The recent outage caused by Crowdstrike on Jul 18, 2024 has proved how the fallout was unforeseen and unthinkable, across the globe.
In this era of zero trust, the leading cyber security company Crowdstrike sent an update to its Falcon sensor agent and another IT leader Microsoft which had Crowdstrike sensors installed crashed with Blue Screen of Death(BSOD) as soon as the update was received caused by a null pointer issue. This was not a cyberattack and affected only Windows hosts (not Linux or Mac). What an Oxymoron!
Though different approaches and solutions are being promoted by vendors, analysts, and security specialists, touting how they have a silver bullet that could have prevented this issue.
But in this interconnected nature of our broad ecosystem — global cloud providers, software platforms, security vendors and other software vendors, and customers Cybersecurity cannot be trusted with a select few companies and no one solution fits all protection and there needs to be layers of security because the attack surfaces are layered.
We all would agree that data analytics (AI/ML/GenAI whatever approach you take) has always been the north star for cybersecurity and has a life cycle of descriptive, predictive, prescriptive, and finally cognitive phases.
A simple approach for businesses at a bare minimum would be to adopt the descriptive phase where you have visibility and analytics around your attack surface (assets) as you cannot protect what you cannot see!
At CloudFabrix we call this Asset Analytics, where we employ a real-time agentless discovery for your entire stack which provides a topology discovery, dependency, and impact mapping, lifecycle analytics ( what currency), capacity utilization in an automated manner.
The Asset Analytics solution would not have prevented the debacle, but would have provided proactive planning where IT teams could have identified aging, important and risky assets and put together a mitigation plan in place if these kinds of situations arise (and it most likely would) then organizations would be in a better place tomorrow than today.
While an event like CrowdStrike outage is a rare occurrence, it’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist and hoping we can play a squirrel’s but important role in taking the 1st proactive step in preventing this again with Descriptive Analytics!
If you’d like to learn more feel free to schedule an obligation free consultation call with one of our Senior Solutions Consultants here.