Outage Outcry

CrowdStrike's Actions Under a Microscope

Doug Bruehl | Jake Fabrizio | ETR Research 

| August 22, 2024

In the wake of the recent global IT outage, ETR collected feedback and testimonials from CrowdStrike customers detailing their experiences during the incident that was caused by a faulty update. In this report, we analyze IT decision-maker (ITDM) perceptions of CrowdStrike’s rollout failure and response to the incident, focusing on trust, operational impacts, effectiveness of communication, recovery efforts, and considerations for future utilization of CrowdStrike's services. The global incident had varying degrees of impact, with some enterprises experiencing minimal disruptions and a quick recovery, while others faced significant downtime, impacting critical services and leading to financial losses.

Two weeks prior to the outage, we closed our JUL24 Technology Spending Intentions Survey (TSIS) that asked about IT budgets for the back half of the year. In that, CrowdStrike received a very high Net Score of 48%, again topping standalone endpoint security vendors and achieving the third-highest Net Score in Information Security. Earlier in the year, our CNAPP Observatory market array survey found that IT decision makers viewed CrowdStrike’s Falcon Cloud offering very positively, placing the company in second place for both Momentum (behind Wiz) and Presence (behind Microsoft).

 

Our subsequent CrowdStrike flash survey conducted on the Friday of the outage surveyed 100 ITDMs on the incident’s organizational impacts, how it affected their attitudes, and how it was shaping expectations around the relationships with the security vendor. Of those respondents, over two-thirds indicated a significant impact, while 5% indicated that this event made them likely to either reconsider plans to consolidate their security stack around CrowdStrike or to consider options to reduce reliance on CrowdStrike going forward. In addition, 44% answered that they were either somewhat likely (30%), very likely (9%), or completely certain (5%) to fully replace CrowdStrike with another security provider. Given this dramatic discrepancy in attitudes just weeks after the latest TSIS, we expect spending intention data is likely to decline in the coming quarters. However, we caution that this poll was conducted on the first full day of the disruption when emotions ran high, which may have skewed responses more negatively. We followed up this initial survey with another customer check-in earlier this week, and those results are available to clients here.

Reactions Varied Across Industry and Job Title

We observed differences in responses across industries and job titles:

• C-suite respondents often highlighted the need for thorough analysis, while IT administrators and security engineers detailed technical challenges faced

• Large financial services enterprises reported major outages for up to two days, affecting both server and endpoint systems, leading to significant impacts on operations and requiring extensive efforts for recovery

• Large IT/Telco enterprises experienced massive outages, including disruptions to exchange servers, laptops/desktops, and ERP systems, requiring restoration efforts and potential financial claims

• Large retail enterprises faced issues with monitors not working in retail stores, impacting point-of-sale systems and other operations, causing disruptions and downtime

• Several healthcare enterprises experienced significant disruptions in providing patient care due to the outage, with clinicians unable to access medical records and patient care systems, leading to potential risks for patient care

Unsurprisingly, more customers reacted with negative opinions towards CrowdStrike’s response and mitigation efforts. While customer sentiment varied widely, most responses were constructively balanced, not fully critical. A few customers applauded CrowdStrike’s response to the botched software rollout, saying that it reinforced their confidence in the vendor’s capabilities, but many voiced deep dissatisfaction and a loss of trust. Several acknowledged the risk of technical failures for any software vendors, but others disagreed, placing more direct blame on CrowdStrike and their internal processes. These respondents characterized CrowdStrike’s response as indirect, delayed, and inadequate. For both cohorts, communication was a key factor influencing the perception of CrowdStrike.

The full Crowdstrike Customer Reactions report also highlights both Negative and Positive customer perceptions with a plethora of direct customer quotations, as well as detailing ongoing concerns and possible vendor shifts. The full report also analyzes possible churn expectations for the vendor going forward. Clients can access the report here. If you are not yet a client, please use the free report request sidebar for access.

Enterprise Technology Research (ETR) is a technology market research firm that leverages proprietary data from our targeted IT decision maker (ITDM) community to provide actionable insights about spending intentions and industry trends. Since 2010, we have worked diligently at achieving one goal: eliminating the need for opinions in enterprise research, which are often formed from incomplete, biased, and statistically insignificant data. Our community of ITDMs represents $1+ trillion in annual IT spend and is positioned to provide best-in-class customer/evaluator perspectives. ETR’s proprietary data and insights from this community empower institutional investors, technology companies, and ITDMs to navigate the complex enterprise technology landscape amid an expanding marketplace. Discover what ETR can do for you at www.etr.ai  

Get Free Report

Fill out the form to receive a copy of "Outage Outcry: CrowdStrike's Actions Under a Microscope" sent directly to your inbox.