Microsoft’s severe global operational outage that happened today 19th July, caused widespread disruptions across various sectors. This incident had significant implications for businesses and consumers alike, highlighting vulnerabilities in our increasingly interconnected digital world.
How did the outage occur?
The outage was triggered by a flawed cybersecurity update from CrowdStrike, a third-party software platform, which led to a series of failures across Microsoft’s services such as users worldwide encountering issues accessing services like Outlook, Teams, and OneDrive as well as the infamous ‘blue screen of death’ on Windows devices, signalling a critical system error. Microsoft acknowledged the issue and has been working diligently to resolve it.
Who is CrowdStrike?
CrowdStrike is a cybersecurity technology company known for its endpoint protection, threat intelligence, and cyberattack response services. Founded in 2011, the company provides advanced security solutions to detect, prevent, and respond to cyber threats with its Falcon platform renowned for its robust detection capabilities and real-time protection against a wide range of cyber threats.
Who is affected
The impact of the outage was felt globally. Critical services such as emergency response systems, flights, and banking operations were disrupted. Pharmacy services in the UK have also been disrupted, including the accessing of prescriptions from GPs and medicine deliveries. Washington DC had suspended all train services due to the IT outage. Airlines experienced massive operational challenges, leading to the cancellation of over 1300 flights worldwide and businesses relying on Microsoft’s cloud services faced productivity losses.
Cybersecurity Failures
It might seem extreme that a piece of cyber-security software can cause such a huge amount of damage; but these products are, by their nature, deeply ingrained within each computer network. They have “god-like” access to all the inner workings of an IT system for obvious reasons. These “End Point Protection” programmes have to be able to monitor the inner workings of computers to search for abnormalities that might be malicious software, or hackers poking around inside databases.
At the heart of the outage was a driver issue related to CrowdStrike’s Falcon Sensor security software. A defective update caused widespread ‘blue screen of death’ errors, disrupting normal operations and connectivity for Windows-based systems. This incident underscores the potential risks associated with cybersecurity solutions and the need for rigorous testing and backup protocols.
Third Party Service Providers and Cybersecurity
Businesses often rely on third-party service providers for various functions, ranging from cloud storage to cybersecurity solutions. While these partnerships offer numerous benefits, they also introduce potential cybersecurity risks that need to be carefully managed. You should definitely be aware of:
- Risk of Data Breaches: Third-party service providers may have access to sensitive company data. Any security lapses on their part can lead to data breaches, compromising your business and customer information.
- Service Reliability: Dependence on third parties means that any disruption in their services can directly impact your business operations.
- Security Integration: Ensuring that the third-party solutions integrate seamlessly with your existing security infrastructure is vital to maintain a strong defence against cyber threats.
- Reputation Risks: A security incident involving a third-party provider can tarnish your company’s reputation, even if the fault lies with the provider.
Safeguarding your Business and your Clients
To mitigate the impact of such outages, businesses and individuals must adopt a proactive approach to cybersecurity. Key steps include:
- Due Diligence and Vetting: Conduct thorough research and vetting of potential third-party service providers. Assess their security measures, past performance, and compliance with industry standards.
- Regular Audits and Assessments: Perform regular security audits and assessments of your third-party providers to ensure they maintain high security standards.
- Regular Updates and Patching: Ensuring systems are consistently updated to protect against known vulnerabilities.
- Robust Backup Solutions: Implementing reliable backup protocols to maintain data integrity and availability.
- Training and Awareness: Educating staff on how to respond to IT emergencies effectively.
- Incident Response Plans: Developing and regularly updating contingency plans to minimise downtime and ensure business continuity.
- Continuous Monitoring: Using advanced monitoring tools to detect and address issues promptly within your business’ cybersecurity framework and third-party activities.
- Clear Contractual Agreements: Establish clear contractual agreements that outline security expectations, responsibilities, and consequences for non-compliance.
In conclusion, the Microsoft global operational outage serves as a stark reminder of our reliance on technology and the importance of cybersecurity vigilance. It is imperative to learn from this incident and strengthen our digital infrastructures to withstand future challenges. By adopting a proactive and comprehensive approach to cybersecurity, we can better prepare for and mitigate the impact of similar disruptions in the future.
How Complyport can help
Our Operational Resilience and Cybersecurity team specialises in building robust and digitally enabled solutions to strengthen your Operational Resilience and Cybersecurity capabilities. Our comprehensive range of services is designed to support your journey towards Operational Resilience and Cybersecurity regulatory compliance.
Here is how we can assist you:
- Operational Resilience Programme Support
- Ongoing Operational Resilience Support
- Comprehensive IT Audit, IT Audit Report, and Annual IT Audit Plan
- Cyber Risk Management Support
- Third Party Risk Management Services
- Efficient Day-to-Day Operational Processes
- Operational Resilience Assurance
- REP018 Report
