KUALA LUMPUR: Cybersecurity companies must prioritise deploying updates and software patches in stages to prevent widespread issues like the recent global information technology (IT) outage and ensure smoother transitions.
Moreover, cybersecurity firms must be prepared for incidents caused by cybercriminals or their own cybersecurity vendors.
LGMS Bhd chairman Fong Choong Fook said preparedness and cautious deployment are key to maintaining robust and reliable IT systems.
“Cybersecurity is no longer an IT issue alone. It is a business survival issue. Evaluate and deploy multiple products and solutions, whether hardware or software, to diversify risks.
“Also, regularly conduct cyber drills to simulate the event of computer failure, so to be better prepared for the inevitable,“ he told SunBiz.
This involves protecting against phishing campaigns from criminals pretending to offer official fixes and setting up standard operating procedures to prevent such failures.
Fong said the recent global IT outage on July 19 was not caused by black-hat hackers or malware but by a botched update from the cybersecurity company CrowdStrike.
“That’s right. The ones who were supposed to protect you from such incidents were the ones who made it happen,“ Fong said.
He said the primary responsibility in this case rested with CrowdStrike, and as a cybersecurity company, it should have conducted more thorough testing before releasing updates to the public.
“The likelihood of this sort of incident in the future depends on how security firms learn from this lesson.
“Cybersecurity firms bear an enormous responsibility to ensure their products’ stability,“ he said.
The update to CrowdStrike’s Falcon endpoint detection and response (EDR) software was so faulty that it caused Windows devices to ‘bluescreen’ and experience fatal failures that even multiple reboots could not fix.
Fixing the problem was difficult, and IT personnel had to manually intervene with each affected device.
The resolution was even more complicated if the device was protected by BitLocker, Windows’s full-drive encryption solution.
Several news agencies, cited by the Wall Street Journal, reported that a Microsoft spokesman blamed European Union regulators for contributing to the incident, as they required Microsoft to give kernel access to third-party anti-malware vendors.
CrowdStrike’s share price on NASDAQ dropped by over 10%, likely due to the company’s failure to properly test the update before releasing it to customers.
The incident also revealed several weaknesses in how businesses and government bodies manage IT infrastructure processes worldwide.
LGMS focuses mainly on cybersecurity assessment, penetration testing, cyber risk management, compliance, and digital forensic and incident response services.
