and its teams working so hard to get a fix in place. BLACKBIRD.AI has done some incredible research tracking this trend (link here to read). It is devastating and will cause a long tail of impacts for many months to come.

What do we need to take away?

  • TEST, TEST, TEST
  • Create Safe Zones on both sides of the equation (vendor and consumer) to test patches and operations in your lab or through a third party. This requires increased collaboration and communication between vendors. We can also turn to Next Generation Cyber Ranges by World Wide Technology , Immersive , and Cloud Range to help.
  • Know your supply chain. Not just your first-level suppliers, but EVERY level of relationship to as many tiers as possible.
  • Audit these key suppliers regularly, including especially ALL of your security vendors
  • Set yourself up for First Alerts by Dataminr (this is how I first learned of the outage within seconds). Early warning means faster response. Time mattered here, and Dataminr is one of the best for getting those alerts fast and first.
  • Protect your assets and watch for threats that look to kick us when we’re down.
  • Monitor your brand, people, and digital assets for disinformation.
  • Last but not least, understand and monitor these new risks at the Board level. The complexity of our architecture, amount of patches, number of suppliers, and increase in threats make cybersecurity a MAJOR risk for all companies


These are all areas we can work on in the coming weeks and months. In the meantime, make sure to give your cyber teams a big thank you. They do tireless work every day (especially these days) and are the unseen, unsung heroes here!

Thank you for highlighting the incredible teamwork demonstrated during this challenging time. It's a testament to the resilience of the cybersecurity community. As we move forward, it’s crucial to examine not just the immediate impacts of the outage but also the broader implications it has for our industry. How do you see organizations improving their crisis response strategies in light of this event? Fostering open communication and collaboration across sectors may be key to enhancing our collective defenses and mitigating future risks. Looking forward to hearing your insights on this!

回复

It’s inspiring to see the dedication and collaboration from so many professionals during this challenging time. Your reflections on the ripple effects highlight the need for proactive measures moving forward. What steps do you think are most critical for improving our overall cybersecurity resilience?

回复
William Goldman

Empowering clients to maximize their benefits and build wealth to make retirement carefree without having to “un-retire”

6 个月

Thanks for sharing, Dave! I love what you are doing! People who work in the Federal Space rely on a strong network. If you're open to connecting, shoot me a request.

回复
Theodore Krantz Jr.

Leader, CEO and Board Director The leading ai platform for Supply Chain Risk Intelligence- helping solve $3 Trillion a year in disruption

7 个月

Thank you for your industry leadership Dave DeWalt and reference to the Interos Inc report

Manuel Rivera Raba

Founder & CEO at NEKT Group | Innovative Business Development Strategist

7 个月

I might add Dave DeWalt as advice to Revisit your Company’s BCP! The real cost of this incident highly correlates with the quallity and thoroughness of each corporation’s BCP.

回复

要查看或添加评论,请登录

Dave DeWalt的更多文章

  • CES 2025: A Year of Innovation and AI

    CES 2025: A Year of Innovation and AI

    I was excited once again to kick off the year with a trip to Las Vegas for the annual CES conference. What’s clear from…

    3 条评论
  • 2022 Year in Review: NightVision State of Cybersecurity

    2022 Year in Review: NightVision State of Cybersecurity

    Happy New Year Everyone! One of our NightDragon goals every year is to do a “Year In Review in Cyber” and a Look at…

    11 条评论

社区洞察

其他会员也浏览了