Balancing internal innovation and third-party vendor risk

0
7

As a former FBI Special Agent in the Los Angeles Cyber Crime Squad, I’ve seen my fair share of defective software updates. However, the recent global tech outage caused by a faulty software update from CrowdStrike has truly captured the world’s attention. The shock and awe of such a well-regarded cybersecurity vendor causing a major security incident has brought to light a previously overlooked area of third-party risk. 

Given CrowdStrike’s reputation and trusted position, many companies automatically allowed its software update package into their systems without fully considering the possibility of a defect. Consequently, no CISO expected the update to result in a global tech outage, causing systemic disruption across interconnected systems.

LEAVE A REPLY

Please enter your comment!
Please enter your name here