The flawed update necessitates manual intervention to resolve , specifically rebooting systems in safe mode and deleting the faulty driver file . This process is cumbersome and leaves systems vulnerable in the interim , potentially inviting opportunistic attacks .
This incident highlights the importance of rigorous testing and staged updates for EDR agents . Normally , testing is done with every release and can take days to weeks , depending on the size of the update or changes . The ease with which their driver files can be deleted also raises questions about the self-protection mechanisms of CrowdStrike ’ s software .
ANDREAS HASSELLÖF , CEO OMBORI
There is now a risk that companies might become hesitant to apply crucial updates , fearing similar outages . However , this approach would leave them more susceptible to cyber-attacks . It is absolutely vital that organisations do not overreact by avoiding updates altogether .
Instead , this incident underscores the critical importance of managing software
Mark Jow , Security Evangelist EMEA , Gigamon
SASCHA GIESE , GLOBAL TECH EVANGELIST , SOLARWINDS
What we saw is the result of an update that came with unexpected side effects . It would be easy to say it is a QA fail , but the reality is a little more complex . Security
Sascha Giese , Global Tech Evangelist , SolarWinds vendors are under constant pressure to keep up with zero-days , new ransomware , dynamic botnets , and nowadays even AI driven threats . They have to be on their toes when it comes to product development and updates .
This challenge extends to businesses using security software . Unlike many other solutions , most security tools are set to auto-update , so updates roll out automatically . Given the nature of risks and threats , there is little time to test each update thoroughly , and most organisations lack the workforce for extensive testing .
Andreas Hassellöf , CEO Ombori updates in a controlled , methodical manner . Companies should implement robust testing procedures , including staging updates in isolated environments that mirror their production systems before rolling them out widely . This approach allows for the identification and mitigation of potential issues before they can impact critical operations .
While no update process is entirely riskfree , a careful , staged approach to updates can significantly reduce the likelihood of such widespread disruptions while maintaining strong cybersecurity defences .
MARK JOW , SECURITY EVANGELIST EMEA , GIGAMON
This Microsoft IT outage demonstrates the need for more robust and resilient solutions so that when these issues do arise , they can be resolved quickly without causing such widespread customer chaos and security risk . Preparedness is key . Every IT and security vendor must have a robust system in place across its software development lifecycle to test upgrades before they are rolled out to ensure that there are no security flaws within the updates .
ALEXEY LUKATSKY , MANAGING DIRECTOR , CYBERSECURITY BUSINESS CONSULTANT , POSITIVE TECHNOLOGIES
This case reminds us of the importance of
secure development , since in this case it was most likely the lack of update checking both
Alexey Lukatsky , Managing Director , Cybersecurity Business Consultant , Positive Technologies on the side of the vendor and on the side of consumers who automatically installed all the updates that reached them , and led to a massive global outage around the globe .
In addition , this story shows us how firmly information technologies have become embedded in people ’ s lives and in various business processes , and how
INTELLIGENT TECH CHANNELS 43