According to new research by Germany’s Federal Office for Information Security (BSI), one in 10 organizations affected by CrowdStrike’s July outage are dropping their current security vendor.
Of the tenth of organizations switching provider, nearly half (40%) have already replaced their cybersecurity solutions, with the remaining (60%) companies planning to do so soon.
Furthermore, around one in five companies plan to revise their vendor selection criteria following the incident, which left around 8.5 million Windows devices offline.
CrowdStrike outage has left a bitter taste in customers’ mouths
Although Microsoft claimed that customers using its own systems were back up and running in as little as a few minutes, the reality is that many of the affected users were relying on third parties. BSI found that nearly half (48%) experienced a downtime of ten hours.
Consequentially, two in five were unable to collaborate with clients, with business operations and revenue affected.
However, the outage has at least served as a reminder to businesses of the precarious nature of relying on third parties. Two-thirds have either improved or plan to improve their incident response.
BSI President Claudia Plattner commented: “There will never be a 100 percent protection against IT security incidents in the future… companies must and can increase their resilience through preventive measures, making them more resistant to IT security incidents.”
The Office’s research also highlighted the role of social media and the interconnected world during such events – more companies found out about the outage via social media than from CrowdStrike directly.
Although the body acknowledged that the small sample size of 311 German organizations is not entirely representative of the landscape, it can at least be used as an indication of companies’ responses to the outage.
Via The Register