This week on the GeekWire Podcast, we explore the aftermath of the CrowdStrike outage, the larger forces at play, the future of cybersecurity, and the long-term implications for the world.
Our guest is Erik Moore, a veteran of the cybersecurity field and program director for the online Master of Science Program in Cybersecurity Leadership at Seattle University’s Albers School of Business and Economics.
Moore says cybersecurity companies are facing faster and more complex threats due to factors including AI, and geopolitical and financial forces, requiring quicker responses.
Current testing and deployment processes need to be overhauled to handle these new challenges effectively. But long-term, he’s optimistic about where the field and the world are headed.
In advance of our conversation, Moore provided these thoughts via email:
The recent CrowdStrike disruption may be attributable to deployment that wasn’t staged with smaller populations to detect flaws, regression testing that could have been more thorough, or package configuration management. While these things are part of regular and DevOp rollout cycles, this is likely not the big picture issue.
All companies offering cybersecurity defense applications are seeing a heightening in the threat profiles being driven by artificial intelligence and financial forces that are heading up the pace at which threat innovation occurs. This means that defensive companies needing to lean into more rapid response. As rapid response priorities increase, it can be critical to ensuring that a minimum of customers is affected by rapidly emerging threats. But this also means that the testing and deployment processes they have in place now are likely to be somewhat insufficient to the newer accelerated tasks. This is not that they were poorly designed, but that we’re hitting a new level of interaction where these processes will need to be redesigned. This will take a big effort.
In the meantime, what do we make of CrowdStrike? They’ve provided fixes, including manual ones if somewhat cumbersome. The disruption though does not reflect well on the company, at least at first. But it does perhaps show an outward sign that CrowdStrike is leaning in to this increased pace and putting pressure on their deployment infrastructure to accelerate protection against rapidly emerging threats. It was one of CrowdStrike’s advantages when they came onto the market as they moved us from weekly updates and quick manual fixes as we saw in the Log4J response, to near realtime updates through in-app pushes that can allow enterprises to dodge threats entirely. This responsiveness in July of 2024 is needing to move to a whole new level and every cybersecurity defense company is adapting.
Despite the disruption, in some ways it’s a very good sign that CrowdStrike is leaning into rapid defense, accelerating their deployment infrastructure, and beating the pace of malware deployment. That’s what I admire about them. But as this accelerates, they and all defending technologies, will have to carefully adjust their pace of innovation so that it’s not disruptive to business. They will need to innovate testing, deployment, and agent design so that these disruptions are minimized.
Moore expands on these thoughts in our podcast conversation, and offers a long-term view on the importance of working through these issues and realizing the benefits of technology for the world.
Subscribe to GeekWire in Apple Podcasts, Spotify, or wherever you listen.
Related Links
- GeekWire News Coverage: ‘A little frightening’: CrowdStrike outage puts Microsoft’s role in global IT back in the spotlight
- CrowdStrike Blog Post: Technical Details on Today’s Outage
- Seattle University: Master of Science Program in Cybersecurity Leadership
- CNBC: CrowdStrike update that caused global outage likely skipped checks, experts say
- KING-5: CrowdStrike Outage Hits Microsoft
- Channel News Asia: What do we know about CrowdStrike?
Post a Comment
0Comments