On Nextgov/FCW, former U.S. officials and security practitioners are wondering how a defective CrowdStrike patch for Windows systems fell through the cracks and created more cascading security risks.
CrowdStrike will likely survive and move forward, but, reputationally, it can’t afford another incident like this, said William MacMillan, a former CISO at the CIA.
“The update was supposed to be seamless to users,” said MacMillan, now chief product officer at cybersecurity firm Andesite. “Endpoint detection and response has been game changing, but because of where [Falcon] is positioned on the endpoints, if a patch does go wrong … that can have very significant consequences, as we’re seeing across the globe.”