Stories
Slash Boxes
Comments

SoylentNews is people

posted by hubie on Thursday September 05, @01:04AM   Printer-friendly
from the over-a-barrel dept.

Arthur T Knackerbracket has processed the following story:

CrowdStrike's major meltdown a month ago doesn't look like affecting the cyber security vendor's market dominance anytime soon, based on its earnings reported Wednesday.

CrowdStrike's faulty Falcon sensor update in July bricked 8.5 million Windows machines, grounding thousands of flights worldwide, delaying medical services and downing some US states' 911 emergency services. Nonetheless, it reported better-than-expected revenue for the second quarter of fiscal year 2025.

[...] Moving forward, these new customers signing CrowdStrike contracts will be key to watch – and a good indicator if the July 19 fiasco will have any lasting impact on the security vendor, said IDC Group VP of security and trust Frank Dickson.

"When you look at the impact, the only think you're really going to be able to impact is new consideration, new customers evaluating security vendors," Dickson told The Register. "Net-new companies may look at this and say 'I don't know.' But that isn't going to start showing its head in the earnings for another quarter or two."

Existing customers – especially those who have gone all in with CrowdStrike's security products – aren't likely to go anywhere, despite any lingering frustrations about the flawed update.

CrowdStrike, along with some of its competitors, calls its separate products "modules," and all 28 of CrowdStrike's modules connect to its central Falcon platform.

[...] This is where CrowdStrike finds the bulk of its business. "If you only have one service from CrowdStrike, it's a lot easier to cancel," Dickson explained. "If you are a company with four, five, and six modules, it's going to be a lot harder to change. If you were so angry at CrowdStrike that you wanted to rip and replace everything, that's a herculean effort."

Even Delta Air Lines – which has threatened lawsuits against both CrowdStrike and Microsoft for the outage, alleging it cost the airline more than $500 million – is unlikely to switch cyber security providers anytime soon, Dickson opined.

In its latest missive to CrowdStrike, Delta revealed about 60 percent of its "mission-critical applications and their associated data – including Delta's redundant backup systems – depend on the Microsoft Windows operating system and CrowdStrike."

"Even with how much they dislike CrowdStrike right now, I would bet it takes them a couple of quarters if they do actually decide to rip and replace," Dickson observed.

The general consensus, however, seems to be that Kurtz and crew responded well to the incident, appearing apologetic enough to appease angry customers and putting forth a plan to ensure that this doesn't happen again.

[...] Despite the $10 gift cards sent to CrowdStrike's partners who were working overtime to help customers recover from the outage, it doesn't appear that the security vendor will suffer any lasting damage.

"Longer term, it's possible to improve your reputation based on how proactive your approach is," Dickson noted – pointing to Mandiant, and its then-CEO Kevin Mandia's response to the SolarWinds hack. "They got breached, their tools were stolen, and here they are, one of the preeminent security providers."


Original Submission

This discussion was created by hubie (1068) for logged-in users only. Log in and try again!
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 4, Insightful) by JoeMerchant on Thursday September 05, @02:05AM

    by JoeMerchant (3937) on Thursday September 05, @02:05AM (#1371311)

    Engineer screws up, costs his mega Corp $10M.

    Engineer goes to his boss "I guess I am fired."

    Boss: "You ever going to make that mistake again?"

    E: "of course not!"

    B: "well, I just paid $10M to train you, why would I fire you now?"

    --
    🌻🌻 [google.com]
  • (Score: 5, Interesting) by Rosco P. Coltrane on Thursday September 05, @02:17AM (1 child)

    by Rosco P. Coltrane (4757) on Thursday September 05, @02:17AM (#1371314)

    People get worked up and outraged for 5 minutes, then they lose interest and swipe to the next tweet.

    Remember Cambridge Analytica? Facebook is still a thing. In times past, it would have been sued into oblivion.

    Remember the Pánama papers? The billionnaires still have their billions.

    Remember the Snowden leaks? It hasn't put a single dent in the NSA's spying programs

    Nefarious companies and governmental agencies simply rely on people's apathy and short attention span: the enemy people face these days - the big tech corporate surveillance complex and their friends on Capitol Hill - is so big, so corrupt and its powers so far-reaching that people have just given up on trying to regain sovereignty over their lives and their country. I mean it's understandable: how do you tackle a problem this big as a single individual? It would take a whole nation to rise up against the corporate tyranny all at once.

    Combine that with generations of people who grew up flipping through web pages and social media posts at high speed, and who have never known a time when ubiquitous surveillance, untouchable monopolies and cronyism weren't the norm, and all the enemy has to do is wait until people move on to something else.

    • (Score: 4, Insightful) by JoeMerchant on Thursday September 05, @11:58AM

      by JoeMerchant (3937) on Thursday September 05, @11:58AM (#1371352)

      >Remember the Snowden leaks? It hasn't put a single dent in the NSA's spying programs

      The thing about secret organizations is that you never really know....

      The drama by Oliver Stone: Snowden https://g.co/kgs/VdRx8pF [g.co] implies that the Obama administration passed legal regulations restricting domestic surveillance, only after Snowden outed his data.

      Transparency is always the answer, but the thing about secret organizations is that you never really know....

      --
      🌻🌻 [google.com]
  • (Score: 5, Insightful) by owl on Thursday September 05, @03:40AM (2 children)

    by owl (15206) on Thursday September 05, @03:40AM (#1371322)

    If you were so angry at CrowdStrike that you wanted to rip and replace everything, that's a herculean effort."

    The thing is, if you even have ClownStrike installed, it is because you need to check a compliance box on your "security audit forms" (can someone say TPS reports?).

    If you go and remove ClownStrike now, even if you are livid with them, you'll fail your next quarterly checkbox review (i.e., "security audit") and so you are kind of stuck. Until you can find someone else to replace them, you must be able to check that box on your quarterly checkbox review, and so you'll keep ClownStrike even if you are livid with them.

    This is the magic that ClownStrike provides. They don't actually provide any security. They provide "checkbox insurance". And so long as you need that box checked for your next quarterly checkbox review, you'll keep them around until you can find someone else. And if you can't find someone else, you'll keep them around anyway, so you can keep that box checked.

    • (Score: 2) by JoeMerchant on Thursday September 05, @12:04PM

      by JoeMerchant (3937) on Thursday September 05, @12:04PM (#1371353)

      >you need to check a compliance box

      So much this ^^^

      I work to put actual security into our product, but what the corporation really cares about is satisfying the customers. What our customers really care about is checking all the boxes.

      The thing is: many of the boxes make actual security worse, not better, when checked. Witness: ClownStrike.

      --
      🌻🌻 [google.com]
    • (Score: 2) by bmimatt on Thursday September 05, @10:38PM

      by bmimatt (5050) on Thursday September 05, @10:38PM (#1371457)

      Yeah, I dislike the security theaters surrounding us these days as much as the next guy.
      That said, when deployed as endpoint security suite, CS collects a lot (perhaps too much) of useful information around discovered vulnerabilities.
      In large environments, with thousands+ of machines with wildly varying operating systems, the information collected can be used to prioritize/orchestrate security responses, patching, etc.
      Also, there are federally regulated industries (and government agencies), which actually have to adhere to regulations and GRC (governance, risk, compliance) rules.
      There are also third-party compliance audits that must be completed at those organizations.

      For those entities, it's not just about 'checkbox insurance', it's about governance, compliance, threat management and other unpleasant but required things most of are not concerned with.

(1)