Global IT outage: The cyber resilience alarm heard around the world
The global IT outage caused an estimated $1 billion in global costs. Image: REUTERS/Brian Snyder
- Last week, businesses and governments worldwide were disrupted by a major IT outage.
- The global outage was caused by a bugged patch pushed by one of the world's largest cyber security providers and estimated to cost $1 billion.
- The outage was a stark reminder of the importance of cyber resilience in an increasingly digital world.
Last week, one of the largest IT outages in history disrupted businesses and governments around the world.
The incident, which affected 8.5 million Microsoft Windows devices, led to widespread disruptions of airlines, banks, broadcasters, healthcare providers, retail payment terminals and cash machines globally. The cost of the outage is estimated to top $1 billion.
What caused the outage
The disruption was caused by a flawed update to a cloud-based security software of CrowdStrike, one of the global top cybersecurity companies. The update to the Falcon software triggered a malfunction that disabled parts of the computer systems and software like Microsoft Windows. Three days after the incident, CrowdStrike reported that a significant number of the devices are back online and operational.
Why we need cyber resilience
As the stories of the disastrous consequences of the incident are making the headlines, there is a major lesson to be learned from the outage: we need to prepare for such incidents in ways that we can maintain the resilience of our businesses and services. Whether caused by the intentional actions of an adversary or the innocent mistakes of well-intentioned actors, businesses and governments need to be resilient to cyberattacks and other cyber failures that can lead to major disruptions of business processes.
The incident highlights the need to shift our perception of cybersecurity from a mere IT issue to the broader concept of cyber resilience as an integral part of business resilience. In the face of a cyberattack, businesses should be able to recover fast from an incident and resume business as usual.
To be cyber resilient, organizations need to first and foremost identify business-critical processes and ensure the continuity of those even during cyber incidents. This has to involve continuous conversations with business leadership to ensure alignment with the overall business strategy while conducting real-time prioritization.
The ecosystem view
The July outage should also nudge us to think beyond cyber and business resilience and look at the big picture: systemic resilience. As cyber threats become more advanced, businesses increasingly rely on a few sophisticated security software providers. This reliance creates a single point of failure, where a flaw in one system can lead to global cascading effects. Balancing centralized, highly protected architectures with decentralized, lower-impact systems is a difficult challenge.
Enhancing cyber resilience
Advances in cybersecurity can prevent many disruptions, but when adversaries do succeed or accidental cyber failures happen, organizations need to make use of a toolbox of methods to be able to detect, withstand, and recover business-as-usual operations as rapidly as possible.
The World Economic Forum’s Centre for Cybersecurity is collaborating with the University of Oxford’s Global Cyber Security Capacity Centre (GCSCC) on a blueprint (Cyber Resilience Blueprint Initiative) — or compass — to support organizations across industries to advance their cyber resilience. The initiative is bringing together cybersecurity leaders from across the world to develop a common understanding of business cyber resilience and collect and systemize experience on cyber resilience tradecrafts that matter.
As online and cyber infrastructures become ever more complex, interconnected and central to all sectors of business and society, the importance of cyber resilience will only continue to rise.
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
Stay up to date:
Cybersecurity
The Agenda Weekly
A weekly update of the most important issues driving the global agenda
You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.
More on CybersecuritySee all
Filipe Beato and Jamie Saunders
November 21, 2024