Global Tech Disruption: Software Update Sparks Widespread Outages

Tech disruptions sparked by software update highlight the fragility of globally connected technology

Airlines, banks, hospitals and other risk-averse organizations around the world chose cybersecurity company CrowdStrike to protect their computer systems from hackers and data breaches. But all it took was one faulty CrowdStrike software update to cause global disruptions Friday that grounded flights, knocked banks and media outlets offline, and disrupted hospitals, retailers and other services. "This is a function of the very homogenous technology that goes into the backbone of all of our IT infrastructure," said Gregory Falco, an assistant professor of engineering at Cornell University. "What really causes this mess is that we rely on very few companies, and everybody uses the same folks, so everyone goes down at the same time." The trouble with the update issued by CrowdStrike and affecting computers running Microsoft's Windows operating system was not a hacking incident or cyberattack, according to CrowdStrike, which apologized and said a fix was on the way. But it wasn't an easy fix. It required "boots on the ground" to remediate, said Gartner analyst Eric Grenier. "The fix is working, it's just a very manual process and there's no magic key to unlock it," Grenier said. "I think that is probably what companies are struggling with the most here." While not everyone is a client of CrowdStrike and its platform known as Falcon, it is one of the leading cybersecurity providers, particularly in transportation, healthcare, banking and other sectors that have a lot at stake in keeping their computer systems working. "They're usually risk-averse organizations that don't want something that's crazy innovative, but that can work and also cover their butts when something goes wrong. That's what CrowdStrike is," Falco said. "And they're looking around at their colleagues in other sectors and saying, 'Oh, you know, this company also uses that, so I'm gonna need them, too.'" Worrying about the fragility of a globally connected technology ecosystem is nothing new. It's what drove fears in the 1990s of a technical glitch that could cause chaos at the turn of the millennium. "This is basically what we were all worried about with Y2K, except it's actually happened this time," wrote Australian cybersecurity consultant Troy Hunt on the social platform X. Across the world Friday, affected computers were showing the "blue screen of death" -- a sign that something went wrong with Microsoft's Windows operating system. But what's different now is "that these companies are even more entrenched," Falco said. "We like to think that we have a lot of players available. But at the end of the day, the biggest companies use all the same stuff." Founded in 2011 and publicly traded since 2019, CrowdStrike describes itself in its annual report to financial regulators as having "reinvented cybersecurity for the cloud era and transformed the way cybersecurity is delivered and experienced by customers." It emphasizes its use of artificial intelligence in helping to keep pace with adversaries. It reported having 29,000 subscribing customers at the start of the year. The Austin, Texas-based firm is one of the more visible cybersecurity companies in the world and spends heavily on marketing, including Super Bowl ads. At cybersecurity conferences, it's known for large booths displaying massive action-figure statues representing different state-sponsored hacking groups that CrowdStrike technology promises to defend against. CrowdStrike CEO George Kurtz is among the most highly compensated in the world, recording more than $230 million in total compensation in the last three years. Kurtz is also a driver for a CrowdStrike-sponsored car racing team. After his initial statement about the problem was criticized for lack of contrition, Kurtz apologized in a later social media post Friday and on NBC's "Today Show." "We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption," he said on X. Richard Stiennon, a cybersecurity industry analyst, said this was a historic mistake by CrowdStrike. "This is easily the worst faux pas, technical faux pas or glitch of any security software provider ever," said Stiennon, who has tracked the cybersecurity industry for 24 years. While the problem is an easy technical fix, he said, it's impact could be long-lasting for some organizations because of the hands-on work needed to fix each affected computer. "It's really, really difficult to touch millions of machines. And people are on vacation right now, so, you know, the CEO will be coming back from his trip to the Bahamas in a couple of weeks and he won't be able to use his computers." Stiennon said he did not think the outage revealed a bigger problem with the cybersecurity industry or CrowdStrike as a company. "The markets are going to forgive them, the customers are going to forgive them, and this will blow over," he said. Forrester analyst Allie Mellen credited CrowdStrike for clearly telling customers what they need to do to fix the problem. But to restore trust, she said there will need to be a deeper look at what occurred and what changes can be made to prevent it from happening again. "A lot of this is likely to come down to the testing and software development process and the work that they've put into testing these kinds of updates before deployment," Mellen said. "But until we see the complete retrospective, we won't know for sure what the failure was." Associated Press writer Alan Suderman in Richmond, Virginia, contributed to this report.

