Congressional Oversight Intensifies as CrowdStrike CEO Summoned to Testify on Global Outages

Analysis | Congress is ramping up oversight of the global CrowdStrike outages

Lawmakers are dialing up scrutiny of the historic computer outages that grounded thousands of flights and disrupted emergency services last week, with the first of what could be several congressional committees angling for high-profile hearings. Republican leaders on the House Homeland Security Committee on Monday demanded that CrowdStrike CEO George Kurtz, whose company triggered the outages by sending Windows users a botched software update, commit to a hearing by Wednesday, as I reported. Reps. Mark Green (R-Tenn.) and Andrew R. Garbarino (R-N.Y.) wrote in a letter to the company that the outages "must serve as a broader warning about the national security risks associated with network dependency." CrowdStrike said in a statement that the company is "actively in contact" with the relevant congressional committees and that "engagement timelines may be disclosed at Members' discretion," but declined to say whether Kurtz will testify. The lawmakers' demand is likely just the beginning of a broadening congressional campaign to get answers on how millions of users and many organizations saw their daily business abruptly upended by one company's faulty update. House Homeland Security isn't the only panel digging into the incident: Those efforts could expand to focus more squarely on other actors, like Microsoft, whose ubiquitous workplace products are suddenly facing fresh criticism. The company has said the impact of the outages "was defined by the reach of CrowdStrike; not the reach of Microsoft." Microsoft has estimated that 8.5 million devices were temporarily disabled, and said it has deployed hundreds of engineers to work with customers to restore service. Kurtz, the CrowdStrike CEO, said in a series of X posts on Friday that the outages were "not a security or cyber incident" and that the company "continues to work with customers and partners" to resolve disruptions of service. CrowdStrike has said it has deployed a technical fix to address the issue, but the full impact of the incident, which left some systems down well into this week, remains unclear. Delta Air Lines on Monday canceled more than 800 flights as fallout from the outages continued, as my colleague Aaron Gregg reported, adding to the thousands more canceled across various carriers since Friday. Airlines were among the businesses hardest hit by the outages, which also forced some federal agencies to close down their local offices and disrupted emergency 911 call services. Schumer sets up Senate vote on child online safety measures Senate Majority Leader Charles E. Schumer (D-N.Y.) is set to unveil Tuesday plans to bring two major bills expanding online safety and privacy protections for children to the floor for a vote, capping a years-long campaign by senators to take action on the issue. The two bills -- known as KOSA and COPPA 2.0 -- have drawn broad bipartisan support in the chamber but languished for months amid opposition from a small group of senators that Schumer said blocked swift passage through what's known as a unanimous consent motion. That has forced Senate leaders to develop a new plan to pass the bills, which are widely viewed as the most significant legislative attempt in decades to rein in potential harms children experience online. Schumer will announce a new legislative vehicle aimed at passing the bills in a floor speech Tuesday and tee up procedural votes for later in the week, as soon as Thursday, his office said. Together, the bills would require companies to prevent harms to children including cyberbullying and sexual exploitation and ban targeted advertising to kids and teens. In a statement, Schumer said he is "proud to work side-by-side" with families who have pushed for congressional action to "put on the floor legislation that I believe will pass and better protect our children from the negative risks of social media and other online platforms." Even if passed by the Senate, the bills face an uncertain path in the House, where negotiations over broader privacy legislation recently unraveled and Republican leadership has expressed concern about the child-focused measures. Biden administration urges tech companies to step up child safety efforts (Cristiano Lima-Strong) Biden tweets instead of talks, as Elon Musk seizes on chaotic election (Cat Zakrzewski, Naomi Nix and Trisha Thadani) In Silicon Valley, Where Trump Made Inroads, Democrats Are Now Invigorated (New York Times) EU threatens to fine Meta for saying Facebook is 'free' (Verge) Nvidia preparing version of new flagship AI chip for Chinese market (Reuters) Google's Jigsaw open sources Altitude to help online platforms weed out extremist content (TechCrunch) After years of uncertainty, Google says it won't be 'deprecating third-party cookies' in Chrome (Digiday) Returns of the 'Amazombies': Unwanted packages are a retail nightmare (Caroline O'Donovan) A week of nonstop breaking political news stumps AI chatbots (Heather Kelly)

