• 5 months ago
Industries like banks, hospitals, government agencies and airlines were disrupted around the globe Friday after cybersecurity firm CrowdStrike, suffered a massive international outage. Forbes contributor Emil Sayegh joined "Forbes Newsroom" to discuss.

Read the full story on Forbes: https://www.forbes.com/sites/emilsayegh/2024/07/19/widespread-technology-outages-and-the-imperative-for-ai-guardrails/

Fuel your success with Forbes. Gain unlimited access to premium journalism, including breaking news, groundbreaking in-depth reported stories, daily digests and more. Plus, members get a front-row seat at members-only events with leading thinkers and doers, access to premium video that can help you get ahead, an ad-light experience, early access to select products including NFT drops and more:

https://account.forbes.com/membership/?utm_source=youtube&utm_medium=display&utm_campaign=growth_non-sub_paid_subscribe_ytdescript


Stay Connected
Forbes on Facebook: http://fb.com/forbes
Forbes Video on Twitter: http://www.twitter.com/forbes
Forbes Video on Instagram: http://instagram.com/forbes
More From Forbes: http://forbes.com
Transcript
00:00Hi, everybody. I'm Brittany Lewis with Forbes Breaking News. Joining me now is Forbes contributor
00:08Emil Sag. Emil, thank you so much for joining me.
00:12Thank you. Excited to be here.
00:15You are a cybersecurity expert. So before we dive into the conversation here, give us
00:19a little bit about your background.
00:21Absolutely. Yes. I've been a serial CEO of multiple tech companies, been a CEO for about
00:2812 years, over three companies. And this latest company that I've led is a cybersecurity
00:37services provider. And we have been securing customers all over the world and protecting
00:46them against a lot of the cybersecurity threats that have been really active over the last
00:50two years.
00:52So you're the perfect person then to provide some insight into what happened on Friday
00:56when we saw what has been described as the largest IT outage in history. So this global
01:01outage disrupted industries ranging from hospitals, government agencies, banks, airlines. How did
01:08this happen?
01:09Absolutely. So in the industry, there's something very simple and that we call patching. This
01:17is when we send updates and you see those things on your phones, on your computers.
01:22We send a patch, we send an update to computers to update the software. And this is exactly
01:28what CrowdStrike tried to do. They have agents on a lot of these Microsoft-based computers
01:34that are running Windows and servers as well, not just PCs, but also servers. So they have
01:40these agents that they installed so they can look for nefarious traffic, for bad traffic,
01:46for malicious traffic, if you will. And these agents sit on these machines remotely. And
01:52then whenever CrowdStrike or any other software provider, for that matter, wants to update
01:58their agents, they send an update. Now, before we do these updates, usually we test them.
02:04We test them immensely, make sure that they're not going to cause an outage, that they're
02:08not going to have a conflict with the software that's running on these machines. This is
02:14usually what happens. Unfortunately, in this case, there must have been some kind of an
02:19oversight. Somebody didn't follow process and pushed an update to these agents that
02:26are sitting on these machines that had a conflict with the Windows operating system. So what
02:31happens is that the Windows operating system started going into a loop, what we call the
02:37blue screen of death, right? That's the nomenclature, the blue screen of death. And then these computers
02:42started going into this loop and never, never properly rebooting, frankly. And that's
02:49exactly what happened. All these computers are shut down. Servers are shut down until
02:53they figured out what the issue is. And they issued a fix for that.
02:58And no one wants to see a blue screen of death. That's especially for certain, especially
03:03on a Friday. But a lot of industries came grinding to a halt today. Everything from
03:09broadcasts to airlines, transportation, hospitals. What do you think it says that this type of
03:16outage could impact such critical industries?
03:21You know, this is how delicate our infrastructure is. And this is what I keep fighting about
03:25in Forbes, is that we have to make sure that we don't over rely on technology, and
03:31especially AI technology is the next thing. You know, we've got to make sure we don't
03:35over rely on a lot of these technologies. We have to build redundancy in our systems.
03:41As you saw, a lot of the Windows computers were down. And in this case, you know, people
03:47have to think about a hybrid approach to potentially their operating system, hybrid
03:52approach to their, to the software that they're deploying, so that they have, they don't
