Microsoft Deputy CISO recounts responding to the CrowdStrike outage

The industry’s collective response to the massive outage underscored for Ann Johnson its ability to come together and put competitive interests aside.

By Matt Kapko • Aug. 12, 2024

CrowdStrike pursuing deal to buy patch management specialist Action1

The security firm is still working to overhaul its internal software development practices following the July 19 global IT outage involving millions of Microsoft Windows devices.

By David Jones • Aug. 9, 2024

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

LoanDepot reports net loss as cyber-related settlement hit Q2 financial results

The company disclosed $27 million in charges primarily related to a settlement deal in connection with a class action lawsuit.

By David Jones • Aug. 9, 2024

Delta expects $380M revenue hit due to CrowdStrike outage

The company said it canceled 7,000 flights in five days due to the IT outage, according to a Thursday filing with the Securities and Exchange Commission.

By Roberto Torres • Aug. 9, 2024

CrowdStrike snafu was a ‘dress rehearsal’ for critical infrastructure disruptions, CISA director says

Despite the disruption, Jen Easterly said the outage was a "useful exercise" to determine the resiliency of critical infrastructure organizations.

By Matt Kapko • Aug. 8, 2024

Are cybersecurity professionals OK?

Absorbing the impacts of cyberattacks takes a personal toll on defenders. Separating the evil they see from all that’s good in the world doesn’t always come easy.

By Matt Kapko • Aug. 7, 2024

CrowdStrike blames mismatch in Falcon sensor update for global IT outage

The security company, in its root cause analysis report, said it is using lessons from the crash to make larger changes, while analysts predict further challenges.

By David Jones • Aug. 7, 2024

Microsoft joins CrowdStrike in pushing IT outage recovery responsibility back to Delta

The software provider said Delta's delayed modernization efforts were to blame for its slow recovery. 

By Roberto Torres • Aug. 7, 2024

CrowdStrike rebukes Delta’s negligence claims in fiery letter

After the airline said it was considering legal action, CrowdStrike said Delta’s contract capped the cybersecurity provider's liability to “single-digit millions.” 

By Roberto Torres • Aug. 5, 2024

Insured loss impact could reach $1B following CrowdStrike outage

Guy Carpenter said it could be worse: Had the incident involved a ransomware attack, losses could have reached $2 billion.

By David Jones • Aug. 5, 2024

After CrowdStrike outage, what will become of automatic IT updates?

Blind enterprise trust in software updates is the latest symptom of a race toward IT automation.

By Roberto Torres • Aug. 2, 2024

CrowdStrike outage renews supply chain concerns, federal officials say

The White House and the U.S. Government Accountability Office are raising questions about the resilience of the software supply chain and memory safety vulnerabilities.

By David Jones • Aug. 2, 2024

CrowdStrike investors file class action suit following global IT outage

A retirement association alleges the company misled investors about the efficacy of its software platform and quality control practices.

By David Jones • Updated Aug. 1, 2024

Delta grapples with $500M in CrowdStrike outage costs

Delta is rethinking how it sets up IT after its team manually reset 40,000 servers impacted by the outage, CEO Ed Bastian told CNBC Wednesday.

By Roberto Torres • Aug. 1, 2024

Why CX penalties hit organizations long after a cyber incident

Addressing the security, legal and regulatory requirements is critical, but so too is attending to the fallout for customer trust and loyalty.

By Rosalyn Page • Aug. 1, 2024

Business interruption claims will drive insurance losses linked to CrowdStrike IT disruption

The outage will lead to reviews of underwriting criteria as concerns are raised about single points of failure, according to Moody’s Ratings.

By David Jones • July 30, 2024

ServiceNow spots sales opportunities post-CrowdStrike outage

CEO Bill McDermott said instant visibility into disrupted systems in customer environments helped accelerate remediation efforts. 

By Lindsey Wilkinson • July 29, 2024

CrowdStrike CEO says 97% of Windows sensors restored in IT outage recovery effort

Coinciding with George Kurtz's update, Microsoft outlined its efforts to enhance resiliency just months after launching a massive security overhaul.

By David Jones • July 26, 2024

How cyber insurance coverage is evolving

Cyber insurance coverage can help raise security baselines across businesses, but organizations that have standalone policies are the exception to the rule. 

By Sue Poremba • July 25, 2024

CrowdStrike disruption direct losses to reach $5.4B for Fortune 500, study finds

A report from Parametrix estimates cyber insurance will cover only about 10% to 20% of losses.

By David Jones • July 25, 2024

CrowdStrike software crash linked to undetected error in content update for Windows users

The company plans to add additional testing and employ canary delivery methods to safeguard customers from future disruptions.

By David Jones • July 24, 2024

CrowdStrike CEO’s quick apology stands out in an industry rife with deflection

The cybersecurity vendor’s swift and contrite response helped the company convey confidence and control over the mess it created, experts say.

By Matt Kapko • July 23, 2024

CrowdStrike says flawed update was live for 78 minutes

Though CrowdStrike pulled the update, companies across sectors were already dealing with the cascading consequences that required manual remediations.

By Matt Kapko • July 23, 2024

CrowdStrike, Microsoft scramble to contain fallout from global IT outage

Cybersecurity and IT experts said users are having major difficulties in recovery efforts, despite workarounds and guidance the vendors released.

By David Jones • July 22, 2024

CrowdStrike’s unforced error puts its reputation on the line

The widespread release of defective code suggests CrowdStrike didn’t properly test its update before it was released or that process failed to catch the mistake, experts said.

By Matt Kapko • July 22, 2024