_SOPA_Images_Limited_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop)
October 31, 2024 at 10:01AM
The July CrowdStrike outage highlighted risks in vendor security, prompting discussions on industry responses to such events. Companies should assess vendor reliability, avoid hasty changes, and maintain a balanced approach to updates. Leaders must act cautiously, avoiding panic-driven decisions while improving cybersecurity resilience and business continuity strategies.
### Meeting Takeaways
1. **Assess Vendor Reliability and Risk**:
– Companies must conduct a thorough evaluation of both existing and potential vendors’ reliability and risk before making any vendor switches after an incident.
– Notably, CrowdStrike Falcon has demonstrated high effectiveness despite the recent outage, with fewer than 3% of clients experiencing losses related to cyber-insurance claims.
– A history of frequent outages or vulnerabilities in a vendor, such as those observed with Ivanti, may justify consideration of alternatives.
– Consideration of costs beyond just pricing is crucial, including implementation time, staff training, and workflow adjustments.
2. **Avoid Radical Changes to Update Processes**:
– The CrowdStrike outage highlighted the importance of update cadence and testing frequency, but delaying updates may expose systems to new threats.
– While testing updates can provide a level of caution, defaults to immediate security measures are essential due to the evolving nature of threats.
– Organizations should tailor their update processes according to their specific risk tolerances, balancing speed and security.
3. **Don’t Panic**:
– Incidents should not be oversimplified as natural disasters; rather, a nuanced understanding of cybersecurity risks and proactive measures is needed.
– Companies should implement cyber hygiene practices, secure cyber insurance, and have a detailed action plan to mitigate financial impacts and operational disruptions.
– Reactive responses to cyber incidents are detrimental; decision-makers should focus on understanding the incident’s root cause and making informed, risk-based decisions for future resilience.
4. **Proactive Approach to Cyber Resilience**:
– Leaders need to integrate third-party risk management within their business continuity plans to enhance overall cyber resilience and ensure minimal disruption during incidents.
These strategies will help organizations maintain operational integrity and navigate challenges in the aftermath of cybersecurity incidents effectively.