03:57put all their eggs in their basket. They have a level of redundancy. I think a lot of
04:03people are taking technology for granted. A lot of executives are taking technology for
04:07granted. CIOs are taking technology for granted, and putting a overweight belief in
04:16the fact that it was built in a redundant manner.
04:19So how do you become less reliant then on this type of technology as a CEO and not take it
04:24for granted because no one wants to show up to the airport and their flight not work
04:29because they're getting the blue screen of death?
04:33Yes, absolutely. The way you do it, first of all, is that the patching that is going on,
04:40this is a, I would say, one of the mundane tasks in IT. This is a very basic blocking and
04:46tackling task. We do that all the time. You know, we have to put proper change control
04:52mechanisms before we push these updates out, especially on a large scale. So companies
04:58like CrowdStrike, companies like Microsoft and others, before they push an update or
05:03before they allow an update, they have to certify that that update works and that it's
05:10not going to cause an outage like this.
05:12On a second level, we also have to diversify technologies. We have to be able to use
05:18virtualization to our advantage. Basically, we have the technology to switch from one
05:27technology to the next or have certain systems that could run on Linux or run on other
05:36technologies other than just Microsoft, if we so choose.
05:40So there has to be some hybrid approach to the technology deployments on the operating
05:46system, on the hardware, on the software, as well as whenever a change like this happens,
05:52we have to have a mechanism by which we can back out of these changes, back out very,
05:56very quickly and know exactly what was that last change that happened so that we can back
06:01out of it.
06:02So, Emile, to your point about putting all of their eggs in one basket, what do you think
06:07this means? Because it was able to affect so many services, should they diversify their
06:14cybersecurity? I mean, what does that look like?
06:18Absolutely. They should diversify their operating systems. They should rely on
06:22virtualization technologies, technologies such as virtual desktops so that they're able to
06:29switch from one operating system to the next.
06:34They should be also from a cybersecurity posture.
06:40I think one has to approach cybersecurity with a comprehensive approach.
06:45Having multiple providers, you know, is a double edged sword because then you get into
06:50finger pointing between the providers who caught what and what not.
06:54However, whoever provider that they pick needs to have good patching hygiene, good IT system
07:03update hygiene. This is not acceptable, what has happened.
07:07Although it does happen every once in a while, but it's never happened at this scale.
07:12And this just shows how much we've let lax IT practices start to dominate the way we
07:23operate. So we've got to go back to basics and software patches need to be checked, triple
07:29checked by both the company that is pushing those patches as well as the operating system
07:36that is allowing those patches to come in.
07:39I want to get your reaction to what CrowdStrike CEO George Kurtz posted.
07:44He said this in part after the outage today.
07:47Quote, today was not a security or cyber incident.
07:50Our customers remain fully protected.
07:52We understand the gravity of the situation and are deeply sorry for the inconvenience and
07:56disruption. What are your thoughts there on what he said?
08:01Well, I mean, my counter to that is that we have to take ownership.
08:07I've been on those in those shoes before, you know, over over 12 years as CEO.
08:13And before that, as a general manager of a very high volume cloud, a cloud computing
08:21platform. I've been in those shoes before.
08:24You know, one has to be contrite.
08:26We have to go figure out what went wrong.
08:28We have to do really true root cause analysis and not brush over it and sweep it under the
08:33rug. We've got to figure out how this never, ever can happen again.
08:39So my comment to him is that this is not a minor inconvenience.
08:42There were multiple people who were scheduled for surgeries today who were not able to
08:47get their surgeries done, which is which is frankly a pretty grave life and death
08:56situation. So this is not just an inconvenience where somebody misses their flight.
09:00This is actually, you know, we're putting people's lives in danger just because of our
09:04dependencies on all these technologies.
09:06So my advice is to really be contrite.
09:10Go figure out exactly what happened.
09:12Be honest with yourself, with your customers, with your employees, so that this can never,
09:17ever, ever happen before.
09:19I hear you raising the alarm here.