Microsoft outage: CrowdStrike CEO explains the 'logic' that went wrong - Times of India

A faulty software update from US-based cybersecurity company CrowdStrike caused widespread disruptions on Friday, impacting critical services from airlines and banks to hospitals and stock exchanges. Millions of Windows computers worldwide were rendered inoperable for several hours, and may across the world still continue to. In a blog post, CrowdStrike CEO George Kurtz, has explained what exactly may have caused the global outage.The post also shares a how-to guide for customers to fix the issue. There's also a root cause analysis. CrowdStrike emphasized that the incident was not a result of a cyberattack and that the issue has been resolved. Systems that downloaded the faulty update between 9:30 AM and 10:57 AM IST were most affected. The 'logic' that went wrong in CrowdStrike update "On July 19, 2024 at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems," wrote Kurtz. The CEO claimed that the issue has been rectified, "The sensor configuration update that caused the system crash was remediated on Friday, July 19, 2024 05:27 UTC." The machines impacted as per CrowdStrike "Customers running Falcon sensor for Windows version 7.11 and above, that were online between Friday, July 19, 2024 04:09 UTC and Friday, July 19, 2024 05:27 UTC, may be impacted. Systems running Falcon sensor for Windows 7.11 and above that downloaded the updated configuration from 04:09 UTC to 05:27 UTC - were susceptible to a system crash," said the blog post. The TOI Tech Desk is a dedicated team of journalists committed to delivering the latest and most relevant news from the world of technology to readers of The Times of India. TOI Tech Desk's news coverage spans a wide spectrum across gadget launches, gadget reviews, trends, in-depth analysis, exclusive reports and breaking stories that impact technology and the digital universe. Be it how-tos or the latest happenings in AI, cybersecurity, personal gadgets, platforms like WhatsApp, Instagram, Facebook and more; TOI Tech Desk brings the news with accuracy and authenticity.

How to bypass Microsoft outage-like event in future?

Microsoft outage has served as timely warning about the importance of cyber security in today's technology-driven world.Microsoft outage on Friday lead to pandemonium as several services were disrupted in the US, the UK, and other parts of the world. The storm is over but it is high time to ponder and think about how to bypass such event in future if its occurs again. The massive IT outage disrupted operations at companies across multiple industries on Friday, with major airlines halting flights, some broadcasters off-air and sectors ranging from banking to healthcare hit by system problems. CrowdStrike's "Falcon Sensor" software was causing Microsoft Windows to crash and display a blue screen, known informally as the "Blue Screen of Death," according to an alert sent by CrowdStrike earlier to its clients and reviewed by Reuters. People around the world were seeing the blue screen of death as computers continually try to reboot. The issues stemmed from a faulty software update delivered to Microsoft devices and servers from CrowdStrike, a cybersecurity company that mainly works to help protect bigger companies from attacks. On Friday, CrowdStrike said it had issued a software update fix that should repair the computers, and it posted instructions for manually fixing the problem. Customers can also call the company. The problem, cybersecurity experts say, is with a bug in an overnight update caused by a bad file, which essentially sends the computers into an endless loop of reboots. That means the fix that CrowdStrike sent may not be able to repair your systems from afar. Cybersecurity experts said the process might still be complicated. CrowdStrike has tweaked the faulty update already. That means computers that did not already download the software won't crash. Cybersecurity expert AI Lakhani has stated that one must look at the reliability and resilience of cybersecurity tools before investing in them and acquiring the latest versions. He has also advised business entities to focus on agentless solutions such as MFA 2.0 as it will reduce widespread failures due to compact defence mechanism, as per a report on Manchester Evening News. Q1. What caused Microsoft windows crash? A1. CrowdStrike's "Falcon Sensor" software was causing Microsoft Windows to crash and display a blue screen, known informally as the "Blue Screen of Death," according to an alert sent by CrowdStrike earlier to its clients and reviewed by Reuters. Q2. Which computers won't crash? A2. CrowdStrike has tweaked the faulty update already. That means computers that did not already download the software won't crash.

