Speaker: Ruth Schmidt, PhD, MBA, was the program manager of the business mailer payment systems at the United States Postal Service. She has been involved in information security design, testing, and implementation for over 20 years. She is certified as a Project Management Professional and a Program Management Professional from the Project Management Institute. She is a Certified Information Systems Security Professional, CISSP, from the International Information System Security Certification Consortium, Inc. ISC2.
The CrowdStrike cybersecurity Falcon platform update on July 19, 2024, caused the largest IT outage in the history of the world. The estimated cost of this outage is now over $5 billion. Ruth Schmidt will show how CrowdStrike and other companies offering cybersecurity products could improve product technical design, testing and roll out procedures to prevent or minimize the impact of future outages. She will explore how client companies can prevent outages through testing, acceptance, and contingency processes.
Zoom Meeting Info
https://zoom.us/j/97527634510?pwd=eWcyTFJRMkZGanBQekJxTWxwSTdxdz09
Meeting ID: 975 2763 4510
Passcode: 946584
Today’s Presentation
Speaker: Ruth Schmidt, PhD, MBA, program manager - business mailer payment systems, United States Postal Service
Introduced By: Alan Schmidt
Attendance: No live meeting at NESC: Zoom: 68
Guest(s): None
Scribe: Alan Schmidt
Editor: Ed Nitka
View a Zoom recording of this talk at:
Today's Program 01062025
Ruth Schmidt is a member of Scientech Club. She holds a PhD in Chemical Engineering, and a master’s degree in business administration. She was the program manager for the business mailer payment systems at the United States Postal Service. She has been involved in information systems and security design, testing, and implementation for over 20 years. Ruth is a Project Management Professional and a Program Management Professional certified by the Project Management Institute. She is an Information Systems Security Professional, CISSP, certified by the International Information System Security Certification Consortium, Inc. ISC2. Ruth presented her own perspective based on her research on this CrowdStrike incident.
Ruth Schmidt explained the CrowdStrike incident which occurred on July 19, 2024 from the viewpoint of the auditor at our fictional company. 8.5 million Microsoft windows devices failed worldwide including the ones at our company. CrowdStrike provides endpoint security for corporate Microsoft (MS) Windows Devices and other devices. CrowdStrike owns over 20 percent of this market. The purpose of security is to establish trust via confidentiality, integrity, and availability. The outage on July 19, 2024, caused 8.5 Windows devices to become unavailable due to crashing with a Blue Screen of Death (BSOD).
How did this happen? CrowdStrike deployed a faulty Falcon agent patch. The IPC template expected 21 inputs, but only 20 inputs were provided. This deployment affected the Windows Kernel that controls the MS Windows operating system causing the BSOD. Machines could not be restarted until patched. Patching required approval of government agencies, manual IT assistance, and sometimes a tool Microsoft developed two days later.
CrowdStrike was awarded the 2023 Pwnie award for ‘most epic fail’ in August 2024 at the computer hacker convention DEF CON in Las Vegas. (The previously nominated awardee missed out.)
CrowdStrike President Santonas accepted the award, noting it would be displayed in their lobby to motivate workers to prevent future mistakes.
Ruth discussed mitigation and risk minimization for our company. Recommendations from the audit are to partner with all our security product providers. Let’s understand their product development, how we can test the product, and our recovery plans.
Ruth Schmidt
