Dive Brief:
- Most executives expect their organization to experience a CrowdStrike-level IT outage within the next year, according to a PagerDuty survey of 1,000 IT and business leaders conducted by Wakefield Research.
- The July global outage caused by a faulty Falcon sensor update was a wake-up call, the report found. Nearly 9 in 10 respondents said they now realize their organization had prioritized security at the expense of service disruption readiness.
- “Executives around the globe are shifting their leadership priorities with major incidents in mind, with 100% of those surveyed reporting a heightened focus on preparing for future service disruptions at their companies,” PagerDuty CIO Eric Johnson said in the report.
Dive Insight:
Occasional service disruptions are par for the course in enterprise IT. Microsoft’s widely used 365 productivity suite experienced a minor hiccup Tuesday and the company reported a broader issue impacting Teams and Outlook on Nov. 25.
While severe outages on the scale of the CrowdStrike incident are far less common, they pose greater risk to business operations.
The defective CrowdStrike update, which crashed millions of Windows-based systems, led to the grounding of thousands of commercial flights. The event also slowed financial transactions and cost Fortune 500 companies an estimated $5 billion in direct losses.
“The July global IT outage highlighted the interconnectedness of modern systems,” Johnson said in an email. “The event underscored the need to be operationally resilient and have strategies in place that will empower teams to better anticipate outages before they happen and enable fast remediation when they do occur.”
The crisis was a call to arms for technology professionals, prompting greater security awareness and changes in software updating processes, according to an Adaptavist survey. Cloud and engineering executives responded by reassessing their organizations’ IT resilience and found reason for concern, Cockroach Labs found.
The repercussions raised the alarm for executives across the C-suite.
Most respondents to the PagerDuty survey — 83% — admitted the CrowdStrike incident caught them off guard and revealed gaps in their preparedness for service disruptions. More than half said they’d observed a shift toward continuous preparedness assessments rather than one-time investments in systems or protocols in the wake of the crisis.
The strategy brings operational resilience in closer alignment with cybersecurity measures, a perennial top concern among IT and business leaders.
“While the foundational elements of incident response are similar,” Johnson said, “tailoring the specifics to address the unique characteristics of each incident type is crucial for effective recovery and minimizing impact.”