CrowdStrike Chaos: Key Learnings & Preparing Your Organization for Future Incidents
Published August 29, 2024
- Cybersecurity
- IT Strategy & CTO Advisory
- Sourcing & Services Optimization
- Travel, Transport & Logistics
What happened?
The recent CrowdStrike incident, where a routine software update led to widespread business disruptions, has served as a powerful reminder of the vital role IT service providers play in maintaining operational stability. In today’s fast-evolving digital landscape, the ability of a service provider to respond swiftly and effectively to such incidents is crucial for minimizing impact and ensuring business continuity.
To better understand how organizations and their service providers are navigating these challenges, Wavestone gathered insights on IT service provider preparedness from organizations around the world, including user support, responsiveness, and how providers assisted in mitigating the fallout from the indecent itself.
What did we learn about Service Provider Response?
Preliminary findings showed that IT service providers provided a significant response to the CrowdStrike incident.
Overwhelmingly, we found that organizations had one common piece of feedback: communication is key.
When assessing “How was the IT service provider’s responsiveness,” even if the communication was simply monitoring systems that could have been affected, proactive observation and communication during the incident were the key elements that ultimately garnered a “very responsive” reply to our survey in the incident’s fallout.
In any incident response scenario, organizations must be kept informed by their IT service provider on the status of the incident and expected resolution times to manage expectations and mitigate disruptions. IT service providers must invest in pre-release validation and continuous monitoring to identify potential issues before they affect clients.
The CrowdStrike incident serves as a case study in the broader context of IT service management, demonstrating that proactive measures, quick response times, and clear communication channels are indispensable for sustaining operational stability in an increasingly complex and interconnected digital world.
Critical Questions to Ask Yourself in Response to this Event
Wavestone Partner Richard Graham suggests organizational leaders ask a series of questions of their own processes to ensure preparation.
- Are your technology components well understood?
- Which third parties are you critically relying on?
- Are you in control of software updates?
- Are software or system changes being tested appropriately?
- Is there a robust incident management process?
- When was the last test of business continuity and incident response plans?
- Are your third-party contracts fit for purpose?
- Is your business interruption insurance coverage adequate?
What can you do to prepare for the future?
Of course, there’s no way to predict every outage or threat in a highly interconnected, tech-enabled business environment. But preparation is something every organization should lean into. Wavestone recommends keeping these three elements in mind to successfully prepare for the future:
Are your service providers acting as partners, or simply as vendors? If your relationship is transactional, often leading to minimal response and less than ideal outcomes, it may be time to pivot to a partner-like relationship. Service providers and clients should engage in joint operational resiliency assessments, ensuring that both parties understand the technology and business landscape and potential vulnerabilities. Regular updates to protocols and SLAs should be implemented to quickly address new risks, reflecting a commitment to continuous improvement. Additionally, comprehensive training and awareness programs for staff can bolster the overall response times and support effective communication when it matters most.
Consider implementing a fast-track testing protocol for both routine and critical and routine updates, even for security software like CrowdStrike’s Falcon agent. Mobile device management and roaming devices can also support mass recovery, even if they can’t complete a standard OS boot. Apply similar strategies to physical and virtual machines, postponing updates until they can be tested on representative devices. Keep in mind that not every solution allows for the staging of updates, but this strategy should be a choice criterion for software solutions where possible.
After any incident, organizations should thoroughly review all security policies and procedures. Identify any gaps or weaknesses highlighted by the incident and revise your protocols accordingly. Conduct regular training sessions and simulated drills to ensure your team is well-prepared to handle real incidents effectively.
Wavestone is a global expert in ensuring our clients get the most value out of their managed services provider. Here’s how we helped BNP Paribas re-think its businesses and move towards platform models.
By fostering strong, proactive partnerships with IT service providers, organizations can not only mitigate the impacts of unforeseen disruptions but also harness the power of collaboration to drive continuous innovation and resilience in an ever-evolving digital landscape.
In Summation
The future of IT service provider relationships is being shaped by a range of emerging trends and technologies. From AI and automation to more advanced cybersecurity and agile methodologies, these trends are driving a shift towards more collaborative, flexible, and results-oriented partnerships. These are the types of relationships that are most likely to navigate outages like the CrowdStrike event successfully, with fewer impacts to organizations.
By embracing these trends and working closely with their IT partners, organizations can unlock new opportunities for innovation, growth, and security. The future of IT service provider relationships is bright, and those who are willing to adapt and evolve will be well-positioned to thrive in the years to come.
Contact us today to learn how we can help unlock hidden value in your business
Author
-
Michael Major
Manager – USA, Dallas
Wavestone
LinkedIn