What can be learned from Austin-based CrowdStrike's outage? Photo via Getty Images

Airlines, banks, hospitals and other risk-averse organizations around the world chose cybersecurity company CrowdStrike to protect their computer systems from hackers and data breaches.

But all it took was one faulty CrowdStrike software update to cause global disruptions Friday that grounded flights, knocked banks and media outlets offline, and disrupted hospitals, retailers and other services.

“This is a function of the very homogenous technology that goes into the backbone of all of our IT infrastructure,” said Gregory Falco, an assistant professor of engineering at Cornell University. “What really causes this mess is that we rely on very few companies, and everybody uses the same folks, so everyone goes down at the same time.”

The trouble with the update issued by CrowdStrike and affecting computers running Microsoft's Windows operating system was not a hacking incident or cyberattack, according to CrowdStrike, which apologized and said a fix was on the way.

But it wasn't an easy fix. It required “boots on the ground” to remediate, said Gartner analyst Eric Grenier.

“The fix is working, it’s just a very manual process and there’s no magic key to unlock it,” Grenier said. “I think that is probably what companies are struggling with the most here.”

While not everyone is a client of CrowdStrike and its platform known as Falcon, it is one of the leading cybersecurity providers, particularly in transportation, healthcare, banking and other sectors that have a lot at stake in keeping their computer systems working.

“They’re usually risk-averse organizations that don’t want something that’s crazy innovative, but that can work and also cover their butts when something goes wrong. That’s what CrowdStrike is,” Falco said. “And they’re looking around at their colleagues in other sectors and saying, ‘Oh, you know, this company also uses that, so I’m gonna need them, too.’”

Worrying about the fragility of a globally connected technology ecosystem is nothing new. It's what drove fears in the 1990s of a technical glitch that could cause chaos at the turn of the millennium.

“This is basically what we were all worried about with Y2K, except it’s actually happened this time,” wrote Australian cybersecurity consultant Troy Hunt on the social platform X.

Across the world Friday, affected computers were showing the “blue screen of death” — a sign that something went wrong with Microsoft's Windows operating system.

But what's different now is “that these companies are even more entrenched,” Falco said. "We like to think that we have a lot of players available. But at the end of the day, the biggest companies use all the same stuff.”

Founded in 2011 and publicly traded since 2019, CrowdStrike describes itself in its annual report to financial regulators as having “reinvented cybersecurity for the cloud era and transformed the way cybersecurity is delivered and experienced by customers.” It emphasizes its use of artificial intelligence in helping to keep pace with adversaries. It reported having 29,000 subscribing customers at the start of the year.

The Austin, Texas-based firm is one of the more visible cybersecurity companies in the world and spends heavily on marketing, including Super Bowl ads. At cybersecurity conferences, it's known for large booths displaying massive action-figure statues representing different state-sponsored hacking groups that CrowdStrike technology promises to defend against.

CrowdStrike CEO George Kurtz is among the most highly compensated in the world, recording more than $230 million in total compensation in the last three years. Kurtz is also a driver for a CrowdStrike-sponsored car racing team.

After his initial statement about the problem was criticized for lack of contrition, Kurtz apologized in a later social media post Friday and on NBC's “Today Show.”

“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,” he said on X.

Richard Stiennon, a cybersecurity industry analyst, said this was a historic mistake by CrowdStrike.

“This is easily the worst faux pas, technical faux pas or glitch of any security software provider ever,” said Stiennon, who has tracked the cybersecurity industry for 24 years.

While the problem is an easy technical fix, he said, it’s impact could be long-lasting for some organizations because of the hands-on work needed to fix each affected computer. “It’s really, really difficult to touch millions of machines. And people are on vacation right now, so, you know, the CEO will be coming back from his trip to the Bahamas in a couple of weeks and he won’t be able to use his computers.”

Stiennon said he did not think the outage revealed a bigger problem with the cybersecurity industry or CrowdStrike as a company.

“The markets are going to forgive them, the customers are going to forgive them, and this will blow over,” he said.

Forrester analyst Allie Mellen credited CrowdStrike for clearly telling customers what they need to do to fix the problem. But to restore trust, she said there will need to be a deeper look at what occurred and what changes can be made to prevent it from happening again.

