{"id":6011,"date":"2024-09-11T13:46:22","date_gmt":"2024-09-11T17:46:22","guid":{"rendered":"https:\/\/solutionsreview.com\/endpoint-security\/?p=6011"},"modified":"2024-09-11T13:46:34","modified_gmt":"2024-09-11T17:46:34","slug":"the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/","title":{"rendered":"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code"},"content":{"rendered":"<p dir=\"ltr\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium_large wp-image-6012\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident-768x384.jpg\" alt=\"The CrowdStrike Incident - The Devil is in the Details, and Chaos is in the Code\" width=\"768\" height=\"384\" srcset=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident-768x384.jpg 768w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident-300x150.jpg 300w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg 800w\" sizes=\"(max-width: 768px) 100vw, 768px\" \/><\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\"><em><strong>Greg Sullivan, the Founding Partner at <a href=\"https:\/\/ciosoglobal.com\/\" target=\"_blank\" rel=\"noopener\">CIOSO Global<\/a>, shares some commentary on the CrowdStrike incident, the situation&#8217;s takeaways, and how the industry will continue to react to it. <span class=\"ui-provider a b c d e f g h i j k l m n o p q r s t u v w x y z ab ac ae af ag ah ai aj ak\" dir=\"ltr\">This article originally appeared in\u00a0<a class=\"external\" href=\"https:\/\/insightjam.com\/share\/W9PNIZN-ugApeSN3?utm_source=manual\" target=\"_blank\" rel=\"noopener nofollow\">Insight Jam<\/a>, an enterprise IT community that enables human conversation on AI.<\/span><\/strong><\/em><\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\"><a href=\"https:\/\/insightjam.com\/share\/W9PNIZN-ugApeSN3?utm_source=manual\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-5927 alignleft\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/04\/insightjam_logo.jpg\" alt=\"\" width=\"100\" height=\"100\" srcset=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/04\/insightjam_logo.jpg 100w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/04\/insightjam_logo-60x60.jpg 60w\" sizes=\"(max-width: 100px) 100vw, 100px\" \/><\/a>The CrowdStrike failure, a watershed moment in cybersecurity, stands as the most significant story of the year and potentially one of the most impactful of the decade. The flawed update it pushed to Windows operating systems worldwide crashed critical machines\u2014an estimated 8.5 million\u2014and sparked a global IT outage that will reverberate for months or even years to come.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">And while fountains of ink have been spilled on this subject already, for someone like me\u2014a cybersecurity consultant with 30 years of experience in the field, someone who helped clients through this CrowdStrike incident in real-time\u2014I find that many articles focus on the same few points over and over again. Yes, we are now finding out what happened, how it happened, and what CrowdStrike and its competitors will do to prevent such a situation from happening again.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">But a wealth of interesting aspects of the failure\u2014and its fallout\u2014aren&#8217;t widely known or being significantly discussed. These illuminate facets of what happened, and as our industry will be reacting to the CrowdStrike incident for years to come, the lessons we take away from this will be necessary for executives and cybersecurity\/IT professionals to apply to reduce the impact of future incidents.<\/p>\n<h3 dir=\"ltr\" style=\"text-align: justify;\"><strong>The &#8220;Trusted Provider&#8221; is Finished<\/strong><\/h3>\n<p dir=\"ltr\" style=\"text-align: justify;\">First, the risk calculus for this type of event will be different for cybersecurity and risk management professionals from this point forward. We must elevate this kind of risk\u2014damaging software coming not from a hack or social engineering attack but from a relied-on provider. The days of trusting partners, even those in charge of security, with absolute impunity are over.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">Instead, we must treat cybersecurity updates like any other software update. This means applying greater resiliency at the end of the IT process and conducting more thorough and mandated testing before deployment. We can no longer give any partners a free pass and push their updates through. As much as we hope it won&#8217;t, we must assume that the CrowdStrike scenario could happen again.<\/p>\n<h3 dir=\"ltr\" style=\"text-align: justify;\"><strong>Prepare for Opportunistic Exploiters<\/strong><\/h3>\n<p dir=\"ltr\" style=\"text-align: justify;\">While there is no evidence (at the time I&#8217;m writing this) that the CrowdStrike failure was caused in any part by a hack or malicious actions, the fact remains that when things go wrong, bad actors will be on the scene trying to take advantage of the situation. The confusion, frustration, and desperation the average person feels when dealing with their work computer that has been &#8220;blue-screened&#8221; is real. Very quickly after this incident, a malicious file started making the rounds, claiming to be a quick fix to the problem\u2014but the so-called &#8220;CrowdStrike hotfix&#8221; was simply malware that was reaching more people than usual as desperation replaced sensible actions.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">While this type of situation\u2014a trusted provider being the source of a widespread outage\u2014may not have been on our radar before, it is now. All employees must be prepared and know what is and is not protocol during these incidents. There&#8217;s always more cybersecurity training for employees at every level, and it should incorporate lessons from the CrowdStrike failure. Start now; don&#8217;t let the next incident be the beginning of your team&#8217;s learning curve.