INDUSTRY VIEW
Key takeaways
• What the incident does demonstrate is that only a small percentage of devices need to be taken offline to cause a major global incident .
• This small percentage are the devices that need to be kept secure and always operating .
• The most important message after the incident is not to skip the post-mortem or put the incident down to exceptional circumstances .
• Reviewing an incident , and learning from it , will improve your ability to deal with future incidents .
• This review should also consider the issue of reliance on just a few vendors .
• Review pitfalls of a monoculture technology environment , and benefits of implementing diversity in technology to reduce risk .
• It may be time for companies to examine how tested co-existence with competitors could lower risk and benefit customers .
• This could even take the form of an industry requirement or a standard .
• A post-mortem should also be conducted by those not affected by CrowdStrike Friday .
• One way to avoid such an incident is not to run technology that is so old that it cannot be affected by such an incident .
• It is unlikely there are any anti-malware products that still support and protect archaic technology .
• Old technology is not an answer , and it is not a viable cyberresilience plan . It is a disaster waiting to happen .
partners , but testing on the scale of CrowdStrike ’ s incident is likely to be impractical .
The most important message after the incident is not to skip the post-mortem or put the incident down to exceptional circumstances . Reviewing an incident , and learning from it , will improve your ability to deal with future incidents .
This review should also consider the issue of reliance on just a few vendors , the pitfalls of a monoculture technology environment , and the benefits of implementing diversity in technology to reduce risk .
No company can anticipate all scenarios and completely eliminate the risk of business operational disruption .
There are several reasons why companies select single vendors . One is , of course , cost-effectiveness , the others are likely to be a single-pane-of-glass approach and efforts to avoid multiple management platforms and incompatibility between similar , side-by-side solutions .
It may be time for companies to examine how tested co-existence with their competitors and diversified product selection could lower risk and benefit customers . This could even take the form of an industry requirement , or a standard .
The post-mortem should also be conducted by those not affected by CrowdStrike Friday . You have seen the devastation that can be caused by an exceptional cyber-incident , and while it did not affect you this time , you may not be as lucky next time . So , take the learnings of others from this incident to improve your own cyber resilience posture .
One way to avoid such an incident is not to run technology that is so old that it cannot be affected by such an incident . Over the weekend , someone highlighted to me an article about Southwest Airlines not being affected , reportedly due to the fact they use Windows 3.1 and Windows 95 , which , in the case of Windows 3.1 has not been updated for more than 20 years .
It is unlikely there are any anti-malware products that still support and protect this archaic technology . This old technology strategy might not give the confidence needed to fly Southwest anytime soon . Old technology is not the answer , and it is not a viable cyber-resilience plan . It is a disaster waiting to happen . •
INTELLIGENT TECH CHANNELS 17