CrowdStrike's IT outage makes it clear why cyber resilience matters

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More A misconfigured content update released by CrowdStrike late on Thursday, inadvertently triggered worldwide outages across Microsoft Windows systems, taking many of the world's most essential services offline. CrowdStrike was attempting to update content that their Falcon Sensor uses to perform real-time threat detection and endpoint protection by monitoring system activities that identify suspicious behavior to prevent cyber attacks. The content update contains logic designed to fine-tune the detection of malicious activities and is based on the latest threat intelligence CrowdStrike collects on a real-time, continuous basis. "This was not a code update. This was actually an update to content. And what that means is there's a single file that drives some additional logic on how we look for bad actors. And this logic was pushed out and caused an issue only in the Microsoft environment," CrowdStrike CEO and founder George Kurtz told Jim Cramer during an interview on CNBC earlier today. An immediate global impact The outage was first spotted in Australia, with Windows machines crashing and displaying the Blue Screen of Death (BSOD). The faulty update triggered a Windows blackout worldwide, impacting dozens of airports, airlines, banking institutions, and service companies that all rely on Windows-based systems to operate their businesses. Hundreds of thousands of travelers are stranded in airports around the world. Approximately 2,600 U.S. flights had been canceled as of Friday afternoon, and more than 4,200 flights had been canceled globally based on FlightAware data as reported by the Wall Street Journal. The effects of the IT outage also spread across the Microsoft Azure cloud platform. Azure customers complained that they were "experiencing unresponsiveness and startup failures on Windows machines using the CrowdStrike Falcon agent, affecting both on-premises and various cloud platforms." Azure Health Status shows the outage still impacts Azure virtual machines across the four regions of America, Europe, Asia-Pacific, and the Middle East and Africa. IT teams are in for a long weekend and a tough July, as many cloud-based configurations will require individualized updates for every customer running a cloud-based system. Give IT teams a break and, if possible, postpone any large-scale projects until the misconfiguration can be solved. Outage needs to be a call to action for greater cyber resilience The more cyber resilient a business is, the greater the ability to anticipate, withstand, and recover from a wide variety of adverse conditions, including attacks, intrusion and compromises. It's often on CISOs to get cyber resilience right as a core part of their roles in senior management and, increasingly, on boards. "Ultimately, every enterprise has challenges around patching cadence. Today is CrowdStrike's bad day, and it became a bad day for a lot of folks. The fact that Crowdstrike required their end customers to do the work to ameliorate created more time to respond and time to remediate," Merritt Baer, CISO at Reco and advisor to Expanso, Andesite and EnkryptAI told VentureBeat. Trustwave CISO Kory Daniels recently said that "boards have begun asking the question: Is it important to have a formally titled chief resilience officer?" VentureBeat has learned that more boards of directors are adding cyber resilience to their broader risk management project teams. High-profile ransomware attacks that create chaos across supply chains are among the most costly for any business to withstand, as the United Healthcare breach makes clear. Outages caused by misconfigurations highlight the need for a unique form of cyber resilience so actively pursued that it becomes a core part of a company's DNA. Misconfigured updates will continue to cause global outages. That goes with the territory of an always-on, real-time world defined by intricate, integrated systems. "The scale is significant but the source is too -- for example, Snowflake was due to SaaS misconfigurations, and SolarWinds was a Russian-backed supply chain attack. This is good old-fashioned security pain," Baer said. This week's global outage is what a nation-state attack would look like if a nation's cybersecurity was weak or didn't exist. To get a glimpse into what's at stake when it comes to national cyber resilience and cyber defense, check out the recently released 2024 Annual Threat Assessment of the U.S. Intelligence Community. Cyber-resilience, in response to misconfigurations, needs to quickly identify and define issues, define a fix (ideally at a scale that can be automated), and over-communicate with every customer and person affected. Getting internal cyber resilience right needs to be supported with reporting that's accurate, easily accessible to everyone, and as real-time as possible. The goal needs to be giving everyone involved in updates a chance to own the outcome and know regression testing and testing across partner platforms is complete. "Earlier today, CrowdStrike's Falcon service suffered an unfortunate global outage that affected many customers using the software on Windows systems. CrowdStrike's incident response team's speedy action to determine the root cause and notify customers quickly is commendable, and their CEO's blog was honest and clear," Paul Davis, Field CISO at JFrog, told VentureBeat. Kurtz continues to post updates across social media platforms X and LinkedIn. In the most recent X post below, he commits to providing a root cause analysis of how the outage happened. "In the world of security, one must always be prepared for the unexpected and have an incident plan for those surprise events. There is no such thing as perfect software. After all, software is built by humans, and to err is human. It's how quickly you identify and recover from the problem that matters most," Davis told VentureBeat. You'll need to start any affected machine in safe mode first. This step is necessary because the Falcon Sensor software, which needs updating, is embedded within a subdirectory of the Windows operating system. Booting into safe mode is essential to access this subdirectory and perform the necessary updates. If the affected PC uses BitLocker or other full-disk encryption (FDE) software, you'll need the recovery key for each machine. CrowdStrike recommends the following steps in their blog post detailing how to recover an affected machine: Cyber resiliency is a proxy for customer trust "Security vendors need to understand that they are holding customer outcomes in their hands. I imagine Crowdstrike won't push updates in the same way in the future," Baer told VentureBeat. The worldwide outage continues to disrupt hundreds of thousands of people's lives and force businesses to a standstill. From the shop floors of designers who rely on cloud-based systems to connect with their customers to large-scale enterprises with thousands of colleagues unable to log in, today's experiences make it clear that cyber resiliency is more than a security initiative. It needs to be a cornerstone of customer experience. Earning and keeping the trust of customers hinges on making a business as cyber-resilient as possible. The outage is a compelling event every business needs to see as a crucible to evaluate how well prepared they are for a comparable event. Given the complex integrations and connections between global systems, there will be future outages. Every business must take responsibility for cyber resilience and choose to excel at it now rather than later.