<\/p>\n<h3 dir=\"ltr\" style=\"text-align: justify;\"><strong>A View Into The Cure: Implementing The Fix<\/strong><\/h3>\n<p dir=\"ltr\" style=\"text-align: justify;\">Some may be wondering what the breadth of responses and fixes looked like. Sure, we all have read countless retellings of the scramble that airlines and significant healthcare organizations went through in the aftermath of the outage. However, small to mid-sized businesses and local governments worldwide experienced just as much pain. Even in centralized offices, getting machines back up and running was manual and laborious because servers that would have run a fix and pushed it out were also down.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">Given the number of devices being deployed remotely\u2014as we&#8217;ve all enjoyed a more flexible approach to remote work in recent years\u2014fixes were more complicated. In some cases, those fixes were unwieldy or borderline bizarre. IT personnel were going door to door in some locations, fixing machines one at a time. In cities, some organizations&#8217; employees were told to bring their work computers to a central location to be worked on. Sometimes, IT would be forced to walk people through the fixes over the phone. Anyone who&#8217;s ever tried to help a relative troubleshoot their laptop over the phone knows how far from efficient that process is.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">In some cases, we even saw organizations breaking some of the most cardinal rules of basic security hygiene. I heard of flash drives with the script to implement a fix being mailed nationwide. CrowdStrike knocked us back a few decades regarding the technical sophistication of our fix implementations.<\/p>\n<h3 dir=\"ltr\" style=\"text-align: justify;\"><strong>Cybersecurity Tools: N+1 Redundancy\u00a0<\/strong><\/h3>\n<p dir=\"ltr\" style=\"text-align: justify;\">We must reevaluate our processes and tools closely because we can&#8217;t rely solely on our &#8220;trusted provider&#8221; anymore. I suggest making the most of all the cybersecurity tools at your disposal. Some IT departments turn off overlapping software security features\u2014but this is a mistake! It&#8217;s additional work to run more processes, but that extra security insight can be helpful as a &#8220;checks and balances&#8221; to confirm an exploit or even pinpoint an utterly different attack surface not identified by other cybersecurity tools.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">For example, I&#8217;ve seen organizations run multiple vulnerability checks on the same data set or database from different software programs\u2014without fail, the results are never the same. Cybersecurity tools are imperfect, but using multiple tools can help mitigate risks. It&#8217;s essential to gather information through the lens of different cybersecurity systems and focus that data onto a single-pane-of-glass dashboard where a holistic analysis can yield more informed decisions.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">Organizations should look to enable N+1 redundancy in their security measures. The concept of &#8220;N+1 Redundancy&#8221; refers to a system design principle where there is an extra &#8220;+1&#8221; component for every &#8220;N&#8221; component necessary to ensure continued system operation. In cybersecurity, this means having a backup cybersecurity solution that is as effective as the primary one.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">That said, we may see some companies adapt their updating policy and move to an n-1, or in rare cases, n-2 model for incoming patches. With these updates representing possible risks, there&#8217;s an argument for waiting for one cycle of updates to ensure that any similarly disastrous bugs are discovered by others and not one&#8217;s own company. Of course, this means that companies will have to live longer with known vulnerabilities, but this is mitigated by avoiding the potential disruption of a bad update. Of course, it might have to be case-by-case on what patches can be done in an n-1 timeframe, which is so critical that the risk must be taken to update them immediately. Each company should set its policies and decide on the right approach.<\/p>\n<h3 dir=\"ltr\" style=\"text-align: justify;\"><strong>What&#8217;s Next? Review Your Incident Response Plan<\/strong><\/h3>\n<p dir=\"ltr\" style=\"text-align: justify;\">Once your company has recovered from this outage, there&#8217;s no better time to reassess your <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/5-key-steps-to-include-in-your-incident-response-plan\/\" target=\"_blank\" rel=\"noopener\">incident response plan<\/a>. All IT departments should hold a meeting to review the effectiveness of their response to the CrowdStrike incident and ask questions such as:<\/p>\n<ul>\n<li dir=\"ltr\" style=\"text-align: justify;\">Were clear roles, responsibilities, and policies established?<\/li>\n<li dir=\"ltr\" style=\"text-align: justify;\">Was the current plan executed as it was written up? If not, why?<\/li>\n<li dir=\"ltr\" style=\"text-align: justify;\">When was the last time the communication plan was updated?<\/li>\n<li dir=\"ltr\" style=\"text-align: justify;\">Were the proper individuals notified in the correct order?<\/li>\n<li dir=\"ltr\" style=\"text-align: justify;\">Who is responsible for triage to assess the severity and impact?<\/li>\n<li dir=\"ltr\" style=\"text-align: justify;\">Who is monitoring the restored systems and documenting the effectiveness of all actions?<\/li>\n<li dir=\"ltr\" style=\"text-align: justify;\">Is the incident response plan updated to properly account for the &#8220;trusted provider&#8221; scenario discussed here?