The global IT outage triggered by a faulty CrowdStrike software update could lead to $400 million to $1.5 billion in payouts to cyber insurance policyholders, although the nonstandardized language used for such policies will make determining final losses a "lengthy process," analysts say.
Shane Buckley, CEO of Gigamon, discusses the recent CrowdStrike outage, plus insights on how Gigamon managed to restore critical systems rapidly. He highlights the importance of observability and defense-in-depth strategies in mitigating security threats and offers advice for other organizations.
CrowdStrike said nearly all of the Windows hosts disrupted by its faulty July 19 update are now fixed. The company said the flaw involved a relatively new threat detection feature that uses configuration data that "maps to specific behaviors for the sensor to observe, detect or prevent."
Friday's global computer outage caused by an update gone wrong from cybersecurity firm CrowdStrike continues to bring out hucksters seeking to capitalize on the incident. Hackers began milking it almost immediately, and self-proclaimed hacktivist group USDoD appears to be the latest.
Expect the healthcare and banking sectors to record the greatest direct losses in the U.S. as a result of the global disruptions caused by a faulty CrowdStrike software update crashing Windows systems, an underwriting agency reported, forecasting Fortune 500 direct losses of $5.4 billion.
Cybersecurity incidents are not just technical problems. They are also major public relations challenges. Effective IT and cybersecurity leadership during a crisis can significantly affect your company's reputation, stakeholder trust and overall recovery - and have a big impact on your career.
The recent CrowdStrike outage highlights the need to shift from reactive risk management to proactive measures in cyber-physical security. Claroty CEO Yaniv Vardi emphasizes the importance of compensating controls, network segmentation and secure remote access in preventing similar incidents.
On day five of the Windows outages due to a faulty CrowdStrike update, there is cautious optimism as IT experts report significant restoration of downed systems. One IT asset management provider said that 93% of affected CrowdStrike systems across its customer base appear to have been fixed.
CrowdStrike must enhance testing and validation procedures and address deficiencies in its current quality assurance processes to minimize attrition. CrowdStrike should conduct a technical retrospective to understand the root cause of the faulty software content update and make necessary changes.
Global CIOs said the fallout from the CrowdStrike outage could have been mitigated by investing in comprehensive data resilience that can help restore corrupted data through orchestrated recovery. It can help recover from disasters such as ransomware, data corruption and catastrophic events.
Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive information, according to the U.S. Cybersecurity and Infrastructure Security Agency and others experts.
As if the healthcare sector doesn't have enough technology problems, the global IT outage caused by a faulty CrowdStrike software update has forced some hospitals and other medical facilities worldwide to resort to manual downtime procedures and cancel patient procedures.
In this special edition of the ISMG Editors' Panel, CyberEd Board member Ian Thornton-Trump joined editors to discuss the fallout from the massive CrowdStrike IT outage, the reaction from the tech industry and how we can learn from the incident and create more resilient operations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.