Tech disruptions sparked by Texas co.'s update highlight the fragility of globally connected technology

What can be learned from Austin-based CrowdStrike's outage? Photo via Getty Images

Airlines, banks, hospitals and other risk-averse organizations around the world chose cybersecurity company CrowdStrike to protect their computer systems from hackers and data breaches.

But all it took was one faulty CrowdStrike software update to cause global disruptions Friday that grounded flights, knocked banks and media outlets offline, and disrupted hospitals, retailers and other services.

“This is a function of the very homogenous technology that goes into the backbone of all of our IT infrastructure,” said Gregory Falco, an assistant professor of engineering at Cornell University. “What really causes this mess is that we rely on very few companies, and everybody uses the same folks, so everyone goes down at the same time.”

The trouble with the update issued by CrowdStrike and affecting computers running Microsoft's Windows operating system was not a hacking incident or cyberattack, according to CrowdStrike, which apologized and said a fix was on the way.

But it wasn't an easy fix. It required “boots on the ground” to remediate, said Gartner analyst Eric Grenier.

“The fix is working, it’s just a very manual process and there’s no magic key to unlock it,” Grenier said. “I think that is probably what companies are struggling with the most here.”

While not everyone is a client of CrowdStrike and its platform known as Falcon, it is one of the leading cybersecurity providers, particularly in transportation, healthcare, banking and other sectors that have a lot at stake in keeping their computer systems working.

“They’re usually risk-averse organizations that don’t want something that’s crazy innovative, but that can work and also cover their butts when something goes wrong. That’s what CrowdStrike is,” Falco said. “And they’re looking around at their colleagues in other sectors and saying, ‘Oh, you know, this company also uses that, so I’m gonna need them, too.’”

Worrying about the fragility of a globally connected technology ecosystem is nothing new. It's what drove fears in the 1990s of a technical glitch that could cause chaos at the turn of the millennium.

“This is basically what we were all worried about with Y2K, except it’s actually happened this time,” wrote Australian cybersecurity consultant Troy Hunt on the social platform X.

Across the world Friday, affected computers were showing the “blue screen of death” — a sign that something went wrong with Microsoft's Windows operating system.

But what's different now is “that these companies are even more entrenched,” Falco said. "We like to think that we have a lot of players available. But at the end of the day, the biggest companies use all the same stuff.”

Founded in 2011 and publicly traded since 2019, CrowdStrike describes itself in its annual report to financial regulators as having “reinvented cybersecurity for the cloud era and transformed the way cybersecurity is delivered and experienced by customers.” It emphasizes its use of artificial intelligence in helping to keep pace with adversaries. It reported having 29,000 subscribing customers at the start of the year.

The Austin, Texas-based firm is one of the more visible cybersecurity companies in the world and spends heavily on marketing, including Super Bowl ads. At cybersecurity conferences, it's known for large booths displaying massive action-figure statues representing different state-sponsored hacking groups that CrowdStrike technology promises to defend against.

CrowdStrike CEO George Kurtz is among the most highly compensated in the world, recording more than $230 million in total compensation in the last three years. Kurtz is also a driver for a CrowdStrike-sponsored car racing team.

After his initial statement about the problem was criticized for lack of contrition, Kurtz apologized in a later social media post Friday and on NBC's “Today Show.”

“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,” he said on X.

Richard Stiennon, a cybersecurity industry analyst, said this was a historic mistake by CrowdStrike.

“This is easily the worst faux pas, technical faux pas or glitch of any security software provider ever,” said Stiennon, who has tracked the cybersecurity industry for 24 years.

While the problem is an easy technical fix, he said, it’s impact could be long-lasting for some organizations because of the hands-on work needed to fix each affected computer. “It’s really, really difficult to touch millions of machines. And people are on vacation right now, so, you know, the CEO will be coming back from his trip to the Bahamas in a couple of weeks and he won’t be able to use his computers.”

Stiennon said he did not think the outage revealed a bigger problem with the cybersecurity industry or CrowdStrike as a company.

“The markets are going to forgive them, the customers are going to forgive them, and this will blow over,” he said.

Forrester analyst Allie Mellen credited CrowdStrike for clearly telling customers what they need to do to fix the problem. But to restore trust, she said there will need to be a deeper look at what occurred and what changes can be made to prevent it from happening again.

“A lot of this is likely to come down to the testing and software development process and the work that they’ve put into testing these kinds of updates before deployment,” Mellen said. “But until we see the complete retrospective, we won’t know for sure what the failure was.”

Ad Placement 300x100
Ad Placement 300x600

CultureMap Emails are Awesome

Property Showcase

Houston female-focused health tech accelerator names top companies at annual event

you go girls

A Houston organization that accelerates and supports female founders leading innovative health tech startups has concluded its 2024 program with the announcement of this year's top companies.

Ignite Health, an accelerator founded in 2017 by longtime Houston health care professional Ayse McCracken, named its 2024 winners at its annual Fire Pitch Competition in Houston last month. The companies pitched health tech solutions across lung health, renal therapy, breastfeeding tech, and more.

"This year’s competition was a culmination of passion, innovation, and hard work from the top startups in our 2024 Accelerator Program," reads a LinkedIn post from Ignite. "These trailblazing founders earned their spot on the stage by demonstrating exceptional leadership and the potential to revolutionize the healthcare industry with their solutions and devices."