“A lot of this is likely to come down to the testing and software development process and the work that they’ve put into testing these kinds of updates before deployment,” Mellen said. “But until we see the complete retrospective, we won’t know for sure what the failure was.”

Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

TMC lands $3M grant to launch cancer device accelerator

cancer funding

A new business accelerator at Houston’s Texas Medical Center has received a nearly $3 million grant from the Cancer Prevention and Research Institute of Texas.

The CPRIT grant, awarded to the Texas Medical Center Foundation, will help launch the Accelerator for Cancer Medical Devices. The accelerator will support emerging innovators in developing prototypes for cancer-related medical devices and advancing them from prototype to clinical trials.

“The translation of new cancer-focused precision medical devices, often the width of a human hair, creates the opportunity to develop novel treatments for cancer patients,” the accelerator posted on the CPRIT website.

Scientist, consultant, and entrepreneur Jason Sakamoto, associate director of the TMC Center for Device Innovation, will oversee the accelerator. TMC officials say the accelerator builds on the success of TMC Innovation’s Accelerator for Cancer Therapeutics.

Each participant in the Accelerator for Cancer Medical Devices program will graduate with a device prototype, a business plan, and a “solid foundation” in preclinical and clinical strategies, TMC says. Participants will benefit from “robust support” provided by the TMC ecosystem, according to the medical center, and “will foster innovation into impactful and life-changing cancer patient solutions in Texas and beyond.”

In all, CPRIT recently awarded $27 million in grants for cancer research. That includes $18 million to attract top cancer researchers to Texas. Houston institutions received $4 million for recruitment:

  • $2 million to the University of Texas MD Anderson Cancer Center to recruit Rodrigo Romero from Memorial Sloan Kettering Cancer Center in New York City
  • $2 million to MD Anderson to recruit Eric Gardner from Weill Cornell Medicine in New York City

A $1 million grant also went to Baylor College of Medicine researcher Dr. Akiva Diamond. He is an assistant professor at the medical college and is affiliated with Baylor’s Dan L. Duncan Comprehensive Cancer Center.

Houston students develop cost-effective glove to treat Parkinson's symptoms

smart glove

Two Rice undergraduate engineering students have developed a non-invasive vibrotactile glove that aims to alleviate the symptoms of Parkinson’s disease through therapeutic vibrations.

Emmie Casey and Tomi Kuye developed the project with support from the Oshman Engineering Design Kitchen (OEDK) and guidance from its director, Maria Oden, and Rice lecturer Heather Bisesti, according to a news release from the university.

The team based the design on research from the Peter Tass Lab at Stanford University, which explored how randomized vibratory stimuli delivered to the fingertips could help rewire misfiring neurons in the brain—a key component of Parkinson’s disease.

Clinical trials from Stanford showed that coordinated reset stimulation from the vibrations helped patients regain motor control and reduced abnormal brain activity. The effects lasted even after users removed the vibrotactile gloves.

Casey and Kuye set out to replicate the breakthrough at a lower cost. Their prototype replaced the expensive motors used in previous designs with motors found in smartphones that create similar tiny vibrations. They then embedded the motors into each fingertip of a wireless glove.

“We wanted to take this breakthrough and make it accessible to people who would never be able to afford an expensive medical device,” Casey said in the release. “We set out to design a glove that delivers the same therapeutic vibrations but at a fraction of the cost.”

Rice’s design also targets the root of the neurological disruption and attempts to retrain the brain. An early prototype was given to a family friend who had an early onset of the disease. According to anecdotal data from Rice, after six months of regularly using the gloves, the user was able to walk unaided.

“We’re not claiming it’s a cure,” Kuye said in the release. “But if it can give people just a little more control, a little more freedom, that’s life-changing.”

Casey and Kuye are working to develop a commercial version of the glove priced at $250. They are taking preorders and hope to release 500 pairs of gloves this fall. They've also published an open-source instruction manual online for others who want to try to build their own glove at home. They have also formed a nonprofit and plan to use a sliding scale price model to help users manage the cost.

“This project exemplifies what we strive for at the OEDK — empowering students to translate cutting-edge research into real-world solutions,” Oden added in the release. “Emmie and Tomi have shown extraordinary initiative and empathy in developing a device that could bring meaningful relief to people living with Parkinson’s, no matter their resources.”