Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community
After CrowdStrike outage, what will become of automatic IT updates?
Businesses around the world screeched to a halt on July 19 after millions of Windows computers crashed, flashing the dreaded blue screen of death. The culprit: a software update in security vendor CrowdStrike’s platform, which led to hours of disruption for some — and days for others.
2 Min Read
Businesses around the world screeched to a halt on July 19 after millions of Windows computers crashed, flashing the dreaded blue screen of death. The culprit: a software update in security vendor CrowdStrike’s platform, which led to hours of disruption for some — and days for others.
The IT outage grounded airlines across the country and crashed banking apps, showing the tangible effects a bad piece of code can have in any IT-dependent operation.
In the aftermath of the CrowdStrike outage, analysts stressed to CIOs and other tech leaders the need for closer scrutiny over automatic software updates. Part of the problem is a steady push toward broader IT automation and the industry’s disproportionate reliance on centralized vendor updates.
“There’s been an almost crazed drive towards automation of SaaS over the last five years,” said Phil Fersht, CEO and chief analyst at HFS Research.
“This is a big, big wake up call to the whole IT industry’s overreliance on a blind trust that everything’s just going to be upgraded,” said Fersht. “Fairly small code issues can cause massive ramifications as we’ve just seen.”
The faulty update that triggered CrowdStrike’s global outage was live for little more than one hour, but automated updates amplified its reach. Fortune 500 companies grapple with financial losses from the outage, surpassing $5.4 billion, according to one estimate.
“I think it’s just been a little bit of complacency,” Fersht said. “Too much trust in big tech that, as long as we buy Microsoft, for example, everything’s going to be fine.”
Automation frustration
The CrowdStrike outage showed the consequences of a critical software failure landing in widely adopted solutions by way of automatic updates.
Automating IT updates slowly grew in popularity, driven by the availability of package-manager utilities in Unix and later Linux, said Charles Betz, research director at Forrester. Centralized patch management soon emerged for laptop fleet management, and then Microsoft’s move to cloud-based solutions like Microsoft 365 provided a watershed moment.
To read the complete article, visit Cybersecurity Dive.
