Cash News
The recent global CrowdStrike outage last month may have spared Long Island businesses from the worst impact, but it highlighted the need for more robust proactive measures to prevent future incidents.
Finance and tech professionals on Long Island say that the best defense isn’t just about having cybersecurity technology, but the correct technology. This could mean the difference between keeping a business online and having difficult discussions with customers and business partners.
The issue began last month when a software update by cybersecurity company CrowdStrike turned out to be defective, crashing mission-critical computers worldwide. Airlines, banks and many Fortune 500 companies reported major outages for several hours to multiple days.
“Incidents involving CrowdStrike highlight the importance of cybersecurity but also raise concerns about entrusting business technology to companies that may not always prove reliable,” said Chris Coluccio, CEO of Techworks Consulting in Ronkonkoma.
“It’s concerning that an application like CrowdStrike, or similar tools, could potentially disrupt our business operations with little recourse due to negligence,” Coluccio added. “This underscores the necessity of understanding the potential impact of any technology we implement and having a robust continuity plan.”
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) assessed that the CrowdStrike outage stemmed from a logic error in the CrowdStrike Falcon sensor update, impacting over 8.5 million Windows devices. Malicious actors exploited the outage for phishing attacks. CISA emphasized the importance of following CrowdStrike’s remediation guidance
+and maintaining robust cybersecurity
measures.
In its public report on the outage, the agency said: “CISA urges organizations to ensure they have robust cybersecurity measures to protect their users, assets, and data against this activity.”
Daniel Ford, chief information security officer for Jovia Financial Credit Union in Westbury, said the institution suffered no customer impact from the CrowdStrike outage.
Ford said Jovia’s strategy is to take a “proactive stance, incorporating predictive measures and rigorous testing. Unlike many organizations content with compliance, we’ve embedded cybersecurity into our DNA, making it a strategic imperative.”
Ford notes that Jovia applies “continuous improvement” to its security strategy – a practice that incorporates higher benchmarks with each level of advancement.
“Unlike reactive competitors, our proactive stance, fortified by stringent vendor oversight, ensures our operations meet our service level agreements,” Ford said. Jovia’s commitment to resilience, “is integral to our strategic success” and “unwavering dedication to risk management,” he added.
Like other technology and security professionals, Sharif Alexandre, chief technology officer for ConnectOne Bank, which has offices in Astoria and Melville, said the critical time to respond to events such as the CrowdStrike’s outage is long before they happen.
“As technology continues to play a critical role across industries, businesses must take the right steps to prepare for potential outages or other incidents,” Alexandre said.
Additionally, Alexandre noted the institution has emergency response blueprints that it follows during critical times such as last month, including disaster response playbooks in place with ongoing testing.
“In an event like this, we would act quickly to mobilize the appropriate team members to form an internal working group, run through the appropriate disaster recovery processes, and most importantly, communicate with our clients, ensuring they are aware of the situation,” Alexandre said. “Strong communication is essential to respond appropriately.
That may be evidenced by the many complaints that surfaced toward companies like Delta Airlines, which experienced residual flight cancellations and other impacts for days following the CrowdStrike outage.
Because technology is constantly evolving, and cyber intruders and tech failures pose continuously changing threats, staying ahead of the curve is one of the more significant challenges for businesses of all sizes.
Coluccio of Techworks noted, for example, that smaller businesses can be more inviting targets than bigger businesses: Larger businesses tend to have made more significant investments in security and business continuity.
But change is a constant for businesses of all sizes.
“Certainly, the rise of AI technologies such as deepfakes and large language models like ChatGPT are already being exploited by bad actors,” Coluccio said. “These tools make it increasingly difficult to discern truth from falsehood and allow criminals to find vulnerabilities in our systems more quickly.
He added: “we still observe that many business owners place a great deal of trust in their current IT providers, whether outsourced or in-house, assuming they are managing their cybersecurity effectively. However, this is not always the case.” Coluccio said he recommends that all businesses should get a comprehensive IT audit that is reviewed and understood by not only IT, but business owners, managers.
Perhaps underscoring Coluccio’s point: CrowdStrike itself. In its after-action report on the event, the company noted that “(b)y regularly updating, security products can quickly adapt to emerging threats, ensuring robust protection for users and their systems.”
CrowdStrike’s response? The company said it would improve its own testing and introduce additional checks on software updates “to prevent similar issues” in the future.