Defaulting to open: Decoding the (very public) CrowdStrike event

We are currently living in a time where cyber incidents are becoming more prevalent, from WannaCry to MOVEit. However, it is not often that a vendor finds themselves at the center of such a significant incident. CrowdStrike recently experienced an IT outage that brought them into the global spotlight, raising questions about our reliance on certain organizations and the potential consequences of a cyber attack.

Following an incident of this magnitude, there is a natural demand for answers, accountability, and responsibility. Understanding the root causes of failures is crucial for building a stronger and more resilient community. Cyber security professionals often reflect on incidents like this to determine the root causes and implement prevention and response plans.

While the recent IT outage was not a traditional cyber security breach, it highlights the importance of secure software development. Relying on a few companies for essential infrastructure creates vulnerabilities and single points of failure that can be incredibly risky.

CISA’s Secure By Design pledge is a positive step towards promoting secure software development. However, achieving industry-wide adoption will require a combination of regulation, government guidance, and collaborative efforts. Building security into the development process is essential, even if it may initially seem time-consuming and costly. In the long run, prioritizing security can save time and money.

In addition to security considerations, effective crisis communication is crucial for managing the impact on customers, partners, and stakeholders. How a company handles a crisis can significantly impact its future.

CrowdStrike’s response to the incident was commendable. The company maintained transparency, focused on moving forward, and provided regular updates and a detailed post-incident report. Transparency is essential in the cybersecurity industry, where secrecy often prevails.

Furthermore, CrowdStrike’s engagement with the community following the incident demonstrates a humble approach to rebuilding trust. Accepting the ‘Most Epic Fail’ Pwnie award at DEF CON shows a willingness to acknowledge mistakes and work towards improvement.

Transparency should be the default approach in the cybersecurity industry, not just during times of crisis. Openness is key to security, stakeholder satisfaction, and resilience.

Elliott Wilkes is CTO at Advanced Cyber Defence Systems. With over a decade of experience working with the American and British governments, Wilkes brings a wealth of knowledge as a cyber security consultant to the Civil Service.