CrowdStrike is not an Isolated Instance: It Could Happen To You
On July 19th at ~1:00AM EST, CrowdStrike pushed a security update which led to a Blue Screen of Death (BSOD) on Windows systems. It downed systems worldwide such as hospitals, airlines and more. Your security team needs a distributed, “decentralized” approach when it comes to cybersecurity providers or you may fall under the same fire as Microsoft.
The CrowdStrike Outage: A Wake-Up Call
CrowdStrike has built a reputation as a premier provider of endpoint protection and threat intelligence. However, even industry leaders are not immune to operational hiccups. The outage, which disrupted the availability of their services, left many organizations scrambling to maintain their security postures. This event highlighted the inherent risks of single-source dependency in cybersecurity.
The Case for Multiple Cybersecurity Data Providers
- Redundancy and Resilience: Just as organizations implement backup systems for their critical IT infrastructure, having multiple cybersecurity data providers ensures that a single point of failure does not cripple their defenses. Redundancy is a key principle in cybersecurity, enhancing resilience against outages and service disruptions.
- Comprehensive Threat Intelligence: Different cybersecurity providers often excel in various aspects of threat detection and intelligence. By utilizing multiple providers, organizations can benefit from a more comprehensive view of the threat landscape. This approach allows for better detection and response to a wider array of threats.
- Mitigating Single Provider Vulnerabilities: Each cybersecurity provider has its unique strengths and weaknesses. Relying solely on one provider means that any vulnerabilities or limitations they have are directly inherited by their clients. A diversified approach mitigates this risk by spreading dependencies across multiple sources, reducing the impact of any single provider's shortcomings.
- Enhanced Incident Response: During an incident, having access to data and support from multiple providers can significantly improve an organization’s response capabilities. Different providers may offer unique insights or tools that can be crucial in identifying the scope of an attack and implementing effective countermeasures.
- Competitive Edge: In the fast-evolving cybersecurity landscape, staying ahead of threats often requires innovative solutions and cutting-edge technologies. By engaging with multiple providers, organizations can tap into a broader pool of innovation and expertise, ensuring they remain at the forefront of cybersecurity practices.
The CrowdStrike outage has been a sobering reminder of the vulnerabilities inherent in relying on a single cybersecurity data provider. In today’s threat landscape, where the stakes are incredibly high, a diversified approach to cybersecurity data is not just a best practice—it is a necessity. By engaging multiple providers, organizations can build a more resilient, comprehensive, and adaptive cybersecurity posture, better equipped to protect against the ever-evolving array of cyber threats.
About Webacy
Webacy is the safety and security layer for consumers - enabling users to assess their risk, monitor their assets, and act in case of emergency - and empowering companies to mitigate risk through robust APIs that actively monitor their contracts, vetting their users, and protecting their brand.
Webacy pulls its data from over 15 different providers, along with our own proprietary data and risk models, to have the most diverse range of available information. If you are a web3 and/or crypto company and have not integrated a security partner, you need to do so immediately. If you only have one data source, it’s time to add an additional one, as this CrowdStrike incident could happen to you.