Nothing is perfect, nothing is absolute, and yes that’s an oxymoron but you get the point. Anyway, there are ways to minimize risk
- A/B testing
- gradual roll out
- monitored roll out
- rollback
And not only on the side of Crowdstrike, there are things that can be done by their customers:
- OS rollback from weekly or monthly snapshots of the boot drive or system drive (probably shouldn’t change that often)
- if that isn’t possible with that OS, use another OS
- automated deployment (again, probably possible to fallback to a last known good deployment)
- investment in sysadmins
- investment in security staff
Probably lots more, but I’m not a sysadmin. I bet you though, that the hospitals, rail, and other governmental institutions simply don’t have enough money to invest in that because of budget cuts and austerity measures. Some hospitals still have Windows XP running.
Companies and governments don’t think IT and security are important until they are. It’s not about creating a perfect system, it’s about creating a system that can bounce back quickly.
mkwt@lemmy.world 1 month ago
Car manufacturers have ISO 26262 to regulate safety critical software development, whereas aviation is mainly based on RTCA DO178.
The concepts are pretty similar. Details differ.