This past summer’s “CrowdStrike incident” – which began as a “minor” error – came as close to a total system crash as the world has yet seen. It grounded airlines, hospitals were forced to cancel surgeries, and retailers couldn’t process digital payments.
The issue was made worse because though a patch was quickly released, it required every single computer impacted to be manually restarted.
However, just months later there are signs that it was a wakeup call for IT and cybersecurity specialists. Instead of ignoring the issue and hoping it was an isolated incident – as has happened following past cyber attacks and security breaches – most are responding.
According to the findings of the recently released OTRS Spotlight: Corporate Security 2024 study, 93% of all IT and cybersecurity specialists and teams indicated that they’ve already taken measures to better prepare for the next incident – including diversifying their IT and software landscape.
More than one-third (39%) of the professionals surveyed said they have introduced additional testing for new patches and updates. A year ago, around half of those surveyed (49%) had employed automated routine tasks while retaining human control over critical decisions. Since the incident, the proportion has increased to 57%.
“It’s a cat-and-mouse game: attackers are taking advantage of new technologies such as artificial intelligence and machine learning to attack more frequently, more quickly, and with greater sophistication. On the other hand, security teams are chasing after them and trying to streamline and speed up their processes through automation,” said Jens Bothe, vice president of information security at the OTRS Group. “But it is an unequal battle.”
Lessons Learned – Will It Last
The CrowdStrike incident occurred less than two months ago, and it is clear that while IT and cybersecurity specialists haven’t forgotten about it, it is old news for everyone else. Those on the frontlines of cybersecurity have long paid attention to attacks and responded.
Yet, the severity of this incident – which wasn’t even an attack – highlights how even a small glitch can bring networks crashing down like a house of cards.
“I don’t know that the CrowdStrike disaster gets the attention of companies any more than the long string of other security issues that preceded it,” explained Dr. Jim Purtilo, associate professor of computer science at the University of Maryland. “We can hope! But if they haven’t noticed by now then it takes a serious optimist to believe they’ll say ‘this time for sure!'”
As a wake-up call, the incident also highlighted that no one is immune to cyber breaches.
“These cyber incidents have become a common part of doing business, forcing companies to prioritize reducing end-point security risk in the long run,” said technology industry analyst Susan Schreiner of C4 Trends.
“Companies are increasing their investments in CrowdStrike as well as in its competitors, which provide real-time protection and comprehensive threat visibility against advanced endpoint threats like malware and ransomware, network security, application security, and cloud security, based on financial and other reports,” Schreiner told ClearanceJobs.
Shift in the Job Market
The incident also served as a reminder that there remains a high demand for skilled cyber professionals in the job market.
“It is expected that by 2025 there will be 3.5 million unfilled cyber security jobs due to a lack of skilled professionals and a growing need to secure more and more systems, according to eSecurity Planet,” added Schreiner. “Competitors to CrowdStrike have seen an uptick in business such as Palo Alto Networks, Fortinet, SentinelOne with its Singularity Platform, Trellix with its Endpoint Security Suite, Sophos with its Intercept X, Symantec with its Endpoint Security Complete, and Microsoft with its Defender for Endpoint, as well as others.”
Short Memories
Though the efforts to ramp up security have increased, it won’t make the IT and cybersecurity community immune from future glitches or attacks. Due diligence will need to be maintained around the clock, and systems regularly secured and patched.
This may have been a reminder that security isn’t something that can be scaled back due to budget demands.
“Given that cybersecurity is a costly investment for companies in a climate where their survival is based on performance, cybersecurity is akin to an ‘insurance’ for them. It is clear that cybersecurity is here to stay and will likely become a standard investment for companies across the board,” Schreiner told ClearanceJobs.
In the short term, may also cause IT and cybersecurity teams to more closely examine their networks, but that alone may not solve the problem .
“If anything then the insidious nature of this problem – a classic demonstration of supply chain challenges – might make someone toss up their hands in frustration and conclude that volume of vulnerabilities baked into today’s complex market leaves little more to be done,” warned Purtilo. “A security officer might have felt they were offering diligence by leveraging one vendor’s packages, but there they are relying on services that themselves turned out to be vulnerable.”
