On Friday, July 19th, 2024, the world woke up to a very dramatic reminder of how vulnerable our interconnected systems can make us. An incident involving a faulty software update by CrowdStrike, a leading cybersecurity vendor, triggered global outages that impacted airlines, banks, hospitals and media outlets.as the infamous "Blue Screen of Death" appeared on countless Microsoft Windows computers worldwide. This disruption had far-reaching consequences, and the impact will be felt long after the situation is resolved.
CrowdStrike’s software is deeply integrated within the Windows operating system to provide robust security measures. When it mistakenly pushed an update containing a coding error, systems across the globe became temporarily unusable. The disruption was not just a technical failure but a systemic shock affecting critical sectors that rely heavily on uninterrupted digital services.
So, what are the lessons we can take from the CrowdStrike event?
- The importance of risk assessment in supply chain. MSPs must ensure that their clients are not only aware of the software they rely on but also understand the cascading effects of potential failures within their digital ecosystems.
- The need for proactive communication strategies. MSPs need to help their clients implement robust risk management strategies, but to do this they need to effectively communicate items such as the resilience of their IT infrastructure, how to understand the dependencies across their software solutions, and how to prepare for potential disruptions. Effective communication strategies can mitigate the impact of such outages on customer trust and business operations.
- The significance of having a well-prepared incident response plan. The response from Crowdstrike was swift, with a fix requiring manual application to each affected machine. However, the recovery process is expected to be slow, with experts predicting lingering impacts. This highlights the importance of having a well-prepared incident response plan that includes not just technical remediation but also customer communication and recovery strategies.
And there’s a lesson for your clients as well: the importance of meticulous risk assessment, robust incident response planning, and proactive customer communication cannot be overstated in today’s interconnected digital world.
Let me be clear. There will be more systemic failures—just like CrowdStrike. The only real question is what you’re going to do right now to prepare. It’s time to take a leading role in ensuring your clients are not only protected against such risks but are also prepared to respond effectively when they occur.
Understanding where vulnerabilities lie and how they can affect operations is crucial in a world where software updates can inadvertently bring businesses to a standstill. If you need assistance in navigating your client Supply Chains, consider a comprehensive risk assessment tailored to understand and mitigate potential disruptions in your supply chain. Get your easy kickstarter to the RIGHT conversations at www.galacticscan.com/supply-chain.