<\/li>\n<\/ul>\n<p dir=\"ltr\" style=\"text-align: justify;\">With every new incident, reassess the plan and keep it fresh and current by performing tabletop exercises to flesh out any weaknesses or outdated information. Remember, a tabletop assessment aims to test an organization&#8217;s preparedness and response against realistic scenarios. It&#8217;s crucial to conduct a debriefing, a.k.a. hotwash, where an after-action review is performed to analyze strengths and weaknesses.<\/p>\n<h3 dir=\"ltr\" style=\"text-align: justify;\"><strong>Conclusion: Pivot and Prepare<\/strong><\/h3>\n<p dir=\"ltr\" style=\"text-align: justify;\">The CrowdStrike incident may have been unexpected, but a similar one in the future should not catch organizations off guard. We need to operate under the assumption that such a failure from a &#8220;trusted&#8221; partner will happen again, somewhere, sometime. To prepare for the next occurrence, IT needs to treat cybersecurity updates like they do with standard software patches. Following these established procedures means reviewing any update notes, setting up a test environment and applying the update, getting the necessary approval for deployment, staggering the deployment, and informing all relevant stakeholders.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify;\">Our digital ecosystem is too interconnected. Trusting software updates with impunity, circumventing the procedural steps taken for other patches and updates, will continue to thrust our fragile IT habitat into chaos. Apply the &#8220;commonsense filter&#8221; to software updates; the devil is in the details, and chaos is in the code.<\/p>\n<hr \/>\n<p dir=\"ltr\" style=\"text-align: justify;\">\n","protected":false},"excerpt":{"rendered":"<p>Greg Sullivan, the Founding Partner at CIOSO Global, shares some commentary on the CrowdStrike incident, the situation&#8217;s takeaways, and how the industry will continue to react to it. This article originally appeared in\u00a0Insight Jam, an enterprise IT community that enables human conversation on AI. The CrowdStrike failure, a watershed moment in cybersecurity, stands as the [&hellip;]<\/p>\n","protected":false},"author":1134,"featured_media":6012,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2],"tags":[1955,1953,68,1954],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code<\/title>\n<meta name=\"description\" content=\"Greg Sullivan at CIOSO Global shares some commentary on the CrowdStrike incident and what the takeaways of the situation should be.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code\" \/>\n<meta property=\"og:description\" content=\"Greg Sullivan at CIOSO Global shares some commentary on the CrowdStrike incident and what the takeaways of the situation should be.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/\" \/>\n<meta property=\"og:site_name\" content=\"Endpoint Security &amp; Protection Platforms | Solutions Review\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/solutionsreview\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-11T17:46:22+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-11T17:46:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Greg Sullivan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:site\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Greg Sullivan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/\"},\"author\":{\"name\":\"Greg Sullivan\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/7e25d92f0f375d1f9358af843dee00d5\"},\"headline\":\"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code\",\"datePublished\":\"2024-09-11T17:46:22+00:00\",\"dateModified\":\"2024-09-11T17:46:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/\"},\"wordCount\":1517,\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg\",\"keywords\":[\"CIOSO Global\",\"Contributed Content\",\"CrowdStrike\",\"Greg Sullivan\"],\"articleSection\":[\"Best Practices\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/\",\"name\":\"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg\",\"datePublished\":\"2024-09-11T17:46:22+00:00\",\"dateModified\":\"2024-09-11T17:46:34+00:00\",\"description\":\"Greg Sullivan at CIOSO Global shares some commentary on the CrowdStrike incident and what the takeaways of the situation should be.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg\",\"width\":800,\"height\":400,\"caption\":\"The CrowdStrike Incident - The Devil is in the Details, and Chaos is in the Code\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/endpoint-security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"name\":\"Endpoint Security &amp; Protection Platforms | Solutions Review\",\"description\":\"Evaluating Enterprise EPP Software, Next-Gen Antivirus &amp; EDR Solutions.\",\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\",\"name\":\"Solutions Review\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"width\":200,\"height\":200,\"caption\":\"Solutions Review\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/solutionsreview\",\"https:\/\/x.com\/InfoSec_Review\",\"https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review\",\"https:\/\/www.youtube.com\/user\/SolutionsReview\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/7e25d92f0f375d1f9358af843dee00d5\",\"name\":\"Greg Sullivan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/Greg-Sullivan.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/Greg-Sullivan.jpg\",\"caption\":\"Greg Sullivan\"},\"description\":\"Greg Sullivan is the Founding Partner at CIOSO Global, LLC, specializing in cybersecurity and technology risk management. He advises clients on regulatory compliance and cybersecurity strategies, helping organizations design and implement risk-based cybersecurity capabilities. Previously, Greg served as Senior Vice President &amp; Global Chief Information Officer at Carnival Corporation, leading global IT, innovation, and cybersecurity efforts. He also held leadership roles as CEO and CTO at Global Velocity, focusing on enterprise and cloud security. Greg holds a BS in Systems Science &amp; Mathematics from Washington University in St. Louis and is a Certified Information Systems Security Professional (CISSP).