Source URL: https://www.theregister.com/2024/09/19/german_crowdstrike_reaction/
Source: The Register
Title: 1 in 10 orgs dumping their security vendors after CrowdStrike outage
Feedly Summary: Many left reeling from July’s IT meltdown, but not to worry, it was all unavoidable
Germany’s Federal Office for Information Security (BSI) says one in ten organizations in the country affected by CrowdStrike’s outage in July are dropping their current vendor’s products.…
AI Summary and Description: Yes
Summary: The report by Germany’s Federal Office for Information Security (BSI) highlights significant repercussions for organizations affected by a CrowdStrike outage, with many changing vendors and altering security criteria. Despite the incident, CrowdStrike appears resilient, emphasizing the need for improved incident response and the importance of cybersecurity in modern enterprises.
Detailed Description:
The recent report from Germany’s Federal Office for Information Security (BSI) details the impact of an outage experienced by CrowdStrike in July, which affected numerous organizations across various sectors. The findings present crucial insights into vendor reliance and incident management in the realm of cybersecurity.
Key points from the report:
– **Vendor Trust Erosion**:
– One in ten affected organizations are considering abandoning their current security vendors.
– 4% have already switched, while another 6% plan to do so shortly.
– A significant portion expressed a willingness to change their selection criteria for security vendors.
– **Awareness and Response**:
– Most organizations learned about the incident via social media, indicating a gap in communication from CrowdStrike.
– Approximately 48% of organizations experienced temporary downtime, averaging ten hours, leading to operational disruptions and customer relationship strains.
– **Improve Incident Response**:
– In reaction to the incident, 66% of surveyed organizations intend to enhance their incident response plans.
– Acknowledgment that while total protection against security incidents is unattainable, efforts must be made to approach maximum resilience.
– **Collaboration for Improvement**:
– BSI is collaborating with CrowdStrike and other software manufacturers to enhance software quality and updates.
– Calls for organizations to take preventive measures and exercise greater control over update processes.
– **Attitudes Toward Updates**:
– Post-incident, over half of the organizations expressed a desire for more regular updates, even if the speed of past updates contributed to the issue.
– **Call for Cybersecurity Proficiency**:
– There is an urgent need for improved cybersecurity measures and in-house expertise within organizations to safeguard against future outages or attacks.
– The outage serves as a reminder of the vital role digital technology plays in various sectors.
These insights are particularly important for cybersecurity professionals and decision-makers in evaluating risk management, vendor stability, and incident preparedness. The findings also stress the continuity of learning and adaptation that organizations must undertake in response to cybersecurity incidents.