“A full-blown rollout from a security vendor to every customer within minutes is very dangerous.” – Dave DeWalt, former CEO of cybersecurity company McAfee, in a recent Wall Street Journal article.
CrowdStrike has stumbled upon a obvious insight after its buggy software update shuttered governments, businesses, hospitals, airlines and consumers around the globe – leading to billions in damages.
The cybersecurity giant calls it “canary deployment.” This means gradually rolling out software updates in the future so that the company can check for looming catastrophes.
This way, not every Microsoft Windows user gets the dreaded “blue screen of death.” This way, only one airline shuts down instead of several of them. This way, only a few hospitals take a hit while CrowdStrike fixes its glitch.
Somehow, coming to this revelation is costing the company billions in market value, restitution and damage to its otherwise stellar reputation.
Not using canary deployment is like staging an outdoor rally for a presidential candidate – a risky proposition in itself – and not checking rooftops for snipers.
Thousands are paying the price. CrowdStrike should not have risked leaving all of its customers CrowdStuck.
(Thanks to all my paid subscribers. This rest of this post is for you. Free subscribers can get to it by taking advantage of my limited free offer or by upgrading to paid. I will keep writing occasional free posts, as well as previews of premium posts like this one, so we can all have a laugh as we explore the follies of our precarious business world. Thanks so much for your support. – Al Lewis)
Keep reading with a 7-day free trial
Subscribe to Business Blunders to keep reading this post and get 7 days of free access to the full post archives.