First place winner was Sarah Lee, CEO and co-founder of Relavo, a New York-based company that's making home dialysis more effective, safer, and more affordable. Lee accepted awards from Johnson & Johnson and Wilson Sonsini Goodrich & Rosati.

Therese Canares, CEO and founder of CurieDx, took second place and won its awards from SWPDC - Southwest National Pediatric Device Innovation Consortium and Wilson Sonsini. CurieDx, based in Baltimore, Maryland, is creating remote diagnostic tools using smartphone technology.

In third place is Andrea Ippolito, CEO and founder of SimpliFed, a company focused on democratizing access to baby feeding and breastfeeding services through virtual care that's covered by insurance. The startup won awards from Texas Children's Hospital and Wilson Sonsini Goodrich & Rosati.

Three other finalists won other awards, including:

  • Kadambari Beelwar, CEO and co-founder, Henderson, Nevada-based Truss Health, which created an AI-powered sensor fusion platform that's designed to detect early signs of infection, won an award presented by Memorial Hermann Health System and Golden Seeds
  • Mimi Gendreau Kigawa, CEO and co-founder of New York-based Zeph Technologies, an AI-lung care company with technology for clinicians to deliver pulmonary care to patients with chronic respiratory disease, won an award presented by CU Innovations and Houston Methodist
  • Ashley Yesayan, CEO and co-founder, New York-based OneVillage, a software platform meant to support patients and family members through trying health events, won an award presented by CU Innovations

The companies were evaluated by the 2024 judges, which included: Allison Rhines, head of JLABS Houston; Andrew Truscott, global health technology lead at Accenture; Angela Shippy, senior physician executive at Amazon Web Services; Kimberly Muller, executive director of CU Innovations at University of Colorado Anschutz Medical Campus; Myra Davis, chief innovation and information officer at Texas Children's Hospital; and Winjie Tang Miao, senior executive vice president and COO of Texas Health Resources.

Houston expert: Balancing flexibility, accountability, and performance in a hybrid world

guest column

Amazon, Salesforce, and Nike are just a few companies making headlines in 2024 for requiring employees to return to the office.

At the same time, technology is evolving, automation and efficiency gains are taking center stage, and employees continue to seek greater flexibility. This has fueled the debate around the future of where work gets done in 2025 and beyond.

Proponents of a remote or hybrid work model believe it leads to increased employee productivity, higher job satisfaction, and access to a larger talent pool. Detractors have a different viewpoint – suggesting employee isolation is greater, cyber security concerns are more complex to manage, and it’s hard to accurately evaluate employee performance.

So, what’s the answer?

The future of work lies in harnessing the power of the employer/employee relationship. This involves establishing clear guidelines for what working “looks like” inside and outside the company, measuring performance tied to company goals, and holding leaders and employees accountable for how these interactions occur.

A remote work policy helps establish clear guidelines. For example, should business cameras be on for all meetings? What is considered an acceptable business casual dress code? Can pets be on screen? Addressing the issues around a remote workspace, how to interact during a meeting, and what to wear helps to define company expectations and how you would like your business to be represented.

Formal performance management tools and processes have been in place for decades. While an annual event is important, encouraging managers and employees to have regular and structured performance conversations and share transparent feedback (regardless of where they work) helps you celebrate what’s exceptionally good, acknowledge what’s on track, and quickly course correct when needed.

Accountability in the remote work environment goes both ways, and leaders must model the behaviors they expect from employees. When the rule is cameras on, that means everyone, regardless of their title. When you’ve established working hours, be available to take the call or respond to the Teams chat within a reasonable timeframe. And when you need to be away from work, set expectations for when and how to reach you.

So, where is the best place to start when updating or establishing guidelines? First, review your key business objectives and work out what’s required to support the successful achievement of those goals. Design your remote and/or hybrid model around those objectives and place employees at the forefront of that design.

If you think about it, it’s no different than being in the office. You expect your employees and managers to show up, be fully present, and hold themselves accountable. That should be the expectation no matter where you “sit.”

------

Michelle Mikesell is the chief people officer at Houston-based G&A Partners.

Houston's Texas Medical Center wins prestigious global award recognizing leaders in life science innovation

new bling

Last month, a global organization honored innovation leaders in life sciences, and the Texas Medical Center was among the recipients of the prestigious awards program.

The 18th annual Prix Galien Awards Gala awarded TMC Innovation with the win in the "Incubators, Accelerators and Equity" category. The Galien Foundation created the awards program in 1970 in honor of Galien, the father of medical science and modern pharmacology. Alongside TMC, the other winners represented biotech, digital health, startups, and more.

"We are super proud of this distinction," Tom Luby, director of TMC Innovation says at Envision 2024 last month, crediting the TMCi team and TMC leadership for the award. "We lean on a lot of advisers and experts — people who volunteer their time to work with startups. Without (them), we would not have been successful."

Luby explains that a Prix Galien Award holds a Nobel Prize level of significance for the community.

TMCi was named a finalist in August, and competed against programs from Cedars-Sinai, Mayo Foundation for Medical Education and Research, TechConnect, and more.

"The Awards Committee is honored to witness the exceptional dedication and creativity of our nominees as they turn visionary ideas into transformative solutions for patients worldwide," says Michael Rosenblatt, chair of the Prix Galien USA Awards Committee, in a news release. "Their unwavering commitment to advancing patient care is truly commendable, and we are honored to celebrate their outstanding contributions to global health."

The award is displayed at TMC Innovation's office, located in the medical center at 2450 Holcombe Blvd.

View All Listings