Those in Glass House Should Not Throw Stones!

wdStrike, a global behemoth of a cybersecurity firm, has caused what will likely turn out to be the biggest global IT outage in history through a series of errors and epic failure to stage deployments. In response, their chief security officer, Shawn Henry, issued an apology this week. How did we get here? An update to their security software caused Windows-based systems to crash repeatedly, leading to the “Blue Screen of Death.” Key industries like aviation, banking, and healthcare were and are paralyzed. Delta Airlines for example canceled hundreds of flights, leaving passengers stranded and is now reportedly being investigated by the FAA. According to Christiaan Hetzner writing for MSN, Henry expressed deep regret, contrasting with CEO George Kurtz’s highly sanitized statement, which in my view lacked direct acknowledgment of the issue. Kurtz, who had experience with a similar crisis at McAfee in 2010, has now been called to testify before #Congress.

Businesses providing critical services have most impacted their clients, and some, like #Elon Musk’s, organization has been said to have deleted CrowdStrike from their systems. #Microsoft has estimated that 8.5 million #Windows devices were impacted. This is less than 1% of the machines globally, but the concentration of critical industries relying on CrowdStrike’s software greatly amplified the impact. Investors turned down the value of CrowdStrike and moved to their primary rival Sentinel1 which is one of the primary tools we recommend and thankfully, was not part of this immense failure. Sentinel1 stock rose as CrowdStrike sustained losses.

It’s important that we all remember that those who live in glass houses shouldn’t be too critical of CrowdStrike. We should use this as an incredible yet very painful learning experience and not an opportunity to gloat or destroy a fellow industry player that has done a lot of good for the security of our community. The cybersecurity industry is fraught with challenges, and even the most robust systems and well-defined processes can falter. The incident at CrowdStrike serves as a stark reminder of the vulnerabilities inherent in our increasingly digital world. While the fallout was and remains significant, it’s worth repeating that other major players in the industry have faced similar crises and we will no doubt see them again.? This is the time to understand what happened and to take action to put in place processes that will help guard against another failure like this. It is not the time to stand up like any of us or our companies are perfect and somehow immune to this kind of failure. ?This incident underscores the fact that no system is infallible, and even the best-prepared companies can find themselves in the crosshairs of a major IT disaster.

The response from CrowdStrike’s leadership was clearly a mixed bag. Henry’s seemingly heartfelt apology was a step in the right direction, acknowledging the company’s failure and expressing genuine contrition. I just hope they don’t try to scapegoat him as many corporations do with security leaders. They are often taken out as a disingenuous way to show the company intends to change. This while I have found that Security pros have very often spoken about the risks that caused the issues and are ignored, only to be blamed when the prediction comes to fruition. ?Customers and stakeholders absolutely need to know that their concerns are being heard and addressed, and a sanitized statement can often do more harm than good.

While the CrowdStrike incident was a significant setback, it’s a reminder of the inherent vulnerabilities in the systems we rely on every day. Let’s all be a part of the solution in helping to understand what we can do to prevent a single error being able to have such a devastating impact.

We should also be very aware that this is, in my view, minor compared to what we will face if one of our adversaries that is known to be sitting in our critical infrastructure and organizations decides to pull the trigger. ?

?