As the chaos caused by the enormous IT outage last Friday (19 July 2024) begins to subside and systems continue to return online, Managing Director of Link ICT, Mark Fryers offers his reaction.
The outage was caused by a software update and affected many businesses and organisations with Windows users running the cybersecurity software called CrowdStrike Falcon. Naturally many questions are now being asked as to how an accidental error in a software update issued by an independent cybersecurity company can have such an effect on systems worldwide.
Firstly, although this has been a nightmare for lots of people, please do not be deterred from using them as these security packages are still necessary to protect your data and business operations from cyber risks.
Whilst CrowdStrike’s CEO apologised for the disruption and said a fix had been issued, he admitted it could be “some time” before all systems were back up and running – which will be little consolation to the businesses and people affected. However, you will have seen that some companies will have managed to get back up and running more quickly than others. This is because they have well-resourced and experienced IT teams supporting them so that even when something unexpected like this happens they have back up plans designed to help systems return to normal operation so that downtime is minimised.
The learning point from this outage is to revisit your IT Risk Management Plan and ensure that it is robust and that it reflects your current business operations and the hardware and software used by your company and its supply chain.
Going forward, I think we will see software companies take even more precautions and rigorous testing prior to releasing software updates and much more communication in advance to warn that updates will be rolled out so that IT teams can be on standby should the update cause problems. It also makes sense to stage the rollout of these updates so that they don’t affect all systems at once.