target audience: TECH BUYER  Publication date: Sep 2024 - Document type: IDC Perspective - Doc  Document number: # US52536824

Third-Party Risk: Aftermath of CrowdStrike Agent Content Update IT Outage

By: 

  • Philip D. Harris, CISSP, CCSK Loading
  • Craig Robinson Loading
  • Frank Dickson Loading
  • Ashish Nadkarni Loading
  • Tom Mainelli Loading

Content



Get More

When you purchase this document, the purchase price can be applied to the cost of an annual subscription, giving you access to more research for your investment.



Related Links

Abstract


This IDC Perspective discusses the aftermath of the CrowdStrike agent content update IT outage. Organizations around the world are struggling in the aftermath of the Microsoft and CrowdStrike disruptions as these combined events disabled millions of systems in the wake of a failed update. There is even more concern today regarding third-party risks, especially for those third parties that have considerable access, coverage, and control over IT estates. There are five distinct areas that must be inspected related to the CrowdStrike event: critical infrastructure and software, change control, recovery, resiliency strategy, and third-party risk management.

"While these types of catastrophic events do not occur on a frequent basis, vendors and customers tend to have short memories over time and fail to instill IT process and procedure rigor over time. Things like a deep inspection of vendor change management processes and procedures in combination with the customers' own processes and procedures to ensure there are no surprises, they are compatible, and they reduce the risk of IT disruptions," says Phil Harris, research director for Governance, Risk, and Compliance Services and Software at IDC. "This is where risk and compliance management processes and procedures can ensure this rigor continues ongoing into the future.



Coverage


Do you have questions about this document
or available subscriptions?