Network Security, Vulnerability Management, Patch/Configuration Management

FCA urges firms to boost operational resilience post-CrowdStrike disruption

Share
(Credit: Ascannio – stock.adobe.com)

Editor's note: This article originally appeared in our sister publication SC Magazine UK.

Companies should invest in operational resilience in the wake of the summer disruption caused by the CrowdStrike incident.

According to the UK's Financial Conduct Authority (FCA), third-party related issues were the leading cause of operational incidents reported to it between 2022 and 2023.

“These outages emphasise firms’ increasing dependence on unregulated third parties to deliver important business services,” a statement said. “This highlights the importance of firms continuing to become operationally resilient in line with our rules.

“We encourage all firms, regardless of how they were affected by the CrowdStrike incident, to consider these lessons, to improve their ability to respond to and recover from future disruptions.”

The CrowdStrike Falcon content update caused Microsoft users to encounter problems and crash in July, and the FCA said it “saw varying degrees of operational impact on regulated firms, with no sector more impacted than others, and minimal consumer harm.”

In that period, it engaged with firms during the incident to understand the impact on firms and the market, operational responses, and recovery. 

Operational resilience

As a result, the FCA encouraged investing and following its operational resilience rules, saying this will enable users to identify market impacts, and prioritize their important business services. It claimed that businesses that had mapped their important business services, and the resources necessary to deliver these services, were able to prioritize getting key services back online to reduce the overall impact the incident had on their operations.

Also, firms who had clearly defined and tested communications strategies were able to quickly and efficiently respond to, and communicate with, customers and stakeholders.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.
Dan Raywood

Dan Raywood is a Senior Editor with SC Media UK. He is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity. He covers topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes impacting the UK and the greater European community. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats and sampling craft beers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.