triggered by a faulty CrowdStrike update, sent shockwaves through the tech world. As the dust settles, we in the cybersecurity industry are taking stock of the incident’s far-reaching implications.
A week after the incident, confusion still lingers. The biggest challenge we are seeing is that there is a lot of misunderstanding about exactly what went wrong and who was responsible for the outage. Some are still pointing fingers at Microsoft, and the confusion does not help the cause. Having such a certificate shows Microsoft considers the software to be genuine and secure. It allows CrowdStrike to quickly deploy applications into the core of the operating system to address cyberrisks. While all IT vendors have encountered problematic files affecting users, the severity of this case was unprecedented. Usually, you simply roll back the deployment, but because this one was running in the kernel, it was a tough recovery.
One of the most promising developments emerging from the crisis is the possibility of a new collaborative approach to software testing and deployment. I envision a global testing alliance that could revolutionise the validation of updates before release.