Broken windows: How would you respond if you caused global IT outage?

During our crisis communication training courses we tell delegates a crisis can come in many shapes and sizes.

Not many, however, cause global chaos.

But that was the crisis faced by CrowdStrike.

The cybersecurity firm was pretty obscure outside of IT circles until Friday.

But now everyone is talking about it. A fault in its software update linked to Microsoft Windows caused delays at airports, disrupted rail travel, impacted emergency services, prevented people from making GP appointments and took down payment systems.

It also took several TV stations off air, including Sky News.

Tesla boss Elon Musk took to social media to describe it as the “Biggest IT failure ever”. And leading cybersecurity consultant Troy Hunt said: “I don’t think it’s too early to call it: this will be the largest IT outage in history.

“This is basically what we were all worried about with Y2K, except it’s actually happened this time.”

Damning stuff. And no one wants to see their crisis described as “the biggest” or “the largest”.

Media headlines will have made for equally uncomfortable reading.

‘Largest IT outage in history’ leaves world reeling CNBC

CrowdStrike shares sink as global IT outage savages systems worldwide The Register

Crowdstrike IT outage: Flight disruption to continue after Microsoft crash The Times

What is Crowdstrike? The rogue update that brought down the world: How one app is believed to have crippled Microsoft computer networks across the globe Daily Mail

Of course, there are questions for Microsoft to answer, and its name is also caught up in many of the headlines and social media posts.

It has said 8.5m Windows devices were impacted, which experts say shows it is probably the largest-ever cyber event.

And not all of them have come back up quickly.

But how has the company at the heart of this story, whose services are intended to protect against IT crashes and disruption, responded to this massive reputational crisis?

Well, its initial crisis media management response came from its CEO, George Kurtz, in a post on his personal X account.

Now, that is unusual, as it is normally a company’s owned social channels that lead crisis communication.

But there is often something to be said for the boss taking the lead during a crisis. It shows visible leadership and that the crisis response is led at the top of the organisation.

Unfortunately, the words were not great.

Mr Kurtz's initial statement didn’t acknowledge - let alone apologise - for all the disruption. In a post of almost 100 words, shouldn’t one of them have been sorry?

Surely, you would apologise for bringing down TV channels, banks and transport services. Wouldn’t you show some compassion for those impacted across the globe by the IT failure?

As we said during our recent crisis communication masterclass, ‘sorry’ should not be the hardest word to say during a crisis. It should be one of the first.

Additionally, showing compassion is essential.

So, his post should have begun with an apology, showed that he understood the impact it was having and outlined what was being done to fix it.

Mr Kurtz’s statement was also too technical. It said: “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.” Who knows what it means?

Not everyone impacted by the crisis will have detailed technical knowledge or work in cybersecurity. They want to know why they couldn’t make a payment or why their flight was delayed. And what is being done to fix the problem.

Its technical nature makes the statement feel cold and robotic.

Crisis statements – even in the initial stages of an incident - must sound like they have been written by a human for humans.

Betting firm Coral, among those impacted by this IT failure, provided an example of what I mean.

It said: “You might have seen the news about the global technical issues affecting airlines, banks etc. Unfortunately, we’re experiencing this too. We’re working hard to resolve the issue but don’t know when it will be fixed. Thanks for being so patient and apologies for the inconvenience.”

I’ll come back to the last few words of this statement a bit later.

But if you were betting on CrowdStrike’s response getting worse from this point, you would lose your money.

 

Click here to claim your free crisis comms eBook

Are you crisis-ready? Our latest crisis eBook - The Crisis Comms Checklist - will help you prepare for the unexpected.

Mr Kurtz was much better during a media interview and rectified some of his social media statement mistakes.

His interview on the Today show, on the NBC channel, began with an apology.

“I want to begin by saying we are deeply sorry for the impact we have caused to customers, to travellers, to anyone affected by this, including our companies,” he said.

There were also some excellent examples of action.

“We are working with each and every customer to make sure we can bring them back online,” he said.

He added: “It is our mission to make sure every customer is fully recovered and we are not going to relent until we get every customer back to where they were.”

It was an excellent crisis interview and was widely shared among other media. As well as the apology, compassion and action, there was a clear message that the global outage was not caused by a cybersecurity incident.

Mr Kurtz even dealt with a slight choking incident without letting it distract from what he wanted to say during the interview.

We should also say he issued a second social media update later the same day that included an apology.

He said: “We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on.”

We are not a fan of ‘sorry for the inconvenience’ apologies (the Coral statement also used these words) – it always feels like a token gesture that attempts to play down the significance of what has happened. And bringing down IT around the world feels like a lot more than “inconvenience.”

But it is a significant step forward from the first statement.

A crisis can strike any organisation at any time. People understand things can go wrong. But they judge you on how you respond.

 

Media First are media and communications training specialists with more than 35 years of experience.

We have a team of trainers, each with decades of experience working as journalists, presenters, communications coaches and media trainers.

Click here to find out more about our crisis communication training courses.

 

Our Services

Media First are media and communications training specialists with over 30 years of experience. We have a team of trainers, each with decades of experience working as journalists, presenters, communications coaches and media trainers.

Ways - Online learning
Ways - Videoconference
Ways - Blended
Ways - In-Person
Training by videoconference
Identifying positive media stories
How to film and edit professional video on a mobile
Media skills refresher
Blended media skills
TV studios
Crisis communications
Presentation skills and personal impact
Media training
Message development and testing
Presentation Skills Training
Crisis communication training
Crisis management testing
Leadership Communication Training
Writing skills training
Social media training
Online learning
Open Courses
Media myth-busting & interview ‘survival’ skills workshop

Recommended Reading

Crisis management — 21 November by Adam Fisher

Could you have better handled this ‘Wicked’ crisis?

Imagine you work for a leading toy company. You’re in the middle of a high-profile campaign. And then it becomes clear that a website address on your packaging sends customers somewhere completely…

Social media, Crisis management — 19 November by Adam Fisher

Is it time to join the Xodus?

If you have been on X during the past few weeks, you will have noticed the same phrase keeps appearing - ‘Bluesky’. And it has not been a plea for better weather. Bluesky is an emerging alternative…