After a significant cyber incident that disrupts business operations, organizations often take steps to improve their cybersecurity and resilience, which sometimes includes switching cybersecurity providers. The recent massive global outage caused by a faulty CrowdStrike sensor update has had this exact impact on many companies in Germany. According to a report by the German Federal Office for Information Security (BSI) and Germany's digital association Bitkom, this outage has caused many organizations to reconsider their cybersecurity strategies and partners.

Of the 311 German companies surveyed, 62% were directly affected by the CrowdStrike update, with their PCs or servers paralyzed, and 48% were indirectly impacted due to disruptions in their supply chains. For the companies directly affected, 48% had to cease operations either partially or entirely, with an average downtime of 10 hours. Resolving the issue required around two days and 422 human hours on average. While most companies had emergency plans in place, some found their plans were only moderately effective, and 22% did not use them at all.

In response to the outage, many organizations have implemented or plan to implement measures to prevent similar incidents in the future. These include revising IT emergency plans, conducting more training, improving patch management, and increasing backup systems and network segmentation. Notably, 10% of organizations have either changed or plan to change their cybersecurity providers, while one in five plan to adjust their criteria for selecting IT security vendors. While it’s unclear whether CrowdStrike will face lasting consequences, the incident has sparked industry-wide discussions about enhancing system resilience.