_SOPA_Images_Limited_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop "The Argument Against Leaving CrowdStrike After Outage")
Amidst the chaos caused by the July CrowdStrike outage, the cybersecurity industry finds itself at a crossroads, grappling with how to best understand and respond to major outages and cybersecurity crises. While the outage itself may have been a freak accident, experts warn that similar events are likely to occur again as digital ecosystems become more interconnected and businesses rely on singular vendors for critical services.
In the aftermath of a CrowdStrike-like event, companies are advised to take a measured approach rather than resorting to knee-jerk reactions. Switching vendors, for example, may not always be the best solution, as it can introduce new security holes and disrupt operations. Instead, leaders must carefully assess vendors’ overall reliability and risk before making any drastic decisions. Factors such as historical performance, communication, and remediation efforts should be weighed against the costs of switching vendors, including implementation time and staff training.
Similarly, the urge to make radical changes to the update process in response to an outage should be tempered. While delay in updates may pose security risks, rushing through testing and implementation could also have negative consequences. Organizations must strike a balance between security and operational efficiency, considering the unique needs and risk tolerance of their business. Ultimately, the best approach will vary from one organization to another, and a careful evaluation of the risks and benefits is crucial.
Above all, the key message to organizations facing a cybersecurity crisis is to avoid panic. Rather than likening such incidents to natural disasters, which are often uncontrollable, businesses must take proactive steps to mitigate the financial impact of an outage or cyberattack. Implementing proper cyber hygiene practices, obtaining cyber insurance, and having a detailed cybersecurity action plan can help organizations navigate through such challenges with resilience.
In conclusion, making fear-based decisions in the wake of a cyber incident can lead to greater complications and vulnerabilities. Instead, leaders are encouraged to focus on understanding the root cause of the issue, learning from it, and making informed decisions to enhance their organization’s cyber resilience. By incorporating third-party risk management into business continuity planning, companies can minimize disruptions and maintain operational continuity in the face of cyber threats.