Image source, Getty Images
- Author, Natalie Sherman and Liv McMahon
- Role, BBC news
-
Shares of cybersecurity company CrowdStrike have fallen more than 13% as the company weighs the fallout from a global IT outage.
Chief Security Officer Shawn Henry said the incident was a “punch in the gut” for the company, which was previously one of the most trusted names in the industry.
“We have failed the people we were trying to protect. To say we are devastated is an understatement,” he said.
Many companies are still recovering from a faulty “content update” that crashed 8.5 million Microsoft Windows computers worldwide last week.
In some cases it was necessary to manually restart the device.
Mr. Henry, a former executive assistant director of the FBI, said the weekend had been “the most challenging 48 hours” of his 12 years at the firm.
He promised to use the incident as an opportunity to “emerge better and stronger than ever”.
“The trust we had built up over the years in dribs and drabs disappeared within hours, and that was a slap in the face,” he said in a LinkedIn message on Monday.
“But this is nothing compared to the pain we have caused our customers and partners.”
That was much more than any other airline.
A day earlier, Delta Airlines CEO Ed Bastian apologized to customers after U.S. Transportation Secretary Pete Buttigieg warned that the government had received complaints about “ongoing disruptions and unacceptable customer service” at the company.
Other agencies, such as the UK’s National Health Service, reported that their systems were functioning more normally.
Cabinet Office Minister Ellie Reeves told the House of Commons on Monday that most sectors affected by the CrowdStrike bug had largely recovered, including aviation, rail and maritime systems.
But she warned there would still be “minor disruptions”, including to the NHS.
She added that the government will work with the National Cyber Security Centre and other partners “to evaluate lessons learned”.
The incident showed how reliant the modern world is on “complex and interconnected IT systems and how essential preparation for such events is,” the minister told MPs.
Founded in 2011, CrowdStrike has approximately 29,000 customers worldwide, including government agencies in the US and UK and some of the world’s largest corporations.
The company’s shares had risen nearly 40% this year before the incident.
However, the hit to CrowdStrike shares on Monday followed an 11% drop on Friday, reflecting the severity of the incident.
Some investors are betting that the company’s rivals will benefit from its current troubles, which have exposed the world’s dependence on one big player and are attracting the attention of anti-monopoly authorities.
Sentinel One, for example, saw shares rise more than 8% on Monday.
Analysts said that despite the current hit to CrowdStrike’s stock, they do not expect long-term damage to the company.
“The reality is that despite CrowdStrike’s massive failure last week, there are few alternatives to CrowdStrike and switching costs are high,” Gene Munster, managing partner at Deepwater Asset Management, which is known for its technology investments, wrote on social media.
“In other words, when the company reports its July quarter results in late August, I expect the commentary to suggest unknowns about near-term customer retention. That said, I expect few long-term customer churn.”
Wedbush Securities analyst Dan Ives said it is critical that CrowdStrike resolves the issues this week.
“This will take some time to resolve, but it does not change our positive long-term view of CrowdStrike or the cybersecurity industry,” he wrote in a letter Monday.
Reporting contributed by Chris Vallance