In July 2024, global cybersecurity company CrowdStrike brought the internet to its knees, with a glitch in its software update that caused widespread system crashes with computers running Windows operating systems. One source suggests the total cost of the outage could run to more than $1 billion.
So what lessons in cybersecurity incident response planning can we take away from this?
Serious small business impacts
The glitch had severe consequences for many small businesses, disrupting daily operations, making it difficult to serve customers and process payments. Problems such as these can be compounded in small businesses, which often have limited IT resources, making diagnosing and fixing the problem a real challenge.
For small businesses, this is a wake-up call to ensure they have the right processes in place to get back up and running if and when the next CrowdStrike cybersecurity event occurs. Here are some steps to assist in being prepared for next time.
1. Implement a patch management strategy
Test any software updates in a controlled environment. This may help catch potential issues without disrupting your daily operations. Think of it as a dress rehearsal to ensure everything runs smoothly when the next IT incident happens.
2. Backup systems regularly
Always back up your critical data and systems. It’s essential to have online backups for quick recovery as well as offline backups in case the online backups fail. This helps reduce the risk of losing important information if something goes wrong during an update.
3. Let your team and customers know when software updates are happening
This includes providing information about potential downtime. You should also consider setting up alternative ways to stay in touch, so your business can keep moving even if the main systems are temporarily down.
4. Have a backup plan for critical systems
This could mean using secondary servers or cloud services that can take over if your primary systems fail. It’s like having a spare tyre ready to go.
Cybersecurity incident response planning: What to do when your system goes down
When you do experience a major outage, the first step is to promptly activate your cybersecurity incident response plan, if you don’t have one you consider creating one. This means ensuring all team members know their roles and how to follow established protocols to effectively assess and manage the situation.
Quickly determine the extent and severity of the issue, prioritising how to restore critical systems first. If a recent update has caused significant problems, consider rolling back to the latest backup, confirming it was made before the update.
Contact your IT support team or software representatives for expert assistance in diagnosing and resolving the issue as soon as you can.
Throughout the incident, stay in touch with staff and customers, keeping them informed about the situation, expected resolution time and any temporary measures in place. This builds trust and helps you navigate challenges efficiently.
Getting back on your feet
Once you’re back up and running after a major IT incident, it’s important to take stock and work out what you can do better next time.
Regularly check your systems for vulnerabilities and keep them updated with the latest security patches. Where possible, switch to cloud-based solutions for critical operations. Cloud services may offer better reliability and built-in backups, reducing the impact of local outages.
Then, set up tools that monitor your network and systems in real time, alerting you to potential issues before they become big problems. Also regularly review and update your security policies to stay ahead of new threats and technologies. Keeping your defence strategies up to date can assist in minimising risks.
It’s also important to consider having comprehensive cybersecurity insurance policies in place so that in the event of a major cyber threat, your business has access to good-quality protection.
Important notice
This article is of a general nature only and does not take into account your specific objectives, financial situation or needs. It is also not financial advice, nor complete, so please discuss the full details with your Steadfast insurance broker as to whether these types of insurance are appropriate for you. Deductibles, exclusions and limits apply. You should consider any relevant Target Market Determination and Product Disclosure Statement in deciding whether to buy or renew these types of insurance. Various insurers issue these types of insurance and cover can differ between insurers.
Steadfast Group Ltd ACN 073 659 677
Important notice – Steadfast Group Limited ABN 98 073 659 677
This article provides information rather than financial product or other advice. The content of this article, including any information contained in it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.
Information is current as at the date the article is written as specified within it but is subject to change. Steadfast Group Ltd and Steadfast Network Brokers make no representation as to the accuracy or completeness of the information. Various third parties have contributed to the production of this content. All information is subject to copyright and may not be reproduced without the prior written consent of Steadfast Group Limited.
