Key Learnings from Today’s Microsoft and CrowdStrike IT Outage

Whether it is a retail player in Europe or an Airline in Asia, a critical communications service managed by a government agency or an enterprise service offering – triggered by a CrowdStrike update, Microsoft-driven systems are behaving erratically today and enterprise services are being impacted.

Today’s unprecedented global IT outage has initiated a worldwide disruption in operations for enterprise community. Enabling seamless security for their enterprise customers carries huge challenge faced by Microsoft and CrowdStrike.

           Microsoft's Blue Screen of Death

Key Learnings from Today’s IT Outage

Service Dependency and Redundancy –

Today’s outage highlights the importance of not relying solely on a single cloud service provider. Businesses should consider multi-cloud strategies or hybrid cloud architectures to ensure redundancy and minimize disruption.

Enhanced Testing, Monitoring and Response

Proactive testing of systems and updates should be performed, simulating actual IT environments before such updates are released on worldwide basis. Monitoring and swift incident response mechanisms are also critical towards enabling a swift response mechanism.

Implementing advanced threat detection systems and regular drills based on actual IT environments can prepare organizations for quick mitigation when such outages occur.

Communication and Transparency:

Effective communication during outages is essential extremely. Vendors such as Microsoft should always consider providing real-time updates through their service health status pages and help towards maintaining transparency with affected users.

Avoid Software Updates on Fridays:

Today's IT disruption has reiterated the fact that software updates should not be released on Fridays as it is marks the end of the week and hence, a lot of people travel from one place to the other and more importantly, a lot of IT support staff may also be unavailable on Fridays.

In conclusion, today’s global IT outage has created ripples across the the global IT and communications fabric. It will take a lot of effort from Microsoft and CrowdStrike to regain trust from their enterprise user communities. As a result of this, there is critical need for enterprise to go for robust, adaptive, and multi-layered cybersecurity strategy today.

Businesses should prioritize advanced threat detection, cloud security, proactive threat hunting, and ensure their operations can withstand and quickly recover from service disruptions. Investing in comprehensive and user-friendly security solutions can mitigate risks and protect organizational assets in an increasingly hostile cyber landscape today.

Sharing his views on the global IT outage, Srirang Srikantha, Founder & CEO, Yethi Consulting says, "The outages represents how fragile and interconnected our systems are. Companies like MSFT have great practices, and the fact that a bug passes through its process is unfortunate. It reiterates the need for good practices of testing before releasing new software to production systems."

Manoj Ajgaonkar, Partner, Digital, Trust and Transformation, Forvis Mazars in India, commented, "The recent global outage affecting millions of Microsoft Windows users, resulting in the "Blue Screen of Death" error, poses significant operational challenges and heightens cybersecurity risks by exposing systems to exploitation. It is important to understand the critical nature of these disruptions and their impact on businesses. To safeguard our clients' interests and ensure resilience, it is crucial to address these issues proactively with robust backup systems, automated rollback mechanisms, rigorous testing of updates, and comprehensive business continuity plans. During such outages, systems are more vulnerable to cybersecurity threats, leading to potential data breaches and unauthorised access. As suggested by OEM, the current issue involves booting Windows into Safe Mode, deleting a specific file in the CrowdStrike directory, and rebooting the system. While time-consuming, it restores system stability. At Forvis Mazars, we are committed to helping our clients navigate these challenges by implementing advanced cybersecurity measures, conducting regular security audits, and providing client education to keep their operations secure and resilient amidst digital disruptions."