“It’s turtles all the way down”.

Thanks for responding in good faith!

I agree that while CS did screw up in pushing out a bad update, only having a single vendor for a critical process that can take the whole business down is equally a screw up. Ideally companies should have had CS installed on half the systems and a secondary malware prevention system on every DR and “redundant” system. Having all of a company’s eggs in a single basket is very bad.

All the above being said; to properly implement a fully redundant, to the vendor level, system would require either double the support team, or a massive development effort to tie the management of the systems together. Either way, that is going to be very expensive. The point being: Reducing the budget of IT departments will further cause the consolidation of vendors and increase the number of vendor caused complete outage events.

It feels like you have an agenda that you are trying to apply to the CrowdStrike event and just so happen to slandering IT as an innocent bystander to the agenda you are putting forward.

If you had to summarize the goal of your initial post in less then 10 words, what would it be?

Maybe they should offer a real time patcher for the security vulnerabilities in the OOB KVM, I know a great vulnerability database offered by a company that does this for a lot of systems world wide! /s

bloated IT budgets

Can you point me to one of these companies?

In general IT is run as a “cost center” which means they have to scratch and save everywhere they can. Every IT department I have seen is under staffed and spread too thin. Also, since it is viewed as a cost, getting all teams to sit down and make DR plans (since these involve the entire company, not just IT) is near impossible since “we may spend a lot of time and money on a plan we never need”.