The recent disruption of Microsoft Windows due to a flawed software update from CrowdStrike, a top cybersecurity provider, serves as a reminder of our reliance on vendors and their cyber-vulnerabilities.
The Incident: A Wake-Up Call
The inadvertent distribution of faulty code highlights that even the most trusted software providers can experience significant failures. Such disruptions can bring operations to a standstill, leading to lost productivity, financial losses, and reputational damage. While the affected organizations scramble to restore their services and mitigate damage, those with comprehensive incident response and business continuity planning are better positioned to navigate the chaos.
Now is the Time to Act
Given the CloudStrike incident, now is the time to address the following issues:
- Vendor Risks. Review your vendor contracts to understand your risks and potential exposures, as well as your vendor’s security posture and contractual responsibilities.
- Review and Update Plans. Regularly review and update your incident response and business continuity plans to reflect current threats and business needs.
- Conduct Drills and Training. Regularly conduct incident response drills and business continuity exercises to ensure your team is well-prepared.
- Engage with Experts. Consult cybersecurity, risk management, and legal professionals to identify gaps and improve your response strategies.
We can Help
If you were impacted by the CrowdStrike event or would like help raising your organization’s level of preparedness, the lawyers of Morris, Manning & Martin, LLP, can help.
Our attorneys are available to assist you in navigating the issues related to risk management and cybersecurity, coordinating with your IT security partners, business partners, and internal teams, and, if necessary, introducing you to trusted IT partners. We can also assist in increasing your cybersecurity posture by preparing or reviewing your incident response and business continuity plans, conducting tabletop exercises and incident response drills, and assessing and mitigating vendor risks.
Should you have any questions, please contact Roy Hadley, Jr. at Morris, Manning & Martin, LLP.