CrowdStrike crisis gives CISOs opportunity to rethink key strategies
- by nlqip
Moreover, experts say this kind of software error will almost certainly occur again. “We should expect it to happen again, and you need to protect against it,” Ranjan Singh, chief product officer at Kaseya, tells CSO. “There are humans involved in the entire chain of development, so invariably, there’s always room for error. But it’s our job to make sure that we go to the ends of the earth and figure out how to prevent something like this, especially in critical products.”
ForAllSecure’s Brumley says this kind of incident will “absolutely” happen again. “Huge” industry consolidation with fewer and fewer vendors will mean that “more and more people will be affected when the next big software error occurs,” he says. Security workforces that are stretched thin will only worsen the industry’s ability to respond next time. “I think people are getting tired of security, and especially with the markets changing, there’s been a huge security workforce reduction,” he says.
Time to revisit disaster recovery plans
One risk management component that CISOs should revisit now is disaster recovery. “I think a lot of companies probably got to run their disaster recovery process during the CrowdStrike outage, but not willingly, not voluntarily,” Christine Gadsby, CISO of BlackBerry, tells CSO.
Source link
lol
Moreover, experts say this kind of software error will almost certainly occur again. “We should expect it to happen again, and you need to protect against it,” Ranjan Singh, chief product officer at Kaseya, tells CSO. “There are humans involved in the entire chain of development, so invariably, there’s always room for error. But it’s…
Recent Posts
- CISA warns of actively exploited Apache HugeGraph-Server bug
- Suspects behind $230 million cryptocurrency theft arrested in Miami
- Ivanti Says ‘Critical’ Cloud Gateway Vulnerability Seeing Exploitation
- Microsoft Edge will flag extensions causing performance issues
- Sophos CEO On How EDR Vendors, Microsoft Are ‘Rethinking’ Security After CrowdStrike Outage