KUALA LUMPUR: Cybersecurity companies need to prioritise rolling out updates and software patches in a phased manner to prevent widespread issues like the recent global information technology (IT) outage and ensure a smoother transition.
Additionally, cybersecurity companies must prepare for incidents caused by cybercriminals and their own cybersecurity vendors.
LGMS Bhd chairman Fong Cheong Fook said preparation and careful implementation were key to maintaining a robust and reliable IT system.
“Cybersecurity is no longer just an IT issue. It’s a business survival issue. Evaluate and implement multiple products and solutions, whether hardware or software, to spread risk.”
“We will also regularly conduct cyber exercises to simulate computer failures to prepare for the inevitable,” he told SunBiz.
This includes protecting against phishing campaigns by criminals pretending to offer official fixes, and setting up standard operating procedures to prevent such outages.
Fong said the global IT outage that occurred on July 19 was caused by a botched update by cybersecurity firm CrowdStrike, rather than the work of black hat hackers or malware.
“That’s right. The people who were supposed to protect you from these kinds of incidents are the ones who did it,” Fong said.
He said CrowdStrike bears primary responsibility in the incident and that as a cybersecurity company, it should have conducted more thorough testing of the update before releasing it to the public.
“The likelihood of such incidents occurring in the future will depend on how security companies learn from this lesson.
“Cybersecurity companies have a huge responsibility to ensure the stability of their products,” he said.
A flawed update to CrowdStrike’s Falcon endpoint detection and response (EDR) software caused Windows devices to “blue screen” and experience a fatal failure that could not be fixed even after multiple reboots.
Fixing the problem was difficult and required IT staff to manually intervene on each affected device.
The solution becomes more complicated if the device is protected by BitLocker, the Windows full-drive encryption solution.
Multiple media outlets cited by The Wall Street Journal reported that a Microsoft spokesperson blamed the incident in part on European Union regulators requiring Microsoft to allow third-party anti-malware vendors access to the kernel.
CrowdStrike’s shares on the Nasdaq fell more than 10%, likely due to the company’s failure to properly test updates before releasing them to customers.
The incident also revealed several weaknesses in the way companies and government agencies around the world manage their IT infrastructure processes.
LGMS’s primary focus is on Cyber Security Assessment, Penetration Testing, Cyber Risk Management, Compliance, Digital Forensics and Incident Response services.