Preparing for the Next Worldwide Tech Outage

As tech leaders race to bring Windows systems back online after Friday’s software update by cybersecurity company CrowdStrike crashed around 8.5 million machines worldwide, experts share with CIO Journal their takeaways for preparing for the next major information technology outage.

Be familiar with how vendors develop, test and release their software

IT leaders should hold vendors deeply integrated within IT systems, such as CrowdStrike , to a “very high standard” of development, release quality and assurance, said Neil MacDonald , a Gartner vice president.

“Any security vendor has a responsibility to do extensive regression testing on all versions of Windows before an update is rolled out,” he said.

That involves asking existing vendors to explain how they write software, what testing they do and whether customers may choose how quickly to roll out an update.

“Incidents like this remind all of us in the CIO community of the importance of ensuring availability, reliability and security by prioritizing guardrails such as deployment and testing procedures and practices,” said Amy Farrow, chief information officer of IT automation and security company Infoblox.

Re-evaluate how your firm accepts software updates from ‘trusted’ vendors

While automatically accepting software updates has become the norm—and a recommended security practice—the CrowdStrike outage is a reminder to take a pause, some CIOs said.

“We still should be doing the full testing of packages and upgrades and new features,” said Paul Davis, a field chief information security officer at software development platform maker JFrog . undefined undefined Though it’s not feasible to test every update, especially for as many as hundreds of software vendors, Davis said he makes it a priority to test software patches according to their potential severity and size.

Automation, and maybe even artificial intelligence-based IT tools, can help.

“Humans are not very good at catching errors in thousands of lines of code,” said Jack Hidary, chief executive of AI and quantum company SandboxAQ. “We need AI trained to look for the interdependence of new software updates with the existing stack of software.”

Develop a disaster recovery plan

An incident rendering Windows computers unusable is similar to a natural disaster with systems knocked offline, said Gartner’s MacDonald. That’s why businesses should consider natural disaster recovery plans for maintaining the resiliency of their operations.

One way to do that is to set up a “clean room,” or an environment isolated from other systems, to use to bring critical systems back online, according to Chirag Mehta, a cybersecurity analyst at Constellation Research.

Businesses should also hold tabletop exercises to simulate risk scenarios, including IT outages and potential cyber threats, Mehta said.

Companies that back up data regularly were likely less impacted by the CrowdStrike outage, according to Victor Zyamzin, chief business officer of security company Qrator Labs. “Another suggestion for companies, and we’ve been saying that again and again for decades, is that you should have some backup procedure applied, running and regularly tested,” he said.

Review vendor and insurance contracts

For any vendor with a significant impact on company operations , MacDonald said companies can review their contracts and look for clauses indicating the vendors must provide reliable and stable software.

“That’s where you may have an advantage to say, if an update causes an outage, is there a clause in the contract that would cover that?” he said.

If it doesn’t, tech leaders can aim to negotiate a discount serving as a form of compensation at renewal time, MacDonald added.

The outage also highlights the importance of insurance in providing companies with bottom-line protection against cyber risks, said Peter Halprin, a partner with law firm Haynes Boone focused on cyber insurance.

This coverage can include protection against business income losses, such as those associated with an outage, whether caused by the insured company or a service provider, Halprin said.

Weigh the advantages and disadvantages of the various platforms

The CrowdStrike update affected only devices running Microsoft Windows-based systems , prompting fresh questions over whether enterprises should rely on Windows computers.

CrowdStrike runs on Windows devices through access to the kernel, the part of an operating system containing a computer’s core functions. That’s not the same for Apple ’s Mac operating system and Linux, which don’t allow the same level of access, said Mehta.

Some businesses have converted to Chromebooks , simple laptops developed by Alphabet -owned Google that run on the Chrome operating system . “Not all of them require deeper access to things,” Mehta said. “What are you doing on your laptop that actually requires Windows?”

Former New Hampshire Gov. Chris Sununu delivered a warning to Treasury Secretary Scott Bessent during a recent visit to Washington: Already-high airfares will surge if the war in Iran doesn’t end soon.

Sununu, a Republican who represents some of the biggest airlines as president of the industry group Airlines for America, has for weeks sounded the alarm to Trump administration officials about the economic fallout from high jet fuel prices. The war, Sununu has argued, must come to a close soon, or things will get worse.

Administration officials have gotten the message.

