Rough patch: CrowdStrike sparks an auto-update debate

Automating software updates helps keep hackers at bay but can introduce op risk; banks balance the two

Credit: Risk.net montage

When it comes to minimising cyber threats, speed is of the essence. If companies delay vital updates to software, they leave themselves exposed to hackers. Which is why the automatic update approach used by major cyber security vendor CrowdStrike looked like a good idea.

Until it didn’t.

In July this year, when a faulty patch – a targeted update – caused its clients’ operating systems to crash, there was little companies could do to stop it because the updating process was automatic.

A CrowdStrike

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact info@risk.net to find out more.

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Risk.net? View our subscription options

The changing shape of risk

S&P Global Market Intelligence’s head of credit and risk solutions reveals how firms are adjusting their strategies and capabilities to embrace a more holistic view of risk

Most read articles loading...

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here