Monday, December 23, 2024

CrowdStrike hearing: ‘Deeply sorry,’ exec apologises for global IT outage

Must read

Exec explains how CrowdStrike will try to prevent another global IT outagepublished at 21:50 British Summer Time

Zoe Kleinman
Technology editor

This was definitely one of the calmer and more measured tech committee hearings I have sat through.

CrowdStrike described the July 19 global outage as the result of a “perfect storm”.

The fundamental measure it has now put in place to prevent a repeat performance is a pretty simple one. It is doing a lot more internal testing of its updates (I learned a new term for this: “dog fooding”) and also enabling customers to decide when to accept them, so that they are no longer released simultaneously.

With 10-12 updates pushed out every day, this is almost certainly going to slow down CrowdStrike’s operations.

Adam Meyers was articulate and measured in his responses. I don’t think I saw him take a sip of water during his 1.5 hours in the ring. He apologised more than once for the firm’s failings, and stressed that it had not been a cyber attack, although he added that threat actors were definitely trying to leverage it.

The assembled lawmakers also shared some of their own vulnerabilities.

Congressman Carlos Gimenez said he was afraid of AI and asked about the threat of it writing malicious code. CrowdStrike’s Adam Meyers said he thought the tech was “not there yet” but added that every day it “gets better”.

Congressman Gonzales said he feared that Congress itself didn’t understand the wider issue, and asked how the US government could improve its own response during a similar situation.

Adam Meyers said during the CrowdStrike outage, it was the firm’s job to inform government, during a cyber incident it would be to support government. “This is a team sport and we are all on the same team” he said.

You can read more about the impact of CrowdStrike’s outage here.

We’re now finishing out live coverage. Thanks for joining us.

Latest article