On a fateful Friday morning, Windows users worldwide were greeted with the dreaded “blue screens of death” (BSOD), all because of a defective update issued by CrowdStrike. This malfunction led to global disruptions, impacting sectors such as aviation, maritime, healthcare, and finance, effectively bringing them to a standstill. Yet, in the wreckage, some discern opportunities for growth.
This widespread disruption underscores the critical dependence of our society on digital infrastructure. Consequently, amidst this chaos, certain forward-thinking venture capitalists perceive an opening for pioneering technologies designed to avert such failures in the future. It raises a compelling argument: in the year 2024, a single flawed software update should not have the capability to incapacitate numerous vital global computer networks. This scenario epitomizes the raison d’être of startups and venture capitalism – to introduce innovation in response to prevalent challenges.
Although the CrowdStrike incident has spotlighted the importance of cybersecurity firms, CRV’s general partner Reid Christian clarifies that this event should not be tagged as a cybersecurity failure. Instead, the real issue was the wide-scale deployment of an inadequately vetted, debugged, or gradually launched software by a major vendor. CRV is channeling investments into a cybersecurity and IT management newcomer, Fleet, which keeps an eye on vendor activities directly from your endpoint.
It remains uncertain whether additional mobile device management solutions, such as Fleet, would have been effective against the specific issues introduced by CrowdStrike. The culprit seemed to be a problematic Windows kernel-level driver, a piece of software embedded at the very heart of computers. (Notably, firms utilizing MDM solutions alongside CrowdStrike still encountered the BSOD.) However, Christian emphasizes the necessity of implementing more safeguards when allowing such deep access to software vendors.
“The cyber world requires oversight over its guardians,” declared Christian. “Having core vendors is essential, but so is the support from secondary vendors, ready to assist from the sidelines.”
Zach Wasserman, Fleet’s co-founder and CTO, shared with TechCrunch how their security product works outside the kernel to ensure system stability is not jeopardized.
Although last Friday’s turmoil wasn’t the doing of a malicious attacker, the severe impact could be attributed to CrowdStrike’s deep kernel access, forming the operating system’s nucleus. Guru Chahal from Lightspeed Venture Partners anticipates a surge in popularity for cybersecurity tools like Wiz, which operate outside the kernel, following this incident.
“Granting kernel access, as was the case here, makes it challenging to mitigate such issues,” Chahal communicated via email to TechCrunch. “However, adopting less invasive measures is entirely feasible, and it’s for this precise reason that firms such as Wiz (Cloud Security) and Oligo Security (runtime security) prefer alternative methodologies.”
Oligo Security, an observability tool for open-source software, employs sandboxing instead of directly accessing the kernel. Although this method wouldn’t have averted the Windows-specific issue, the notion of sandboxed systems is something the Windows security sector might well consider embracing more earnestly.
Meanwhile, despite the burgeoning interest in Wiz amidst Google’s discussions of a $23 billion acquisition offer, board member Gili Raanan sees the recent incident as upping the ante for everyone in cybersecurity, forecasting enhanced scrutiny over product launches and deployments moving forward.
“This incident doesn’t only reflect poorly on CrowdStrike; it’s a setback for all entities in the cybersecurity domain,” Raanan remarked. “There are neither victors nor vanquished here, merely participants who have suffered a loss.”
Logan Allin, the founder of Fin Capital, who focuses on B2B financial services investments, highlights the growing necessity for cloud observability solutions post-Friday’s fiasco. Beyond cybersecurity, he points out the augmented reliance on external APIs by firms integrating AI solutions, which are equally vulnerable to faulty software updates.
“Our portfolio includes companies like Middleware, which guarantees the seamless integration of cybersecurity, cloud orchestration, and the various data packets moving within the system architecture don’t encounter breaks,” Allin explained.
Although last Friday’s outage was alarming, investors like Allin and Chahal believe it signifies just the beginning of the end for an outdated and deteriorating infrastructure layer. Particularly within older industries like finance and healthcare, these outages shine a spotlight on the urgent need for technological upgrades.
“Looking ahead, I anticipate a wave of startups that will bypass kernel-based issues while still delivering effective runtime security,” Chahal projected.
Reporting contributed by Marina Temkin.
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
