CrowdStrike and the Global IT Crisis – What is happening? What should those affected do? What should CrowdStrike do?

Alex Hackett

Group Director of Digital

Sara Ghaffari

Board Director

Niamh Mercer Danher

Associate Director - Head of Liverpool City Region

What’s happened?

ALEX: A global cyber-security company CrowdStrike pushed an update to their software – this happens regularly in all sorts of software environments (think of when your apps update on your phone to fix a bug or add a new feature etc). Major software companies are constantly having to update software and send out patches to guard against cyber-attacks and meet the needs of changing digital infrastructure. The problem is that this update caused a major fault on many Microsoft Windows based machines – and given the company’s reach into these systems and how many products run on the Windows architecture to provide all manner of digital services, this has caused hundreds of devices world-wide to stop working completely.

What will happen now?

ALEX: CrowdStrike have isolated the rogue code in their system and are working on a solution to deploy. The problem with this particular error is that it causes the system to “blue screen”, meaning the system cannot be updated centrally over the internet in the same way that the fault itself was introduced into the system, meaning technicians worldwide will likely have to manually update these systems over time to bring them back online. This will likely be a long process which could be very costly for everyone involved.

Is there any way we can stop this from ever happening again?

ALEX: Unfortunately no – the internet and the computer systems that underpin our modern life are all built on layers upon layers of products and code stretching back decades. It is impossible for any one organisation to be completely across the thousands of ways in which the Microsoft operating system has been used in all of the varying environments its used in. The incredibly talented people who maintain and manage any of our most complex computing systems have to develop patches and updates often at incredible speed to deal with new vulnerabilities in software as they arise, meaning the chances that mistakes will always be present.

What should CrowdStrike do now?

SARA: In the last few hours we’ve seen CrowdStrike’s CEO, George Kurtz, put out a statement on X saying that “a fix has been deployed”. While this will be welcome news for businesses and consumers, especially those who have plans to travel tomorrow, it will be of little consolation to members of the general public and frontline workers that have had a stressful morning.

From an unknown brand to a global story in just a few hours, CrowdStrike is going to need to do more to allay the concerns of their investors and customers and importantly win back their trust.

Fixing the problem is a first step, but they should follow with a heartfelt apology and a clear action plan as to how they can guarantee a similar incident will not happen again.

It’s interesting that the statement was put out by the CEO on X and then retweeted by the company’s profile. This will have been to show audiences that the matter is being taken the most seriously and putting a “real face” to an issue can, at times, calm criticisms. CrowdStrike is going to need to do more for the business to survive. It’s likely that over the weekend we will see the CEO on our TV screens. Given the global nature of the story, he may choose to do a few interviews with leading broadcast outlets in the countries most affected. Can he win back trust and reassure his customers that the error can’t be replicated? These interviews will be make or break for the company.

If successful, this story then moves offline and into the strength of the company’s relationships. If they can deploy their teams to speak with customers, being transparent about what happened and their new checks and balances, they might just have a shot at surviving this crisis.

If my company is impacted, what should I do? 

NIAMH: Communicate early and communicate clearly. When a serious IT defect or malfunction like this occurs that directly impacts your customers or your essential operations, every minute counts in getting ahead of the message.

Having a communications plan in place for such an event not only buys you time to fix the problem, but more importantly could go a long way in buying you trust. Without effectively communicating with your network, you are leaving questions that others may answer for you, risking misinformation and the potential for serious reputational damage to your brand.

The longer your stakeholders are in the dark about what’s going on, the longer anxieties can build, and hard-earned trust can be lost.

Your communications plan should also have a clear cadence of audience groups that will need to be informed, at what stage and in what format during a time of crisis. Who needs an immediate phone call? Who needs a personalised written update? Does anyone need the offer of an in person follow up meeting to discuss the issue? Having these questions answered in advance can allow your team to focus on delivering solutions.

In the immediate aftermath of an IT crisis like this, any early statements or messages that are put out by an organisation that is still in the midst of fixing the problem should focus first on providing reassurances over the most commercially significant questions or worries that your audience will have. This should be short and to the point, without going into too much technical detail about the issues and how they will be solved.

For live crises that span more than a day, your team should consider daily updates to your core audience groups, demonstrating that your transparency and honesty as you work to fix the problems.

There will be time for longer form updates with appropriate audiences once the issues are fully resolved, and time for your team to assess any potential reputational risks or damages from the event. At this point, your communications team can assess how best to rebuild from the crisis in the long term, but being able to capitalise on the goodwill from your key stakeholders generated by your effective communications throughout the event will be priceless.

Minister of State for Housing and Planning, Matthew Pennycook MP, discusses streamlining infrastructure process and “going for growth” on Radio 4

The Importance of Case Studies in a Successful Comms Strategy

Add PLMR to your contacts

PLMR’s crisis communications experience is second to none, and includes pre-emptive and reactive work across traditional and social media channels. We work with a range of organisations to offer critical communication support when they are faced with difficult and challenging scenarios.