How the world's tech crashed all at once

Display screens showing information on flights reflect error messages amid global IT outage. When computers and tech systems around the world went down Friday, snarling airports, closing Social Security offices and limiting jail operations, many people had one question: How on Earth could this happen in 2024? A software update from a single cybersecurity company, US-based CrowdStrike, was the root cause of the chaos, underlining the fragility of the global economy and its dependence on computer systems to which relatively few people give a passing thought. "[M]ost people believe that when the end of the world comes, it will be AI taking over some kind of nuclear power plant and shutting down electricity," Costin Raiu, a longtime cybersecurity researcher, quipped to CNN. "While in reality, it's more likely to be some kind of a little bit of code in a botched update, causing a cascade reaction in interdependent cloud systems." Software updates are a critical function in society to keep computers protected from hackers. But the update process itself is crucial to get right and to safeguard from tampering. An inherent -- and some say misplaced -- trust in that process was punctured on Friday. CrowdStrike is everywhere Numerous Fortune 500 companies use CrowdStrike's cybersecurity software to detect and block hacking threats. Computers running Microsoft Windows -- one of the most popular software programs in the world -- crashed because of the faulty way a code update issued by CrowdStrike interacting with Windows. CrowdStrike, a multibillion-dollar firm, has expanded its footprint around the world in its more than decade of doing business. Many more businesses and governments are now protected from cyberthreats because of this, but the dominance of a handful of firms in the anti-virus and threat-detection marketplace creates its own risks, according to experts. "We trust cybersecurity providers widely but without diversity; we've created fragility in our technology ecosystem," Munish Walther-Puri, the former director of cyber risk for the City of New York told CNN. "'Winning' in the marketplace can aggregate risk, and then we all -- consumers and companies alike -- bear the costs," Walther-Puri said. CNN has requested comment from CrowdStrike. How to prevent this from happening again The wide swathe of critical infrastructure providers affected by the outage is also likely to raise fresh questions among US officials and corporate executives about whether new policy tools are needed to avoid catastrophe in the future. Anne Neuberger, a senior White House tech and cybersecurity official, spoke of the "risks of consolidation" in the tech supply chain when asked about the IT outage on Friday. "We need to really think about our digital resilience not just in the systems we run but in the globally connected security systems, the risks of consolidation, how we deal with that consolidation and how we ensure that if an incident does occur it can be contained and we can recover quickly," Neuberger said at the Aspen Security Forum in response to a question about the IT outage. The chaotic scenario that played out Friday did not involve a malicious actor, but government officials around the world will likely be gaming out what might have been. The infamous hack of the US government using SolarWinds software in 2020, which US officials blamed on Russia, came through a tampered software update. That hack was not nearly as disruptive but another alleged Russian hack in 2017 caused billions of dollars in damage to the global economy because malicious code spread like wildfire. The CrowdStrike episode "demonstrates the serious damage that could be inflicted by a malicious adversary if they were so minded," Tobias Feakin, a former ambassador for cybersecurity and critical technology in the Australian foreign ministry, told CNN.