09:21Do you think this is a wake up call?
09:26Absolutely, this is a wake up call.
09:28I do think that many folks in the IT and tech field have been putting a lot of stock into
09:37technology and thinking that it's flawless.
09:40And today is a major wake up call because as as you saw and you pointed out, you know,
09:46people, you know, people couldn't couldn't have their operations done, you know, when
09:52they were scheduled. You know, it could be a life and death situation.
09:54So, you know, people need to understand in the IT industry in general, this is an
09:59admonition of everybody in the IT industry to make sure that we realize that what we
10:06are doing matters.
10:07What we are doing can be the difference between life.
10:11This is not about not being able to play a video game or somebody not being able to to
10:19pay for their coffee with their credit card this morning.
10:21Right. This is not about that.
10:22This is about things that matter, that are the differences between life and death.
10:28And I do think that a lot of IT professionals don't think of their jobs as that.
10:33They think of it as, you know, software or pushing updates and zeros and ones.
10:38But, you know, we have to take a step back and realize how pervasive IT technology and
10:44how dependent we are on IT technology and and make sure that we realize that we are
10:51causing major harm when we don't take proper precautions, you know, best agreed
10:55precautions, industry standard precautions in pushing in pushing software and updating
11:01software. I think to your point, I mean, even today I ordered a coffee on my way to
11:06work and that system was down.
11:08So I didn't get a coffee this morning.
11:10But I mean, that's no big deal compared to someone who's either getting on a flight or
11:13even worse, getting a surgery.
11:16So do you think that this indicates that there shouldn't be such a blanket technology
11:22here and that it should be more niche because the world can't come to a grinding halt
11:26based on one technological bug?
11:30Bingo, exactly.
11:32And and I think the issue that we have is that with AI, AI is making it look so
11:41seamless. It makes it look so believable that we are trusting it.
11:45Many people are trusting it blindly just because it looks and sounds good.
11:49It doesn't mean that it's accurate.
11:51It doesn't mean that it is the the truth, right, the output that we're getting from AI
11:57machines. And then same thing I would say with technology.
12:00And, you know, when it comes to performing life saving measures in general, we can't
12:10remember. We can't forget.
12:13I'm sorry. We can't forget the fact that we have to go back to basics and make sure that
12:20we know how to do things without the help of technology.
12:24You know, today it was an IT outage.
12:26Could it be a power outage tomorrow?
12:30Could it be an Internet outage tomorrow?
12:33Could it be a true cyber attack that cripples us?
12:36So we have to be able to do most life saving things without the help of technology.
12:43So that would be my parting words for the folks that are not in the technology field is
12:49that don't over rely on technology.
12:52You know, surgeons, please still know how to operate without the help of technology
12:58tools and flights controllers.
13:04Please don't forget how to land planes safely without the help of technology tools, etc.
13:12I think that's a really good reminder because even I got a few emails from various
13:16workout classes saying, hey, here's a reminder of how to sign up for a class without
13:21the app. You know, and I mean, it's crazy that people don't remember how to do this
13:26stuff when we didn't have this our entire lives.
13:30But how do you ensure that this type of thing doesn't happen again?
13:36Yeah, for sure.
13:38I mean, just like I said on the on pushing out the patches that CrowdStrike did, they
13:44have to go back to basics from an IT perspective and double check their patches, triple
13:49check them. And then on the recipient side, on all these machines and all these
13:55operating systems that are receiving these patches, they need to have a guardrail and an
14:00assurance, a handshake that says, OK, these patches have been tested on this operating
14:05system so that they're not causing outages again.
14:08However, as as you will know, you know, if issues happen again, we have to be prepared
14:15as professionals, each in our field to be able to operate without the assistance of
14:21technology, at least for a certain amount of time, for a certain period of time.
14:25Just like hospitals have generators, we have to be able to operate our functions,
14:32especially when it comes to saving lives without the help of technology.
14:38Amil, I appreciate your time today.
14:40You're welcome back any other time.
14:42Thank you so much for joining me.
14:44Thank you so much.

Recommended