What the crowdstrike issue means to SMBs
and what we can learn from it  

Mark Lomas, technical architect, Probrand

Cyber Threat

Issues at Crowdstrike have led to global software outages, including on some Microsoft systems, causing downtime, reduced productivity and more.

It's become clear that this issue impacts Windows systems, both Server and Endpoint. As such, the impact is not native to cloud services, but effects on-premises systems and PCs too.

This type of major outage of IT systems globally is unprecedented in the industry, but the fact this issue came about – not because of a cyber-attack – but because of an update to CyberSecurity software, will raise many questions.

Protect Your Business with Expert Cyber Security Solutions

Safeguard your organisation against evolving cyber threats with Probrand's comprehensive cyber security services. From threat detection to robust defences, we’ve got you covered. Explore our Cyber Security Services

The impact to many smaller businesses will likely be secondary.

Whilst CrowdStrike does offer small business products, the primary market is typically enterprise.

Learn how to protect your business from cyberattacks in Three Invaluable Tips to Combat Cyberattacks.

As a result, SMEs are seeing an impact in a 'knock on' fashion. Where they rely on large technology partners (including cloud providers) for their IT services, an impact of unavailable systems has occurred for some.

Other areas of impact have been seen in areas like supply-chain and delivery. Large distribution partners and delivery service providers have been impacted by the IT outages. This has again had a knock-on effect, with product availability and delivery being disrupted.

Likely the full fallout may not be known for some time, but clearly this will have a significant impact on businesses of all sizes.

The focus must primarily be on process. How could a patch with such a broad and significant impact pass through quality control? Were the patch management testing processes at individual organisations robust enough?

These questions must apply to all software and systems, regardless of their origin, and two key aspects emerge.

First, software vendors need to become much more transparent about their software and patch management processes, including both development and testing. Auditing and reports on these processes may even have to become mandatory for some organisations, with the possibility of new standards emerging in this area.

Second, customers need to assess their patch management process. The 'leave it on automatic' approach to patching may not be appropriate for critical systems. Clearly, a review of the 'stability vs security' axis is needed, especially for critical infrastructure. It will be vital to consider whether a more static configuration approach, with a stronger focus on long term stability, is required.

Many major tech vendors already offer solutions for taking robust control over update cadence, alongside design guidelines that can be applied to the broader software stack and this will result in major questions for IT departments. Most notably whether such opportunities were overlooked and missed, and steps need to be taken to address this.

Explore backup and recovery strategies in The Ultimate Guide to Backup and Disaster Recovery.