Special report
Following our research, we are delighted to publish our special report: Crash course in chaos: How tech teams responded to the global CrowdStrike outage.
The Crowdstrike fallout: A crash course in chaos
Share on socials
The Crowdstrike fallout: A crash course in chaos
Jon Mort
20 January 2025
3 min read
Jon Mort
20 January 2025
3 min read
Six months on, what have businesses learned from this major incident?
Introduction
Cybersecurity is a cornerstone of business operations in today's interconnected digital landscape. Organisations worldwide rely on advanced security solutions like CrowdStrike to safeguard their data and infrastructure. However, the 19 July CrowdStrike outage last year served as an alarming wake-up call, exposing vulnerabilities in the preparedness of established global organisations to face and prevent the crippling effect of a worldwide cloud outage.
At Adaptavist, our mission is to help businesses work better, so we decided to get under the skin of the impact that an outage of this magnitude had on technical teams. To do this, we surveyed 400 people with software development responsibilities in organisations with over $10m in revenue across the UK, US, and Germany with the goal of understanding the fallout, their current state, and their future plans.
Our research revealed that an astounding 98 percent of companies were impacted by the event, which affected millions of people globally as organisations raced to get their systems back online.
So, why did it have such a major impact?
84 percent of organisations admit to not having an adequate incident response plan in place before the outage. And of those with plans in place, only 16 percent found them effective during the crisis.
Most organisations had never experienced such a large-scale outage or the ensuing impact on IT infrastructure, nor did they understand what was necessary to mitigate the fallout. Contingency plans had never been truly put to the test, and the scale of the outage doesn't appear to be something that was ever even considered when these plans were drawn up, and scenario planning was conducted.
The good news is that in the aftermath of the CrowdStrike outage,
86 percent of businesses told us that they are boosting financial investment in software development practices and training.
It is worth pointing out, however, that any increased investment here will only realise its true value when coupled with a wholescale organisational agile mindset shift across people, processes, and tools that emphasises the importance of risk and compliance—all of which protect organisations against vulnerabilities like this.
The old adage of 'do more with less, but do it faster' and the desire to prioritise speed over quality may have been a contributing human factor to the fallout from this event. Now, six months later, and according to our research, software engineering practices are being adjusted, software investment priorities are shifting, and regulations are being adhered to with renewed rigour. You can read exactly how things are changing in the report, but needless to say, things are changing.
With increased awareness and attention towards cybersecurity, now is the perfect time to double down on agile ways of working, robust processes and testing, and reviewing risk management processes.
Our solutions capabilities span assessments, implementations, and training across agile and DevOps, the wider software development lifecycle, and your business processes. If you are taking the next steps towards IT resilience and future security, we can help.
Get your copy of this special report
If you're interested in reading more about our report findings, download a copy here.
Written by
Jon Mort
Chief Technology Officer
Jon is a customer champion, ingenious engineer, and digital evangelist. Passionate about using technology to transform human interactions, he elevates customer and employee voices to deliver the best tech experience possible.
Cloud
DevOps
Agile
ITSM