A risky trade-off made CrowdStrike's outage so devastating -- cybersecurity leaders say there's no easy fix

When Michael Armer's phone started blowing up at 4 a.m. Friday morning, he "freaked out." Armer, the chief information security officer at RingCentral, was receiving notifications about a stunning computer outage that was knocking down airport, bank, and hospital tech systems like dominos. The scope of the chaos raised fears of a major cybersecurity breach or a state-sponsored attack. "That's enough to get your blood flowing really quickly," Armer said. It turns out that the massive computer outage was not the work of nefarious hackers. It was the result of a glitch in a routine software update by security company CrowdStrike. "We were all very fortunate that this was related to one of their standardized and automated software deployments," Armer says of the CrowdStrike update snafu. But along with the relief that the disruption was not a cyber attack, the incident has highlighted the fragility and frightening interconnectedness of the technology modern society depends on -- and the extent of the danger posed by today's convoluted system of software updates which security experts say stretches staff thin at even the largest organizations and forces a constant balancing act of risky trade-offs. Security software like CrowdStrike provide "patches," or software updates, when threats are detected. Given the number of hackers probing companies' systems and devising new lines of attack, the need for patches is constant -- sometimes as many as several times a day. Organizations move quickly and often automate these updates to ensure that there are no holes in their protective shields. The problem is that new software is like an untested pharmaceutical drug - each new line of code could have a bug or defect that causes problems, unexpected side effects, and dangerous interactions with other software. In an ideal situation, a company would take the time to test each software update before deploying it to all their computers. "It's a really difficult conundrum, you cannot keep up with the number," said a CISO at a top law firm in New York City. "Sometimes you have to put out a security patch because it's critical and you've got vendors breathing down your neck and there's no way to [test] it," he said. "Sometimes there are several updates within a 24-hour period so you'd be caught in a recursive circle of testing where you would just never be done." For many in-house security teams, that means striking a balance between speed and risk. "The antivirus products are pushing up multiple updates per day because in some ways we've pushed them into a corner," said Paul Davis, field CISO at software supply chain platform Jfrog. "The faster that they can respond to detect a piece of software or malicious activity, the better they are. So that being the case, then the requirement to test multiple times a day becomes onerous." The real challenge, he said, is how to protect the organization that is responding to cybersecurity threats which can spread in hours, or even minutes, and at the same time make sure those software updates are tested. "We have to test the basic functionality of the software, but we rely on these automated updates to be safe, and it's almost like a calculated risk." The New York City law firm uses more than 30 separate security tools from a variety of vendors that run on laptops, desktops or servers. Normally, if an update causes problems, the software vendor will deploy a fix that an organization can quickly push to thousands of computers within the same day. But because of the nature of the CrowdStrike flaw however, that wasn't possible. The flaw essentially caused computers running Microsoft Windows to freeze up and display the dreaded "blue screen of death." Affected systems needed to be brought back to life, one by one. "You have to physically walk over to every computer and power it down and then bring it up, and when the screen comes up, you have to hit F3 to go into what they call Safe Mode and then go and delete a file somewhere," the New York law firm CISO explained. "It's just a nightmare." Some CISOs, however, put the bulk of the blame on Microsoft, not on Crowdstrike- and even avoid Windows altogether if they can. "In Silicon Valley, tech companies tend to avoid Windows," said the CISO of a medium-sized AI company, who requested anonymity due to the sensitivity of discussing security mitigations. He said that it is because of the design of Windows in its core architecture that leads to malware, spyware and the driver instability that occurred today as a result of the Crowdstrike flawed update. "CrowdStrike has clear process improvements to make, obviously, but it should not be possible in 2024 to have a kernel [core architecture] which is destabilized by a third party," he said. "Microsoft has had a bad year, from a security perspective, and they have to win the trust of the ecosystem back." Microsoft did not respond to a request for comment other than pointing to its existing statement about the outage. In a statement posted online Friday, CrowdStrike CEO George Kurtz apologized for the incident, which he said involved a "content update for Windows hosts," noting that Mac and Linux hosts were not affected. "All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority." Jfrog's Davis pushed back on the idea that a typical organization could get away with not using Windows. "Windows is still the predominant operating system," he said. "When you join a company, you're [usually] offered either a Windows machine or a Mac machine." John Paul Cunningham, CISO at security software company Silverfort, said that Friday's outage should be a wake-up for call for organizations, and make companies more leery of automated software updates. In Cunnigham's view, all threats are not created equal and companies can exercise more discretion by not always defaulting to the automated updates. "Companies like CrowdStrike often suggest doing auto updates with this premise that staying on the most current release of the product is more secure," he said. But companies can take more time to test it before pushing it out, he said, even if it takes a little more work. "As long as the security team knows there is an update, they can push it out manually-the update itself is still automatic." The bottom line is that for most cybersecurity leaders, figuring out how to strike a balance -- between risk and speed, and between operating systems -- will require some post-game analysis and decision-making, said RingCentral's Armer. And while getting a grip on software updates is important, he noted that companies should also be thankful Friday's outage was not even worse. "I personally am thankful that it wasn't a state-sponsored attack," he said.

