On Nextgov/FCW, former U.S. officials and security practitioners are wondering how a defective CrowdStrike patch for Windows systems fell through the cracks and created more cascading security risks.

CrowdStrike will likely survive and move forward, but, reputationally, it can’t afford another incident like this, said William MacMillan, a former CISO at the CIA.

“The update was supposed to be seamless to users,” said MacMillan, now chief product officer at cybersecurity firm Andesite. “Endpoint detection and response has been game changing, but because of where [Falcon] is positioned on the endpoints, if a patch does go wrong … that can have very significant consequences, as we’re seeing across the globe.”

A misconfigured content update released by CrowdStrike late on Thursday inadvertently triggered worldwide outages across Microsoft Windows systems, taking many of the world’s most essential services offline.

CrowdStrike was attempting to update content that their Falcon Sensor uses to perform real-time threat detection and endpoint protection by monitoring system activities that identify suspicious behavior to prevent cyber attacks. The content update contains logic designed to fine-tune the detection of malicious activities and is based on the latest threat intelligence CrowdStrike collects on a real-time, continuous basis.