Customers more cautious following CrowdStrike outage

One of the main lessons from the CrowdStrike outage in 2024 was the need to reexamine relationships and processes to ensure downtime from one supplier would not be so damaging.

Six months on from the incident, it appears those lessons have been acted on by many in the industry, according to research from solutions provider Adaptavist.

The firm quizzed software developers working at customers with revenues of $10m plus and discovered that the high-profile outage had led many to question their supplier relationships and move away from relying on a single vendor. Given the CrowdStrike problems were traced to a software update issue, the response from the developer community is an interesting one.

The firm found 10% of developers viewed over-reliance on a single-vendor solution as the biggest threat to their company’s IT resilience. There was a widespread sense of pessimism, with 42% expecting a supplier they work with to cause a major incident.

That sense of caution has led to changes in the past six months, with slightly above a quarter of respondents diversifying their software and service providers, with a further 57% thinking of doing the same. The reaction has seen a combination of examining relationships with existing vendors, while others have turned to open-source solutions as an alternative.

The pressure is not all on external suppliers, with a recognition that customers need to step up their internal efforts. That has seen increased activity around several areas, including delaying updates and increasing in-house development. Interest has also risen in deploying continuous integration and delivery, stress testing, and monitoring and visibility.

“This research paints a complex picture of the challenges facing organisations as they work to strengthen their digital resilience. The data suggests a fundamental reshaping of the software industry’s approach to vendor relationships, moving toward a model that balances the benefits of strong vendor partnerships with the resilience of diversified technology stacks,” said Jon Mort, CTO of Adaptavist.

“This isn’t just diversification for diversification’s sake – it represents a mature evolution in how organisations approach technology partnerships and risk management.”

The changing customer attitudes also create opportunities for the channel to meet evolving needs and provide a wider range of services.

“This underscores a growing need for strong service management practices that provide greater visibility and insights. The next critical challenge is going to be finding the right equilibrium between people, processes and technology,” said Mort.

“We need to empower IT teams to work with confidence – safe in the knowledge that their processes can withstand scrutiny – if we want to ensure long-term resilience and security,” he added.

The CrowdStrike outage on 19 July last year was one of the largest IT outages in history, affecting around 8.5 million devices worldwide. The disruption at first manifested in the form of the infamous blue screen of death – which signals a fatal system error – on Windows PCs.

It became clear fairly quickly that the cause of the trouble was a faulty channel file rolled out to CrowdStrike’s Falcon sensor product.