\",\"sameAs\":[\"https:\/\/ciosoglobal.com\/\",\"https:\/\/www.linkedin.com\/in\/gregoryasullivan\/\"],\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/author\/gsullivan\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code","description":"Greg Sullivan at CIOSO Global shares some commentary on the CrowdStrike incident and what the takeaways of the situation should be.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/","og_locale":"en_US","og_type":"article","og_title":"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code","og_description":"Greg Sullivan at CIOSO Global shares some commentary on the CrowdStrike incident and what the takeaways of the situation should be.","og_url":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/","og_site_name":"Endpoint Security &amp; Protection Platforms | Solutions Review","article_publisher":"https:\/\/www.facebook.com\/solutionsreview","article_published_time":"2024-09-11T17:46:22+00:00","article_modified_time":"2024-09-11T17:46:34+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg","type":"image\/jpeg"}],"author":"Greg Sullivan","twitter_card":"summary_large_image","twitter_creator":"@InfoSec_Review","twitter_site":"@InfoSec_Review","twitter_misc":{"Written by":"Greg Sullivan","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#article","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/"},"author":{"name":"Greg Sullivan","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/7e25d92f0f375d1f9358af843dee00d5"},"headline":"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code","datePublished":"2024-09-11T17:46:22+00:00","dateModified":"2024-09-11T17:46:34+00:00","mainEntityOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/"},"wordCount":1517,"publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg","keywords":["CIOSO Global","Contributed Content","CrowdStrike","Greg Sullivan"],"articleSection":["Best Practices"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/","name":"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg","datePublished":"2024-09-11T17:46:22+00:00","dateModified":"2024-09-11T17:46:34+00:00","description":"Greg Sullivan at CIOSO Global shares some commentary on the CrowdStrike incident and what the takeaways of the situation should be.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#primaryimage","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/The-CrowdStrike-Incident.jpg","width":800,"height":400,"caption":"The CrowdStrike Incident - The Devil is in the Details, and Chaos is in the Code"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/endpoint-security\/the-crowdstrike-incident-the-devil-is-in-the-details-and-chaos-is-in-the-code\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/endpoint-security\/"},{"@type":"ListItem","position":2,"name":"The CrowdStrike Incident: The Devil is in the Details, and Chaos is in the Code"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website","url":"https:\/\/solutionsreview.com\/endpoint-security\/","name":"Endpoint Security &amp; Protection Platforms | Solutions Review","description":"Evaluating Enterprise EPP Software, Next-Gen Antivirus &amp; EDR Solutions.","publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization","name":"Solutions Review","url":"https:\/\/solutionsreview.com\/endpoint-security\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","width":200,"height":200,"caption":"Solutions Review"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/solutionsreview","https:\/\/x.com\/InfoSec_Review","https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review","https:\/\/www.youtube.com\/user\/SolutionsReview"]},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/7e25d92f0f375d1f9358af843dee00d5","name":"Greg Sullivan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/Greg-Sullivan.jpg","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2024\/09\/Greg-Sullivan.jpg","caption":"Greg Sullivan"},"description":"Greg Sullivan is the Founding Partner at CIOSO Global, LLC, specializing in cybersecurity and technology risk management. He advises clients on regulatory compliance and cybersecurity strategies, helping organizations design and implement risk-based cybersecurity capabilities. Previously, Greg served as Senior Vice President &amp; Global Chief Information Officer at Carnival Corporation, leading global IT, innovation, and cybersecurity efforts. He also held leadership roles as CEO and CTO at Global Velocity, focusing on enterprise and cloud security. Greg holds a BS in Systems Science &amp; Mathematics from Washington University in St. Louis and is a Certified Information Systems Security Professional (CISSP).","sameAs":["https:\/\/ciosoglobal.com\/","https:\/\/www.linkedin.com\/in\/gregoryasullivan\/"],"url":"https:\/\/solutionsreview.com\/endpoint-security\/author\/gsullivan\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/6011"}],"collection":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/users\/1134"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/comments?post=6011"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/6011\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media\/6012"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media?parent=6011"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/categories?post=6011"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/tags?post=6011"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}