Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security IT

1 In 10 Orgs Dumping Their Security Vendors After CrowdStrike Outage (theregister.com) 14

Posted by BeauHD from the cause-and-effect dept.
An anonymous reader quotes a report from The Register: Germany's Federal Office for Information Security (BSI) says one in ten organizations in the country affected by CrowdStrike's outage in July are dropping their current vendor's products. Four percent of organizations have already abandoned their existing solutions, while a further 6 percent plan to do so in the near future. It wasn't explicitly said whether this referred to CrowdStrike's Falcon product specifically or was a knee-jerk reaction to security vendors generally. One in five will also change the selection criteria when it comes to reviewing which security vendor gets their business. The whole fiasco doesn't seem to have hurt the company much though, at least not yet.

The findings come from a report examining the experiences of 311 affected organizations in Germany, published today. Of those affected in one way or another, most said they first heard about the issues from social media (23 percent) rather than CrowdStrike itself (22 percent). The report also revealed that half of the 311 surveyed orgs had to halt operations -- 48 percent experienced temporary downtime. Ten hours, on average. Aside from the obvious business continuity impacts, this led to various issues with customers too. Forty percent said their collaboration with customers was damaged because they couldn't provide their usual services, while more than one in ten organizations didn't even want to address the topic. The majority of respondents (66 percent) said they will improve their incident response plans in light of what happened, or have done so already, despite largely considering events like these as unavoidable. The report highlights a curious finding that over half of CrowdStrike customers wanted to install updates more regularly, even though that would have been worse for an organization.

"Regardless, with the number of urgent patch warnings we and the infosec community dish out every week, it's probably a net positive, even if it's slightly misguided," concludes The Register.

1 In 10 Orgs Dumping Their Security Vendors After CrowdStrike Outage More | Reply

1 In 10 Orgs Dumping Their Security Vendors After CrowdStrike Outage

Comments Filter:

  • ... premiums just went up.

  • Security is a necessary thing, but I question how it gets sold to folks. I see a lot of scare tactics out there "Can you afford an outage or reputation damage?" or "Threats are everywhere but we'll shield you with our secret sauce software" or "You can get put out of biznass super easily, but not if you pay for our audit services." Might as well skip to "Nice business you got there, be a shame if anything happened to it."

    Sure, there are events that could definitely put you out of business under the wrong

    • "Not having backups" is not only *not* the only concern ... it's not even the top one, for many companies.

      For instance, *data* breaches are a much, much bigger concern to many. Who cares if you have backups of your customer's sensitive info ... when that info exposed to the world?

      • True statement. I'm not saying security isn't important or that it's not difficult. However, I think it is something folks should consider before drinking the entire bottle of Kool-Aid. If you have a big important customer database with PHI in it, by all means try hard to keep it secure. However, putting the security team in charge of every new project and empowering CISSP types to quash products and stifle engineering isn't always the appropriate response, either.

  • Insanity (Score:3)

    by sunderland56 ( 621843 ) on Thursday September 19, 2024 @03:59PM (#64800659)

    So, because of one bad vendor, people are going to run with no security at all? Good luck with that. When you're hacked, you can go to the press conference and proudly proclaim "we were running no security software".

    I had horrible luck with a Ford once. Didn't make me stop buying cars.

    • So, because of one bad vendor, people are going to run with no security at all?

      No, they are dropping their current security vendor and the summary says that it's not clear whether that is related to the one bad vendor or not. It does not say anything about what they are intending to do in the future only that they are not continuing with the security solution they currently have. It's hard not to see this as a lot of companies bailing from Crowdstrike but the summary specifically says that there is no data regarding that yet.

      I strongly suspect, since it indicates that 20% are chan

    • So, because of one bad vendor, people are going to run with no security at all? Good luck with that. When you're hacked, you can go to the press conference and proudly proclaim "we were running no security software".

      I had horrible luck with a Ford once. Didn't make me stop buying cars.

      This is the most sane thing I've heard tech companies do. Nope, not dropping security...just actually paying attention to it. This is what we want, isn't it?....for companies to do their homework and give business to those who deliver and stop giving it to those who don't!

  • Only 1 in 10 are dropping their security vendors!

    • 10% of customers are switching vendors and signing new contracts? That sounds like a healthy industry to me.

  • What would have been interesting is how many are dropping Cloudstrike.

    • It's probably not 100%, but given the timing still I think it's safe to say that most (and close to all?) aren't leaving some random company: they're leaving Crowdstrike.

  • Modern security products seem to increase... (Score:5, Interesting)

    by PubJeezy ( 10299395 ) on Thursday September 19, 2024 @04:26PM (#64800753)
    Modern security products seem to increase your attack surface rather than reduce it. SaaS is the cornerstone of all of these products and monetizing SaaS requires persistent connections which simply create another path for threat actors.

    The reality of cyber-security is that it can't be engineered because the social engineering and financial engineering of a company or product will always be the real vulnerability.

    The whole world has realized that they need to start air-gapping databases and hiring in-house devs to make their own security products and protocols that don't require creepy persistence connections to massive centralized actors.

    Vendors are a massive liability but talented employees are an even bigger asset.
    • I don't necessarily disagree with where you're going here, but can you elaborate on this:

      The whole world has realized that they need to start air-gapping databases

      I've worked at government contractors that had real air-gaps for things like their databases, but that does not seem to be the norm for the rest of the world. How would ordinary businesses make use of their databases if they are not network accessible under any circumstances, printed reports? Some sort of unidirectional transmission? What sort of data ingress are they using?

      I ask this because I have been involved in

  • is that 9 out of 10 affected customers are apparently *sticking with* CrowdStrike.

Slashdot Top Deals

"I never let my schooling get in the way of my education." -- Mark Twain

Close