CrowdStrike vows to boost testing post IT outage

July 25, 2024
1 min read


TLDR:

  • CrowdStrike faced backlash for only offering a $10 UberEats voucher as an apology for a global IT outage.
  • The firm caused chaos across airlines, banks, and hospitals affecting 8.5 million computers worldwide.

Full Article:

CrowdStrike received criticism for only offering a $10 UberEats voucher as an apology for a global IT outage that affected airlines, banks, and hospitals. The cybersecurity company’s faulty software update resulted in chaos for millions of PC users who experienced “blue screens of death.” The firm’s CEO, George Kurtz, apologized for the impact of the outage but analysts pointed out major mistakes in their handling of the situation.

The firm’s gesture of a $10 voucher was met with derision on social media, with some recipients reporting that the voucher did not work, leading to frustration. The incident led to financial losses for many businesses, with the top 500 US companies facing around $5.4 billion in losses, only a fraction of which was insured.

Congress has opened an investigation into Delta Airlines’ handling of the outage, and CrowdStrike’s CEO, George Kurtz, has been called to testify in front of Congress about the incident. The House Committee on Homeland Security warned about the national security risks associated with network dependency and gave CrowdStrike until Wednesday evening to schedule a hearing.

While CrowdStrike has pledged to improve its software testing to prevent a similar incident in the future, cybersecurity experts criticized the company for not having proper guardrails in place to prevent such crises. The lesson learned from the incident was the need for better testing protocols and checks before deploying updates to all customers at once.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and