A major vendor outage like the recent CrowdStrike incident can spark a knee-jerk reaction in business leaders, leading to drastic changes that may introduce new security holes. To avoid this, companies should assess vendors’ reliability and risk, avoid radical changes to their update process, and take a proactive approach to cybersecurity.
Assessing Vendors’ Reliability and Risk
Before switching vendors after an incident, businesses must evaluate both the existing and potential vendor’s overall reliability and risk. It’s essential to put a vendor’s long-term track record into perspective and consider the costs of switching vendors beyond the sticker price.
Avoid Radical Changes to the Update Process
While it may be tempting to delay updates due to the risk of new exploits, quick security updates are crucial in counteracting emerging threats. Businesses must find a balance between testing and rolling out updates, taking into account their specific organization’s risk tolerance.
Don’t Panic
Incidents like CrowdStrike should not be likened to natural disasters, as this oversimplification can distract from the root cause of the issue. Instead, companies should focus on understanding the incident, learning from it, and making risk-driven decisions that mitigate financial loss and improve overall cyber resilience.
Source: https://www.darkreading.com/vulnerabilities-threats/case-against-abandoning-crowdstrike-post-outage