CrowdStrike's CEO confronts his own crisis

Good morning. Is it too late now to say sorry? By the time CrowdStrike CEO George Kurtz posted a message on X about the software "defect" that unleashed global chaos on Friday, his problem was technically solved. The issue had been "identified, isolated and a fix has been deployed," he wrote. While the bug hit less than 1% of Windows devices, it grounded more than 6% of the world's commercial flights. It also halted surgeries, broadcasts, money transfers, 911 call centers, train systems, stores, hotel reservations, mobile apps, and some government services. As of yesterday, many were still scrambling to recover. Now, Kurtz and CrowdStrike now enter a risky period. A cybersecurity company's software update just wreaked more havoc than any virus it was designed to block. Losses could rise into the billions and customers will at least pause to examine the perils of being too tied to one technology. Hackers are creating new security threats, the stock is down by almost a third, and Kurtz is being called to testify before Congress. The fact that this catastrophe was caused by CrowdStrike's failure made it all the more notable that Kurtz didn't apologize from the outset. A few hours later, he did go on the Today show to say "we're deeply sorry," later giving a personal apology to those impacted on another show. (That appears to be the extent of his media tour, by the way.) As reputation guru Davia Temin told me on Saturday, "What you say first counts double as that's the sentiment people remember." Some CEO statements are so mind-boggling that they're hard to shake, from the then BP chief Tony Hayward saying "I'd like my life back" after the deadly Deepwater Horizon disaster in 2010 to Boeing CEO David Calhoun telling a Senate subcommittee "I'm proud of our safety record" just last month. Prior to Friday's outage, CrowdStrike was one of the best-performing stocks this year. It's likely built a reservoir of goodwill with customers, who could forgive -- though Elon Musk did not, announcing on X that he'd removed CrowdStrike from all systems. At the same time, having experienced a major IT crash while serving as CTO of McAfee in 2010, Kurtz should have been better prepared to handle this kind of crisis. And yet CrowdStrike's response remains, at best, underwhelming. Three days after what may be the largest IT outage in history, CrowdStrike's home page looked cluelessly upbeat -- boasting the "fastest mean time to detect." Does waiting 78 minutes to detect and roll back a carnage-causing update qualify as fast? There's no mention of that incident, other than a subtle link to a "remediation and guidance hub" with PR statements that look like a user manual. I know this because CrowdStrike responded to my request for comment from Kurtz by sending me links to those statements. To be fair, Kurtz must be getting a lot of requests -- from media, customers, vendors, lawyers and more. Maybe Kurtz felt a few TV hits were sufficient to get the word out. It was a summer Friday, after all. More news below. Cybersecurity startup Wiz, valued at $12 billion, is turning down Google's offer to buy the company. Instead, Wiz will seek to go public via an IPO, according to an internal memo. The deal, reportedly worth $23 billion, would have been Google's largest-ever acquisition and would likely have attracted significant regulatory scrutiny. Fortune A mysterious VC fund Iconiq Growth and its notoriously media-shy founder Divesh Makan are sharing details about the VC fund with Fortune's Jessica Mathews for the first time. The fund cites its high-profile network of founders -- and the "uncommon lengths" it goes to to help them -- as what sets it apart from other funds. Iconiq just closed a $5.8 billion fund, its largest ever. Fortune Political parties need succession planning too U.S. political parties could learn a few things from companies about succession planning. Ted Dintersmith, a top Democratic donor, tells Fortune's Lila MacLellan that a corporate-style board likely would have considered both Biden and Trump to be poor standard-bearers for their respective parties. Political parties, like companies, also need to find ways to guide senior leaders out of their positions in what Dutch management theorist Manfred F.R. Kets de Vries calls "beautiful exits." Fortune War and rising nationalism is expected to spur a venture capital boom in a one-time Silicon Valley 'taboo' sector: defense tech by Luisa Beltran What Fortune 500 CEOs could expect from a Kamala Harris administration by Phil Wahba The rise of the AI gadget could free us from our smartphones. We just need to find the right device by David Meyer Nvidia is reportedly making another China-focused AI chip as U.S. export controls hit its business in the world's second largest economy by Lionel Lim Ryanair profits nearly halved as the low-cost airline blames its 'frugal' customers for booking too many last-minute tickets by Prarthana Prakash Kamala Harris could mean an end to Democrats' hard line on crypto -- but it's too soon to say for sure by Leo Schwartz This edition of CEO Daily was curated by Nicholas Gordon.

'Americans deserve to know...': CrowdStrike CEO asked to testify by US House Committee on Microsoft outage - Times of India

The CEO of US-based cybersecurity firm CrowdStrike has been called to testify before Congress following the widespread tech outage that crippled businesses and critical infrastructure worldwide. The faulty security update issued by CrowdStrike last Thursday (July 18) caused millions of Windows devices to crash, disrupting operations at airlines, hospitals, and countless other organizations. According to a report in NewYork Times, the House Homeland Security Committee, led by Rep.Mark Green (R-TN), is demanding answers from CrowdStrike CEO George Kurtz about the incident. The committee wants to understand how the outage occurred and what steps the company is taking to prevent a recurrence. Americans "deserve to know in detail how this incident happened and the mitigation steps CrowdStrike is taking," wrote Rep. Mark Green of Tennessee, the Republican chair of the Homeland Security Committee, and Rep. Andrew Garbarino, R-N.Y, as per the report. The letter was sent to George Kurtz, CrowdStrike's CEO. Green and Garbarino asked the company for a response to scheduling the hearing this week. Several businesses still continue to be down The global fallout from the outage has been severe, with airlines canceling hundreds of flights and many businesses still struggling to recover. The incident has highlighted the world's increasing reliance on a small number of tech companies and the potential consequences of failures in the digital infrastructure. CrowdStrike has acknowledged the issue was caused by a faulty update and not a cyberattack. However, lawmakers are concerned about the potential security implications, especially given the growing threat from foreign adversaries. As investigations into the outage continue, the tech industry is facing renewed scrutiny about the importance of robust security measures and disaster recovery plans. The TOI Tech Desk is a dedicated team of journalists committed to delivering the latest and most relevant news from the world of technology to readers of The Times of India. TOI Tech Desk's news coverage spans a wide spectrum across gadget launches, gadget reviews, trends, in-depth analysis, exclusive reports and breaking stories that impact technology and the digital universe. Be it how-tos or the latest happenings in AI, cybersecurity, personal gadgets, platforms like WhatsApp, Instagram, Facebook and more; TOI Tech Desk brings the news with accuracy and authenticity.