CyberCX Hack Report: Insights from a year of offensive security testing →

Global IT outage – next steps

Cyber Security Strategy

Published by CyberCX on 24 July 2024

 

Last Friday, 19 July 2024, what began as a ripple of seemingly independent issues soon became a global crisis as organisations across every sector scrambled to come to terms with history’s biggest ever IT outage.

What we now know is that the outage was caused by a software update to Windows systems for CrowdStrike’s Endpoint Detection and Response (EDR) platform, Falcon Sensor. What remains unknown is the total economic and human impact of the outage, which saw services shut down across banking, logistics and transport, groceries and retail, media, health, education and more, as some 8.5 million devices running Windows experienced a critical error.

Many people reading this will have experienced some form of disruption, whether on a personal or professional level. For anyone working in a cyber, IT or other technical role, there is a good chance you lost some, if not all, of your weekend to the cause of helping your organisation recover.

And while the crisis phase of this outage is now over, we know many recovery efforts are ongoing.

Organisations across the economy – regardless of whether they were directly impacted or not – are this week reflecting on what can be learned from this outage to improve readiness, resilience and recovery before the next tech-related disruption, which is, unfortunately, inevitable.

Since Friday, the team at CyberCX has fielded many questions from customers, partners, media, and stakeholders across government and industry. The most burning questions have been practical in nature, and have been answered in real-time by technical teams solving problems on the fly, as well as by CrowdStrike themselves.

As we transition to recovery mode, the questions that will burn slower, but longer, are also beginning to emerge. To assist organisations grappling with these questions, CyberCX has outlined some signposts for you to follow along the way.

 

The following three headlines and talking points may prove useful for briefing non-technical executives and Audit and Risk Committees.

 

How can our organisation be better prepared for the next outage?

 

How do we build resilience against future outages?

 

How do we bounce back better?

 


 

While the source of this global IT outage was common to all, the road to recovery will be different for every organisation. We hope that the above considerations can help the conversations happening within your business in the wake of the outage.

For anyone working in IT or cyber security, we know this won’t be the last – nor likely the biggest or worst – IT outage we will see. If there is anything our team at CyberCX can assist you with to help improve your readiness, response or recovery capability, we stand ready to do so.

Contact CyberCX

Our passion and mission, as always, is to secure our communities.

Other Cyber Security Resources

Ready to get started?

Find out how CyberCX can help your organisation manage risk, respond to incidents and build cyber resilience.