Privately, President Trump’s advisers are increasingly worried that Republicans will pay a political price for the rising fuel costs, according to people familiar with the matter. Many of those advisers are eager to end the war, hoping prices will begin to moderate before November’s midterm elections.

The fallout from the U.S.-Israeli attack in late February has slowed traffic through the Strait of Hormuz, a vital shipping lane, triggering a sharp increase in oil, gasoline and jet-fuel prices.

That means consumers are grappling with high costs ahead of the summer travel season, as they consider vacation plans.

Sixty-three per cent of Americans said they put a great deal or a good amount of blame on Trump for the increase in gas prices, according to a new poll conducted by NPR, PBS and Marist.

More than 8 in 10 Americans said struggles at the gas pump are putting strain on their finances.

Jet-fuel prices roughly doubled in a matter of weeks after the war began, and they have remained high. Airlines have said that will add billions of dollars of additional expenses this year, squeezing profit margins.

U.S. airlines spent more than $5 billion on fuel in March—up 30% from a year earlier, according to government data.

Carriers have been raising ticket prices, hoping to pass the cost along to consumers, and they are culling flights that will no longer make money at higher price levels.

In March, the price of a U.S. domestic round-trip economy ticket rose 21% from a year earlier to $570, according to Airlines Reporting Corp., which tracks travel-agency sales.

So far, airlines have said the higher fares haven’t deterred bookings and they are hoping to recoup more of the fuel-cost increases as the year goes on.

Earlier this week, Trump said the current price of oil is “a very small price to pay for getting rid of a nuclear weapon from people that are really mentally deranged.”

Secretary of State Marco Rubio told reporters that if Iran got a nuclear weapon, the country would have more leverage to keep the strait closed and “make our gas prices like $9 a gallon or $8 a gallon.”

Trump has taken steps in recent days to bring the war to an end. Late Tuesday, the president paused a plan to help guide trapped commercial ships out of the Strait of Hormuz, expressing optimism that a deal could be reached with Iran to end the conflict.

Crude oil prices fell below $100 a barrel on Wednesday, after reports that Iran and the U.S. are working with mediators on a one-page framework to restart negotiations aimed at ending the conflict and opening the strait.

Sununu said Trump administration officials are conscious of the economic fallout from the war: “They get it…and I think that’s why they’re trying to get through the war as fast as they can.”

But he cautioned that it could take months for prices to return to prewar levels.

“Ticket prices won’t go down immediately” after the strait is fully reopened, Sununu said. “You’re looking at elevated ticket prices through the summer and fall because it takes a while for the prices to go down.”

Since the initial U.S.-Israeli attack in late February, Sununu has met in Washington with National Economic Council Director Kevin Hassett, representatives from the Transportation Department and senior White House officials.

A White House official confirmed that Hassett and Sununu have discussed the effect of increased fuel prices on the airline industry. The official said the conversation touched on how the industry can mitigate the impact of high jet fuel prices on consumers.

“The president and his entire energy team anticipated these short-term disruptions to the global energy markets from Operation Epic Fury and had a plan prepared to mitigate these disruptions,” White House spokeswoman Taylor Rogers said, pointing to the administration’s decision to waive a century-old shipping law in a bid to lower the cost of moving oil.

Rogers said the administration is working with industry representatives to “address their concerns, explore potential actions, and inform the president’s policy decisions.”

A Treasury Department spokesman pointed to Bessent’s recent comments on Fox News that the U.S. economy remains strong despite price increases. The spokesman said Treasury officials have met with airline executives, who have reaffirmed strong ticket bookings.

“We’re cognizant that this short-term move up in prices is affecting the American people, but I am also confident, on the other side of this, prices will come down very quickly,” Bessent told Fox News on Monday.

The war has already contributed to one casualty in the industry: Spirit Airlines. Company representatives have said they were forced to close the airline because the sustained surge in jet-fuel prices derailed the company’s plan to emerge from chapter 11 bankruptcy.

The Trump administration and Spirit failed to come to an agreement for the company to receive a financial lifeline of as much as $500 million from the federal government.

Transportation Secretary Sean Duffy has argued that the Iran war wasn’t the cause of Spirit’s demise, pointing to the company’s past financial struggles, as well as the Biden administration’s decision to challenge a merger with JetBlue.

Other budget airlines have also turned to the federal government for help since the U.S.-Israeli attack. A group of budget airlines last month sought $2.5 billion in financial assistance to offset higher fuel costs, and they separately wrote to lawmakers asking for relief from certain ticket taxes.