Experts are warning that the recent global Microsoft outage, caused by a faulty update from security firm CrowdStrike, highlights the risks of relying too heavily on a small number of technology companies. The outage, which affected around 8.5 million machines and caused widespread chaos, underscored the vulnerability of our technology infrastructure.
A study by SecurityScorecard revealed that just 150 companies account for 90% of global attack services, with 15 tech firms, including Microsoft, holding 62% of the attack surface. These companies were found to have below-average cybersecurity ratings, making them lucrative targets for cybercriminals.
Aleksandr Yampolskiy, CEO of SecurityScorecard, stressed the importance of understanding and managing supply chain dependencies to mitigate such risks. He emphasized the need for businesses to diversify their systems and conduct regular stress-tests to ensure resilience against potential disruptions.
The incident at CrowdStrike served as a wake-up call for organizations to reassess their reliance on a few key technology providers and prioritize operational resilience. Yampolskiy urged IT teams to identify vulnerabilities within their ecosystems and take proactive measures to strengthen their organizations against future outages or attacks.