CrowdStrike outage impact widespread and significant, many reconsidering plans to invest more in the security vendor 

Flash survey of IT decision makers shows 55% considering reducing reliance on CrowdStrike, though 71% say it would be difficult to replace the vendor and 56% unlikely to replace it 

More than half of CrowdStrike customers are considering reducing their reliance on the vendor in light of today’s major outage, according to new data from an ETR Flash Survey of IT decision makers. 

Businesses worldwide that run Microsoft Windows experienced major IT outages overnight, grounding flights and causing significant disruption. The issue has been linked to a misconfigured or corrupted software update from cybersecurity firm CrowdStrike, affecting their Falcon Sensor product. CrowdStrike confirmed the issue is not a security incident or cyberattack, but rather a defect in an update. The issue has been identified and a fix has been deployed, but the recommended workaround steps from CrowdStrike require significant manual effort. 

To capture initial reactions to the outage, ETR conducted a Flash Survey today among its community of IT decision makers who are users of CrowdStrike. The 100 participants who responded to the survey are from mostly large firms in North America and across many industry sectors and represent the perspectives of both IT leaders and practitioners. 

Some of the key findings from the survey include: 

• 96% indicated their organization was affected by system-crashes or outages. 
• Collectively, 68% indicated that impacts were significant; 46% said very or extremely significant, causing significant delays or complete shutdown of essential operations. 
• 71% indicated it would be difficult to some degree to replace CrowdStrike if necessary  
• 56% were very or somewhat unlikely to replace CrowdStrike, but 9% were very likely and 5% certain to replace. 
• Collectively, 55% indicated this event makes them likely to either reconsider plans to consolidate their security stack around CrowdStrike (32%) or to consider options to reduce reliance on CrowdStrike (23%) going forward. 

Respondents in the survey were also asked to provide open-ended commentary on what they would say to CrowdStrike CEO George Kurtz if given the chance. Common themes in the responses included disappointment that better testing and quality assurance was not done prior to the release, as well as frustration and anger with CrowdStrike’s leadership and initial response. 

Some select quotes include:  

• “Fix your release process and send donuts to all the IT people that had to stay up overnight to fix.”
• “Completely unacceptable, there is no excuse for the disruption caused globally. A simple test of the update would have prevented the chaos that was brought to us around the globe. Consider resigning!”  
• “Your message about the crash was late and lacking any sense of regret or otherwise being humble. You have failed to deliver on your mission.”

Reach out for more insights from this Flash Survey, access ETR’s nine years of quarterly spending intentions data on CrowdStrike, or to speak with an industry analyst.