It’s a heart-stopping moment. You stare in disbelief. But it’s happened. The so-called “blue screen of death” has taken over your computer. In effect, you’re out of business until you can get it fixed—a slow, painstaking and painful process. And chances are, you are not alone.
Consider the recent CrowdStrike incident, the largest IT outage in history, which cost Fortune 500 companies more than $5 billion, according to an early estimate by insurance agency Parametrix. And the losses attributable to lost productivity or reputational damage could be even greater.
It all happened in less than an hour and a half. CrowdStrike released a bug-infested software update shortly after midnight Eastern time on July 19 and rolled it back at 1:27 a.m. By then it was too late. The harm had been done. As many as 8.5 million computers worldwide running Microsoft Windows downloaded the bad update and crashed, hitting healthcare, banking and airlines the hardest.
While you might think there’s a simple lesson to be learned about dependency on one large, multi-national organization and its global impact through an automated update, there’s more to it than that.
What happened with the CrowdStrike debacle exposes the inherent risk of automatically picking up an update, but, fortunately, errors are rare. What’s more common is delaying the implementation of updates, which makes companies more vulnerable to cyberattacks. Unbelievably, some companies only perform software updates on an annual basis.
Says researcher Shane M. Greenstein, the Martin Marshall Professor of Business Administration at Harvard Business School, “People have told us that many organizations are on yearly calendars to update their security software… They’re just taking a calculated risk. Vulnerabilities don’t work on a calendar. Cybercriminals show up when they show up.”
In a study involving 150,000 medium and large U.S. organizations over an 18-year period Greenstein and colleagues found that 57% continued to operate with a severe vulnerability even after it was publicly disclosed and a fix was available. Apparent reasons were the cost of making the updates and lost time if systems had to be shut down while doing so.
It doesn’t make sense. Other research shows that over 60% of tech outages cause at least $100,000 in losses, and 15% cost more than $1 million, according to the technology trade group, Uptime Institute.
Here are essential steps you can take to fortify your defenses and avoid a similar fate.
Regular Software Updates
Regularly update your software to close the window of opportunity for cyberattacks. That’s the cornerstone of a robust cybersecurity strategy and applies to operating systems, applications and network devices across all platforms, including Windows, macOS and Linux. Outdated software is a prime target for cybercriminals, as it often contains unpatched vulnerabilities that can be exploited to gain unauthorized access to sensitive data.
Comprehensive Cybersecurity Solutions
It’s essential to invest in advanced cybersecurity solutions that provide multiple layers of protection. These systems should be capable of real-time threat detection and response, providing security that can prevent, detect and mitigate cyber threats before they cause harm. A solid infrastructure involves more than just software updates; it includes the whole gamut of security measures from firewalls and anti-virus protection to secure, encrypted data storage and backup solutions.
In particular, I recommend application whitelisting—a technology that utilizes a “guilty until proven innocent” approach which blocks any apps, scripts, files or other executables not on an approved list.
Education And Awareness
Educate employees about the importance of cybersecurity, and train them to recognize phishing and other types of attacks. Since human error is a common factor in cybersecurity incidents, a well-informed workforce is a critical defense mechanism.
Regular Security Audits
Conduct regular security audits to help identify and address vulnerabilities before they can be exploited. These audits should be thorough and cover all aspects of your organization’s cybersecurity, including policies, practices and systems.
Incident Response Planning
Plan ahead. Imagine the worst-case scenario. Your system has been penetrated. Now what? Having a well-defined incident response plan minimizes the impact of cyberattacks when they do occur.
Structure a plan that details each individual’s responsibilities, especially how to stop the attack from spreading further. Have a clear communications strategy in place that gives frequent—and honest—updates to all relevant parties. Ensure that lost data can be recovered. And, of course, work out how you won’t fall victim again.
Honesty And Transparency
One of the worst things you can do is try to hide or pretend that you haven’t been the victim of a cyberattack. You need to communicate quickly and honestly with all stakeholders. The Securities and Exchange Commission requires publicly traded firms to “disclose material cybersecurity incidents four business days after a public company determines the incident is material.” Don’t wait that long to alert everyone affected, whatever the size of your company.
Wrapping It Up
As cyber threats evolve, so must the strategies to combat them. By prioritizing regular software updates, investing in comprehensive cybersecurity solutions and fostering a culture of security awareness, businesses can protect their operations, reputation and, ultimately, their survival in the digital landscape. Being prepared is no longer just about security; it’s about ensuring continuity and trust in an increasingly interconnected world.
