1 in 10 firms dump infosec wares after Crowstrike outage The Register

pGermanys Federal Office for Information Security BSI says one in ten organizations in the country affected by CrowdStrikes outage in July are dropping their current vendors productsppFour percent of organizations have already abandoned their existing solutions while a further 6 percent plan to do so in the near future It wasnt explicitly said whether this referred to CrowdStrikes Falcon product specifically or was a kneejerk reaction to security vendors generallyppOne in five will also change the selection criteria when it comes to reviewing which security vendor gets their businessppThe whole fiasco doesnt seem to have hurt the company much though at least not yetppThe findings come from a report examining the experiences of 311 affected organizations in Germany published today Of those affected in one way or another most said they first heard about the issues from social media 23 percent rather than CrowdStrike itself 22 percentppThe report also revealed that half of the 311 surveyed orgs had to halt operations 48 percent experienced temporary downtime Ten hours on averageppAside from the obvious business continuity impacts this led to various issues with customers too Forty percent said their collaboration with customers was damaged because they couldnt provide their usual services while more than one in ten organizations didnt even want to address the topicppThe majority of respondents 66 percent said they will improve their incident response plans in light of what happened or have done so already despite largely considering events like these as unavoidableppThere will never be a 100 percent protection against IT security incidents in the future Nevertheless we aim to get as close to 100 percent as possible said Claudia Plattner BSI president ppTo achieve this the BSI is in close collaboration with CrowdStrike Microsoft and other software manufacturers to improve the quality of their software and software updates Additionally companies must and can increase their resilience through preventive measures making them more resistant to IT security incidentsppIt is important to give users the greatest possible control over update processes Furthermore the survey results also show that wellpracticed IT emergency concepts must be an important component of any crisis preparednessppOne curiosity of the report was the focus on CrowdStrike customers attitude towards applying security updates postbreakdown ppMore than half said they want to install updates more regularly despite the speed at which updates are applied not being a relevant factor in this caseppCrowdStrike pushed its faulty Falcon sensor update in the form of a channel file via an automatic cloud update Even if the update was applied manually doing so at rapid speed before seeing how it affected other users would have been worse for the organization not betterppRegardless with the number of urgent patch warnings we and the infosec community dish out every week its probably a net positive even if its slightly misguidedppThe BSI was quick to say this survey isnt representative of the entire country given the sample size but it does provide a meaningful picture of the mood for affected companies in GermanyppRalf Wintergerst president at Bitkom which carried out the research said The IT outages and their consequences demonstrate the outstanding importance of digital technologies for our economy and society This time it ended relatively harmlessly also thanks to the joint efforts of businesses and authorities with the support of CrowdStrike and Microsoft However it must serve as a warning for usppWe urgently need to further improve our cybersecurity and require corresponding inhouse expertise in companies and authorities only in this way can we better protect ourselves against unintended outages or targeted attacks and become more digitally sovereignppThe July outage impacted organizations in multiple industries across the world from healthcare to transport bricking 85 million PCsppThe US House Homeland Security Committee is set to grill an exec over the debacle next week although CEO George Kurtz will not be the one providing public testimony ppSend us newsppThe Register Biting the hand that feeds ITpp
Copyright All rights reserved 19982024

p