Nominate a top engineering voice of 2025 🏆

A tough day for incident responders: lessons from the CrowdStrike update

Stephen WhitworthStephen Whitworth
July 19, 2024 — 4 min read

Today marks a particularly challenging day for incident responders across the globe. As many of you may have noticed, a recent update from CrowdStrike has triggered widespread disruptions, causing chaos in various sectors. The ripple effects have been far-reaching and severe:

  • Flights grounded worldwide
  • Emergency services affected
  • Payment systems down
  • News channels offline
  • Trains delayed or cancelled

While the technical specifics of the issue might not be the focus here—and indeed, there are experts better suited to dissect the cause—what's crucial is understanding the impact on those who manage such crises.

Having spent considerable time with incident responders, I have a deep appreciation for the enormity of their tasks when faced with such widespread disruptions.

Immediate response is the tip of the iceberg

When an incident of this magnitude occurs, the initial focus is on technical remediation. Technical teams scramble to identify the causes and contributors, assemble to and deploy patches as quickly as possible.

Speed is of the essence to mitigate further damage and restore services. However, patching systems and mitigating the impact is just the tip of the iceberg.

Incidents affect the entire organization

In the wake of these kinds of incidents, other parts of the organization also need to swing into action:

  • Public Relations (PR) Teams: These teams are inundated with inquiries from media outlets, all seeking information on the incident's scope, cause, and resolution timeline. Crafting clear, accurate, and reassuring messages is critical to maintaining public trust.
  • Customer Support: Customer service representatives face a deluge of calls and messages from affected users. They must quickly understand the situation, provide accurate information, and offer appropriate compensation. Developing and implementing these processes on the fly can be daunting.
  • Executives: Senior leaders clear their schedules to focus entirely on managing the crisis. They are tasked with making high-stakes decisions based on incomplete and rapidly changing information. Their leadership and strategic thinking are crucial to navigating the company through the turmoil.

The importance of preparedness

The Crowdstrike incident underscores the importance of robust incident response preparedness. Effective incident response is not the sole responsibility of the technical teams; it requires a coordinated, cross-functional effort. Here’s why:

  • Integrated Response: A well-prepared organization has an integrated response plan that involves not just engineers but also PR, customer support, legal, and executive teams. Each team knows their role and can act swiftly and cohesively.
  • Training and Drills: Regular training and simulation drills help ensure that when a real incident occurs, the response is second nature. Teams are familiar with the protocols and can execute them efficiently.
  • Clear Communication: Predefined communication channels and protocols are essential to ensure accurate and timely information flow within the organization and to external stakeholders.

A glimpse of more to come

As our reliance on digital systems continues to grow, so too does the complexity and potential impact of incidents. The CrowdStrike update incident is a stark reminder that such disruptions are not just theoretical risks but real threats that can cause widespread chaos.

It highlights the necessity for organizations to invest in robust incident response frameworks and foster a culture of readiness.

Today, our thoughts are with the incident responders working tirelessly to resolve this situation. The coming days will be long and arduous. We've been there.

For those outside the immediate fray, it's a reminder to not bury our heads in the sand. Incidents like these are likely to become more frequent, and preparation is our best defense.

Picture of Stephen Whitworth
Stephen Whitworth
Co-Founder & CEO
View more

See related articles

Why we vibe coded a marketing campaign for Anthropic

Why we vibe coded a marketing campaign for Anthropic

We created a dedicated page for Anthropic to showcase our incident management platform, complete with a custom game called PagerTron, which we built using Claude Code. This project showcases how AI tools like Claude are revolutionizing marketing by enabling teams to focus on creative ways to reach potential customers.

Tom WentworthTom Wentworth
May 28, 2025
Comparing the incident.io vs PagerDuty comparison pages

Comparing the incident.io vs PagerDuty comparison pages

We examine both companies' comparison pages and find some significant discrepancies between PagerDuty's claims and reality. Learn how our different origins shape our approaches to incident management.

Tom WentworthTom Wentworth
May 9, 2025
The EU AI Act and what it means for managing incidents

The EU AI Act and what it means for managing incidents

The EU AI Act introduces new incident reporting rules for high-risk AI systems. This post breaks down what Article 73 actually mandates, why it's not as scary as it sounds, and how good incident management makes compliance a breeze.

Chris EvansChris Evans
May 2, 2025
View all

So good, you’ll break things on purpose

Ready for modern incident management? Book a call with one our of our experts today.

Signup image

We’d love to talk to you about

  • All-in-one incident management
  • Our unmatched speed of deployment
  • Why we’re loved by users and easily adopted
  • How we work for the whole organization