Lessons for small businesses from the CrowdStrike incident

In July 2024, global cybersecurity company CrowdStrike brought the internet to its knees, with a glitch in its software update that caused widespread system crashes with computers running Windows operating systems. One source suggests the total cost of the outage could run to more than $1 billion.

Serious small business impacts

The glitch had severe consequences for many small businesses, disrupting daily operations, making it difficult to serve customers and process payments. Problems such as these can be compounded in small businesses, which often have limited IT resources, making diagnosing and fixing the problem a real challenge.

For small businesses, this is a wake-up call to ensure they have the right processes in place to get back up and running if and when the next CrowdStrike cybersecurity event occurs. Here are some steps to assist in being prepared for next time.

1. Implement a patch management strategy

Test any software updates in a controlled environment. This may help catch potential issues without disrupting your daily operations. Think of it as a dress rehearsal to ensure everything runs smoothly when the next IT incident happens.

2. Backup systems regularly

Always  back up your critical data and systems. It’s essential to have online backups for quick recovery as well as offline backups in case the online backups fail. This helps reduce the risk of losing important information if something goes wrong during an update.

3. Let your team and customers know when software updates are happening

This includes providing information about  potential downtime. You should also consider setting up alternative ways to stay in touch, so your business can keep moving even if the main systems are temporarily down.

4. Have a backup plan for critical systems

This could mean using secondary servers or cloud services that can take over if your primary systems fail. It’s like having a spare tyre ready to go.

What to do when your system goes down

When  you do experience a major outage, the first step is to promptly activate your incident response plan, if you don’t have one you consider creating one. This means ensuring all team members know their roles and how to follow established protocols to effectively assess and manage the situation.

Quickly determine the extent and severity of the issue, prioritising how to restore critical systems first. If a recent update has caused significant problems, consider rolling back to the latest backup, confirming it was made before the update.

Contact your IT support team or software representatives for expert assistance in diagnosing and resolving the issue as soon as you can.

Throughout the incident, stay in touch with staff and customers, keeping them informed about the situation, expected resolution time and any temporary measures in place. This builds trust and helps you navigate challenges efficiently.

Getting back on your feet

Once you’re back up and running after a major IT incident, it’s important to take stock and work out what you can do better next time.

Regularly check your systems for vulnerabilities and keep them updated with the latest security patches. Where possible, switch to cloud-based solutions for critical operations. Cloud services may offer better reliability and built-in backups, reducing the impact of local outages.

Then, set up tools that monitor your network and systems in real time, alerting you to potential issues before they become big problems. Also regularly review and update your security policies to stay ahead of new threats and technologies. Keeping your defence strategies up to date can assist in  minimising risks.

It’s also important to consider having comprehensive cybersecurity insurance policies in place so that in the event of a major cyber threat, your business has access to good-quality protection.

Important notice 

This article is of a general nature only and does not take into account your specific objectives, financial situation or needs. It is also not financial advice, nor complete, so please discuss the full details with your Steadfast insurance broker as to whether these types of insurance are appropriate for you. Deductibles, exclusions and limits apply. You should consider any relevant Target Market Determination and Product Disclosure Statement in deciding whether to buy or renew these types of insurance. Various insurers issue these types of insurance and cover can differ between insurers.