How CrowdStrike Stopped Everything
Cybersecurity experts know the CIA Triad well: that’s the acronym for Confidentiality, Integrity, and Availability, all of which are essential to data security. Organizations must keep data secret so not just anyone can see it; they must maintain its accuracy and reliability, and they must keep the information available to those who need it.
Organizations ensure data confidentiality with access controls and encryption. They maintain data integrity through backup and recovery and version, access, and security controls. Data holders keep information available through redundancy, backups, and systems monitoring and updates.
However, keeping data available means more than preventing data loss. It is not only ransomware that puts data out of reach. Data, applications, and systems become unavailable in IT system outages. The data is still there, but no one can get to it.
On July 19, 2024, the global IT outage that cybersecurity company CrowdStrike caused brought down millions of Windows computers worldwide, making data and applications inaccessible. Hospitals canceled surgeries, airlines grounded planes, and 911 call centers suffered outages lasting several hours. These and countless other systems were unavailable. It was not a cyberattack or a data breach, but it was still a security issue, the biggest of its kind.
