Rough patch: CrowdStrike sparks an auto-update debate
Automating software updates helps keep hackers at bay but can introduce op risk; banks balance the two
When it comes to minimising cyber threats, speed is of the essence. If companies delay vital updates to software, they leave themselves exposed to hackers. Which is why the automatic update approach used by major cyber security vendor CrowdStrike looked like a good idea.
Until it didn’t.
In July this year, when a faulty patch – a targeted update – caused its clients’ operating systems to crash, there was little companies could do to stop it because the updating process was automatic.
A CrowdStrike
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net
More on Risk management
Banks urged to keep regulators in the loop on AI plans for AML
Risk managers advocate five-year strategies and compliance teams’ ownership of the tech they use
Banks urged to boost third-party scrutiny amid AML crackdown
Three US regulators highlight deficiencies in banks’ due diligence on fintech partners
Clearing members welcome JSCC initial margin reforms
Stress loss add-ons touted as path to ensure defaulter pays and default fund contributions shrink
Backtesting correlated quantities
A technique to decorrelate samples and reach higher discriminatory power is presented
Could Trump presidency herald $27bn margin call on World Bank?
Think-tank’s policy plan to pull US out of multilateral threatens AAA rating, ending collateral exemption
Op risk data: Shady loans robbing Reliance of $1.1bn
Also: H20’s less-than-liquid holdings, Ripple ripped for $125m, and more WhatsApp slaps expected. Data by ORX News
Banks must close the loop on counterparty credit risk
Following a series of market and industry credit risk events, regulatory scrutiny of counterparty credit risk management practices is increasing. Now, more than ever, banks must ensure they are optimising their approaches to credit risk mitigation
Should banks risk lightning hitting twice for CrowdStrike?
Bank tech teams divided on whether to give security vendor a second chance after update crash
