According to new research from Germany’s Federal Office for Information Security (BSI), one in 10 organizations affected by the CrowdStrike service outage in July are abandoning their current security provider.
Of the one-tenth of organizations switching vendors, nearly half (40%) have already replaced their cybersecurity solutions, with the remaining companies (60%) planning to do so soon.
Additionally, about one in five companies plans to review its vendor selection criteria following the incident, which left about 8.5 million Windows devices offline.
CrowdStrike service outage has left a bitter taste in customers' mouths
While Microsoft claimed that customers using their own systems were back up and running within minutes, the reality is that many of the affected users were reliant on third parties. BSI found that nearly half (48%) experienced downtime of ten hours.
As a result, two out of five companies were unable to engage with customers, impacting their business operations and revenue.
However, the service disruption has at least served as a reminder to companies of how precarious it is to rely on third parties. Two-thirds of them have improved or plan to improve their response to incidents.
BSI President Claudia Plattner commented: “There will never be 100 per cent protection against IT security incidents in the future… businesses must and can increase their resilience through preventative measures, making them more resilient to IT security incidents.”
The Bureau's research also highlighted the role of social media and the interconnected world during such events: more companies learned about the service outage through social media than directly from CrowdStrike.
While the agency acknowledged that the small sample size of 311 German organisations is not fully representative of the picture, it can at least be used as an indication of companies' responses to service disruption.
Through The Registry
