Key Takeaways
- The CrowdStrike incident caused operational disruption and financial loss for organizations across all industries.
- Having an incident response and disaster recovery plan is vital to successful navigation and quick remediation of disruption.
- Outsourced and managed IT services provide organizations with critical resources during outages.
When cybersecurity company CrowdStrike released a faulty software update in July 2024, approximately 8.5 million Windows devices were affected. The incident had a significant global impact, disrupting organizations across all industries, including airlines, banks, hospitals, and government services. Despite the rapid fix release, many systems required manual intervention to recover, prolonging the outages.
Eide Bailly’s outsourced managed IT and security solutions team played an active role in helping organizations recover. Principal Mike Steiner explains, “Clients that relied on CrowdStrike’s endpoint security experienced downtime, potentially leading to interruptions and delays in routine business operations. The CrowdStrike disruption meant an immediate and urgent response was necessary by our team to mitigate the impact to our clients.”
The CrowdStrike incident was one of the most widely publicized outages in the history of information technology, but it was not the first — and it certainly will not be the last. Technology will continue to pose opportunities for disruption, and for organizations not utilizing an outsourced IT provider, an effective incident response plan is the most significant factor in recovering quickly.
Effects of the Outage
The CrowdStrike incident caused operational disruptions, financial losses, and supply chain disruptions.
-
Operational Disruptions
System crashes and boot failures halted operations for organizations in various industries, forcing one airline to cancel 7,500 flights over five days and downing emergency response systems nationwide.
-
Financial Losses
Many retail organizations were unable to process payments, manage sales, or handle inventory, resulting in temporary closures and loss of sales. Additionally, many organizations faced additional IT recovery costs and potential fines for failing to meet service-level agreements.
-
Supply Chain Disruption
This incident caused delays and temporary shutdowns for both shipping ports and air freight, delaying goods and creating a ripple effect across industries.
Incident Response and Disaster Recovery
By following these comprehensive steps, organizations can effectively manage and recover from incidents like the CrowdStrike outage, minimizing impact and ensuring business continuity.
Incident Response Plan
An effective incident response plan includes the following components:
Disaster Recovery Plan
An effective disaster recovery plan is composed of the following:
Example: Successful Navigation of the CrowdStrike Outage
The following is an example of how being prepared and having access to the right resources helped one organization successfully navigate the CrowdStrike incident.
Our client, an energy and agronomy co-op serving a tri-state area, has a thorough incident response plan, ensuring they are ready to act swiftly. Continuous monitoring allowed for quick detection of the outage. However, with the head of their IT department on vacation at the time of the incident, they were left without an on-site staff member to remediate the problem. Our outsourced managed IT and security team quickly accessed their servers remotely to restore systems quickly and minimize their downtime.
Moving Forward with Confidence
Whether you want to increase performance and response time in preparation for a future incident or need immediate incident response assistance, our team can help. We will take the time to understand your unique situation and share actionable insights with your team at any level, from leadership to technical staff.