Cybersecurity

CrowdStrike’s crisis: Comms takeaways from the world’s ‘largest IT outage’

It’s Friday July 19th, a day set to reach 30 degrees in London and be the busiest in the UK airspace since 2019. Coincidentally, it’s also the day CrowdStrike “breaks the internet”.

In doing so, it also breaks broadcasters, airlines, healthcare services, cab drivers and coffee shops. It’s a PR teams’ worst nightmare, and not just because Gail’s payment system is down.  

Despite being interested in the role that comms has to play in a crisis, there is no part of me that would have liked to be in the shoes of those implementing CrowdStrike’s crisis comms strategy last week. I think even being a fly on the wall would be too close for comfort. So, it’s very easy to say, watching from a distance, “this is where you went wrong, and this is where you should’ve done better”.  

I don’t want to do that, because I’m sure the team battled through one of the more stressful weekends they’ve had in their careers and will continue to work incredibly hard to get the brand back on track. However, I did find in the coverage of the ‘largest IT outage in history’ a number of lessons to be learned on how to keep comms a strong pillar of your organisation in the midst of global meltdown. 

Quick response – everywhere

There was an obvious issue when many woke up faced with the ‘Blue Screen of Death’ (BSOD) as soon as they tried to log-in on Friday morning. Yet the scale of this issue, and the reason behind it, took slightly longer to identify. 

Those first few hours when many are scrambling for answers are critical. For example, customers, reporters and those closely following the story were heading to CrowdStrike’s ‘X’ account, which didn’t yet hold any new information. The pinned tweet, however, was ‘advertising an event for the very system that has screwed the world’, as pointed out by Chris Middleton. Fast response is therefore key. Not just in official statements and updates, but from a holistic point of view like considering the appearance of social channels and acknowledging a problem to reassure those seeking answers that work is being done to get them.  

Public updates – often

Once those first few hours of investigation are done, and the issue has been identified (perhaps not yet remedied), more communication from brands is key. The CrowdStrike incident affected such a large number of people – not simply its customers, but its customer’s customers too. Yet initial updates were buried behind log-in walls and therefore only accessible to customers. In cases like these, making sure updates and regular comms reaches everyone affected (including those that faced hours of delays at airports, or those that couldn’t attend their GP appointments) is key to avoid confusion and maintain brand reputation.  

Empathy in communication

CEO George Kurtz initially faced backlash on ‘X’ for the first statement shared, due to his corporate language, passive voice and lack of a clear apology. This first tweet also shared little more information that what most already knew or suspected.  

However, the CrowdStrike leadership team have since been applauded for the apologies that followed on Friday and since. First, with Kurtz’s appearance on The Today Show, saying sorry “for the impact that we’ve caused to customers, to travellers, to anyone affected by this, including our company”. CrowdStrike CSO also shared an apology on LinkedIn and said, “we failed you”. This empathy and acknowledgment of wrongdoing is vital in starting to repair a brand’s image in a crisis. Those affected are facing human issues, and they want a human response, rather than a corporate statement. In cybersecurity this isn’t always easy to get, and Kurtz’s Today Show response highlighted why it’s so important.  

Reddit is king for community engagement

CrowdStrike’s sub-reddit has an impressive 32k members, meaning it’s in the top 4%. This may have grown since Friday’s outage, but it’s likely the team have built up this following over time as Reddit becomes increasingly important within a B2B social media strategy. 

We’ve seen it before with organisations like Red Hat, that have created a community and established themselves as technical experts available for support, advice and guidance 24/7. The thread “BSOD error in latest CrowdStrike update” on CrowdStrike’s sub-reddit received around 22,000 comments and was the first port of call for many IT teams looking into remediations for Friday’s issue. Using Reddit to support the IT and cyber community and becoming trusted advisors for both internal and external issues is proving vital – especially as questions remain over the relevance of ‘X’ in years to come. 

Overall, the situation looked bleak for CrowdStrike on Friday morning as its share price dropped 11% and criticism poured in. Yet despite a rocky start, the team were able to take advantage of key channels to share empathetic, apologetic and informative updates. What’s left now is for the PR and marketing teams to re-build confidence in the brand and continue with vital comms around future risks – especially given reports of phishing emails from hackers taking advantage of the situation.  Within this, I’m sure crisis planning for future issues will be front and centre.  

Written by Amy Butler

Get in touch to work with a world-class team of B2B tech marketers

Improve your industry reputation and influence, grow your customers base and drive investment through transformative integrated marketing.