Much has been written about the recent CrowdStrike incident. There’s a “dog that didn’t bark” or “don’t put all your eggs in one basket” aspect to this worldwide event, which I’ll explain after a brief recap of what happened.
CrowdStrike explained that the issue was a software update bug affecting only Windows systems, not a cyberattack. The outage caused widespread disruptions, including canceled flights and medical procedures. Some businesses managed to apply the fix within a few days, though the process wasn’t straightforward for everyone.
The silver lining, if any, was that businesses rely on many more types of computing devices, often 100 times more, that are traditionally outside IT or central data center control—and these were not affected!!
Why?
These devices—several thousand in any enterprise (such as surveillance, manufacturing, or facilities infrastructure) and running into billions worldwide (Research Gate estimates 75 billion devices next year, with Forbes projecting growth to 200 billion, in the near future) – were all diverse in type, manufacturer, operating systems, and connectivity protocols – different baskets, if you will. And in most instances, were not being automatically updated!
And there-in lies the savior – the sheer heterogeneity provided an inbuilt resiliency!!!
We didn’t see the kind of widespread outage in our lives driven by these billions of tiny digital deployments because enterprises, in their distributed setups, deploy a mixed environment of edge devices – and they struggle to have visibility and keep them updated.
However, there are lessons to be learned from this entire episode, especially for edge and operational technology business units:
1. Visibility: Be aware of all your deployments, wherever they are and whoever the vendor is. Have an infrastructure that can highlight the state of the infrastructure, settings, OS versions, support state, etc. Your actions to manage operations and mitigate risks need to be based on this distribution.
2. Business Resiliency and Operations: This involves disaster recovery and business continuity planning. Have an infrastructure to test “tiny updates” and scale with automation.
3. Compliance: Automated documentation can help with task automation and provide continuous reports/action prompts to stay compliant.
4. Diversity: By design, don’t load all your eggs in one basket!!!
This episode, though not a planned cybersecurity attack, highlights the vulnerabilities of our edge systems, which are both numerous and widely distributed. However, there is inherent resiliency in these systems, enhanced by high-quality tools that can provide greater operational protection.
