Topic(s)

Security

Author(s)

Todd Knapp

A (relatively) Simple Problem: 
A patch released by CrowdStrike Caused systems that rebooted to blue screen in a way that really requires a “hands-on keyboard” to resolve. It’s caused outages in government agencies, airlines, banking institutions, medical services, and commercial and nonprofit businesses at a massive scale.  

Bottom Line: While trying to prevent disruption from a cyberattack, the product that many companies used to defend themselves has caused a disruption…. Murphy’s Law at work.

What Should be Done About It: 
First of all, let’s take a moment to acknowledge that CrowdStrike is a great product! It’s one of the leaders in the cybersecurity space. Even though this feels like a series of unfortunate events that may, or may not, have been avoidable, the fact is that we’re here now and we need to make some good decisions. 

Envision has been implementing Sentinel One rather than CrowdStrike, as a matter of maintaining a vendor-layered security approach. Consequently, most of our customers have been unaffected. Although this feels like the kind of thing that could have happened to almost any product, and our heart goes out to the company, its customers, and its partners, the reality is that Sentinel One is an excellent alternative for customers who have been impacted. 

In the aftermath of this event, there will be a lot of questions asked. For sure, the CrowdStrike team will have agencies and customers to answer to, and will probably need to do some reactive work on their platform. Additionally, I’m curious to see how the cyber liability insurance industry reacts to this event.  

The weeks/months following this almost have to be chaotic for the company; circumstances that open the door for other problems to follow. For all of these reasons, my recommendation to customers who have been affected is to migrate to the Sentinel One platform (or another trusted security platform) until the dust settles. 

How Can Envision Help: 
Envision has a large bench of engineering resources available to customers who have been affected and are still working on recovery. 

  1. Envision has a large bench of engineering resources available to customers who have been affected and are still working on recovery. 
  2. Envision’s cybersecurity team is fully geared up and in a position to help impacted customers migrate to Sentinel One immediately! 
  3. Customers should be advised that this morning CrowdStrike was able to roll out a fix for systems that still had patches pending. However, if you would like technical advice on remediation steps, our team is able to help you; simply have your technical resources reach out to us at the contact information below. 

Contact Our Team 
If you have been affected, all you need to do is reach out to our team at 401-272-6688, or email us at crowdstrike@envisionsuccess.net . Our team is standing by to help you recover, and plan strategy around your long-term cyber defense program.