Anyone clocking into work last Friday was ready for a tussle with their computer. I woke up to buzz from friends and family impacted by the global software outage, from work-related program problems to those stuck at the airport with flights at a halt, and the sentiment was all the same: what in the world is happening?
The Austin-based cybersecurity company CrowdStrike was at the helm of the incident after a content configuration updated for the Windows sensor to detect new potential threats— with Windows hosts running sensor version 7.11 and above negatively affected.
In the aftermath, businesses are turning to their IT departments to better understand and prepare for similar circumstances in the future. And in transportation, the importance of doing this, Mike Walters, president and co-founder of Action 1, says, is underscored.
"The need to prioritize testing of updates in sandbox environments that simulate real-world scenarios prior to deployment is obvious. Implementing phased deployment strategies that initially apply updates to a limited number of machines to identify potential problems early is also an option. And as always, test backup and recovery procedures to ensure rapid rollback mechanisms," explains Walters. "Transportation must implement multiple layers of redundancy for critical systems such as booking, scheduling and communications platforms. Use multi-vendor solutions for clustered servers. Ensure that essential functions can continue offline or with minimal IT support, such as manual check-ins and reservations. Transportation personnel should be trained to switch to this mode if necessary. There is a need for DRP plans that include scenarios for large-scale IT failures."
Earlier this year I emphasized the importance of cybersecurity measures, specifically in the use case of AI as capabilities continue to grow. With modern adoption of automation technology, a misconception comes in the thought of 'set it and forget it" and, although convenient, that mentality can lead to major pitfalls when issues inevitably arise.
"This incident may lead to skepticism about cloud-based and globally managed security solutions among transportation industry. Enterprises may explore hybrid models that balance on-premises and cloud-based security measures. It may also lead to skepticism about the need for security solutions, as they can cause downtime compared to ransomware, or even worse," says Walters, and this is where consideration really comes into play. Tech problems are a dime a dozen, but with solid mitigation efforts and a plan B, C and even D, they don't have to mean all aspects of your business come to a screeching halt.