The Recent CrowdStrike IT Outage Will Reinforce Old Enterprise Reservations against Using the Cloud—Vendors and Service Providers Will Need to Take Decisive Steps to Mitigate

By Leo Gergs | 3Q 2024 | IN-7456

Registered users can unlock up to five pieces of premium content each month.

Log in or register to unlock this Insight.

On July 19, 2024, a faulty cybersecurity software update from CrowdStrike-a cybersecurity specialist based in Huston, Texas-caused widespread outage of Information Technology (IT) systems around the world, causing Windows computers to crash (what is colloquially referred to as the "Blue Screen of Death"). Therefore, operations in various enterprise verticals, including manufacturing, media & entertainment, transportation, healthcare, and public services, came to a standstill. While CrowdStrike identified the issue swiftly to mitigate the disruption, the incident laid bare in a painful way the vulnerabilities of digitized and connected enterprises.

The impact of this IT outage was grave worldwide. Financial institutions, heavily reliant on robust cybersecurity measures, faced severe operational disruptions, risking sensitive data breaches and undermining customer trust. Tourism came to a halt-right at the peak of the holiday season-as airlines found themselves unable to check-in their passengers, creating nothing but chaos at several airports across the world. Broadcasting channels were forced to pause their activities, while manufacturers experienced disruptions to production. Hospitals had to call off countless pre-planned operations as they could not access patients' electronic health records to determine the correct medication. Emergency services, including police, fire departments, and emergency medical services, experienced significant setbacks. The malfunction impaired communication systems, delayed response times, and jeopardized the integrity of critical data, which are vital for coordinating emergency responses, while government agencies faced disruptions when trying to access highly safety-critical data.

All of this comes at a time of growing geopolitical tensions and increasing threats of cyberattacks from both state and non-state actors. Enterprises and governments will have to rethink their digitization strategies to increase their resilience and become more reluctant to using public off-premises assets. It is important to stress that the incident itself affected private enterprise hardware in the same way as it affected public deployments. It will, however, fuel a general level of skepticism of enterprises-particularly industrial ones-when it comes to processing any of their Operational Technology (OT) data on either private or public clouds. Consequently, it will fundamentally change enterprises' perception of public cloud assets-both in the short and long term.

In the short term, enterprises will put an even stronger emphasis on on-premises data storage to minimize the attack surface for a potential cybersecurity outage. In particular, industrial enterprises will be even more wary of handing over any of their highly critical data on production environments, the conditions of their machines, or vital supply chain data to either a public or private cloud. In contrast, they will look for alternative on-premises opportunities to protect those data as much as possible, even at the cost of strengthening walls around already existing data silos.

In the long term, the cost-saving and efficiency enhancement effects of cloud assets will bring both public and private clouds back into the discussion of enterprise digitization strategies-particularly, as companies across different verticals intensify the adoption of (generative) Artificial Intelligence (AI) use cases, which require a large amount of data to be trained properly. To reestablish enterprises' trust in cloud assets, however, they will ask for a lot more robust cybersecurity measures.

One positive lesson from the recent CrowdStrike outage is that the disruption after the malfunctioning software update was an important stress test for enterprise IT systems and has highlighted the need for more resilient security measures in order to be protected against a serious, malicious cyberattack.

Regardless of whether the incident around malfunctioning CrowdStrike software upgrades provides enough ground for general skepticism against public and private clouds, vendors and cloud service providers have to be prepared to be confronted with this attitude when approaching enterprises. Therefore, any of these digitization providers will need to do even more to determine enterprise requirements and expand their resilient cloud solutions. Enterprises will use these aspects to benchmark different vendors against each other. Particular emphasis should be spent on developing an even more resilient cybersecurity strategy, which in an ideal case, does not rely on security software from just one vendor.

• Cloud service providers should intensify the development of unified hybrid platforms. Anticipating the increasing interest in the combination of private and public cloud assets, hyperscalers and cloud service providers should work on reference architectures and blueprints on how vertical-specific hybrid cloud solutions can look like.
• Crucially, this involves investing in creating platforms that enable seamless integration with on-premises systems, featuring user-friendly migration tools and centralized management dashboards.
• To drive the availability of sovereign cloud solutions, cloud service providers should increase investments in regional data centers for sovereign clouds. Earlier this year, Amazon Web Services (AWS) announced an investment of more than US$7 billion in building up a sovereign cloud infrastructure in the German state of Brandenburg. Other service providers should match that commitment.
• Aside from providing a clear and reliable cloud migration path, system integrators should be prepared to conduct regular security audits and managed security services. This can include offering, for example, bi-annual security audits with detailed remediation plans, and offering 24/7 managed services, including real-time monitoring, maintenance, and rapid incident response.
• Telco connectivity providers should focus on developing edge computing solutions to integrate with hybrid cloud setups. Edge computing allows highly critical enterprise data to remain on enterprise premises, allowing them to retain maximum control. Because of this, edge computing will become an even more important building block for enterprises' digitization strategies. Consequently, telecoms industry players should design their edge offerings so that they can integrate with both private and public cloud assets of an enterprise's digitization solution.