These startups are trying to prevent another CrowdStrike-like outage, according to VCs | TechCrunch

Windows users around the globe woke up on Friday morning to "blue screens of death" thanks to a faulty software update from CrowdStrike. The bug caused outages around the world, bringing airlines, boats, hospitals, and banks to a grinding halt. But some see opportunity in the rubble. The global outage is a perfect reminder how much of the world relies on technological infrastructure. In the midst of disaster, some venture capitalists see a chance for new technologies to prevent this from ever happening again. In 2024, one buggy software update should probably not be allowed to take down so many of the globe's most important computer systems. Some would say this is exactly why startups, and venture capital, exist: to innovate in the face of a widespread issue. The CrowdStrike outage is drawing attention to cybersecurity companies, but CRV General Partner Reid Christian notes this wasn't a cybersecurity event. Christian tells TechCrunch the real problem is that a massive vendor deployed software that wasn't properly tested, debugged or deployed in a staged rollout. CRV is investing in a cybersecurity and IT management startup called Fleet that monitors vendor instances on your endpoint. It's not clear how well additional mobile device management-type software, like Fleet, would have worked with this particular CrowdStrike issue because the problem appeared to be caused by a faulty Windows kernel-level driver, which is software installed at the deepest levels of a computer. (Companies that had MDM software in addition to CloudStrike still experienced the BSOD.) But Christian points out that when granting that level of access and trust to a software vendor, more protections are necessary. "We need to have people watching the watchers in the cyber world," Christian said. "You can have your main vendors, but you must have ancillary vendors as well, people who are sitting alongside and are there to support." Fleet co-founder and CTO Zach Wasserman tells TechCrunch his security software operates outside the kernel to not compromise the stability of the system. Though this wasn't a cybersecurity incident caused by a malicious hacker, Friday's outage may have been so severe due to CrowdStrike's unique access to kernels, the core of the operating system. Lightspeed Venture Partners' Guru Chahal suspects cybersecurity applications, such as Wiz, that sit outside the kernel may become more popular after this disaster. "Once you give access to the kernel (as in this case), it's hard to stop these issues," said Chahal in an email to TechCrunch. "But avoiding by using non-invasive approaches is definitely possible and companies such as Wiz (Cloud Security) and Oligo Security (run time security) take these alternative approaches for this reason." Oligo Security is security observability software for open source software that uses sandboxing, not direct access to the kernel. Given that this was a Windows problem, it couldn't have prevented this issue. But the point of a sandboxed system is something the Windows security industry may want to better pursue. Meanwhile Wiz is not doing a victory lap just yet. Despite all the buzz around the cybersecurity company now that Google is negotiating a $23 billion acquisition deal, Wiz board member Gili Raanan says Friday's event upped the pressure on everyone. He expects the entire security ecosystem will face greater scrutiny around products and deployment due to this event. "It's a bad day for not just for CrowdStrike. It's a bad day for everyone involved in cyber security," said Raanan in an interview. "There are no winners and losers, there are only losers." Fin Capital founder Logan Allin, who invests in B2B financial services companies, sees a greater need for cloud observability companies in light of Friday's outage. Outside of cybersecurity, he says companies are becoming increasingly dependent on external APIs as they integrate more AI solutions, which are prone to buggy software updates like this. "There's companies in our portfolio, like Middleware, that ensure API integrations between your cybersecurity, your cloud orchestration, and all the moving packets of data within the architecture don't break," said Allin. Though Friday's outage was jarring, VCs like Allin and Chahal predict this is only the beginning of an outdated, crumbling infrastructure layer. Especially in older sectors, such as finance or healthcare, these outages highlight the need for updated technology. "Going forward, I suspect there'll be a number of startups that avoid this issue of sitting in the kernel while still providing run time security," Chahal said.