By Martin Coulter
LONDON (Reuters) – American cybersecurity company CrowdStrike became a household name for all the wrong reasons on Friday, after a botched update caused havoc around the world.
The company’s stock fell more than 14% after an outage disrupted operations across multiple industries – shutting down public services, halting flights, and forcing some broadcasters off the air.
CrowdStrike – which has previously reached a market cap of about $83 billion – is among the most popular cybersecurity providers in the world, with close to 30,000 subscribers globally. The firm has been a software darling for investors, due to its growth and high margin. Its stock had doubled in the past year before Friday’s slump.
But the outage could force customers and investors alike to rethink their dependence on the company, opening the door to potential rivals like Palo Alto Networks, which saw its stock rise 1.7% on Friday, and Sentinel One, which jumped as much as 3.6%.
“This event is a reminder of how complex and intertwined our global computing systems are and how vulnerable they are to a mistake and an error,” said Gil Luria, senior software analyst at D.A. Davidson.
“While most companies don’t really have an alternative to Microsoft, they do have alternatives for security,” he added.
“This may cause many companies to reconsider which security product they use, and whether they need to diversify across different security products in order to prevent these types of outages.”
OUTAGES HAPPEN
However, other analysts said that while Friday’s events had been damaging for CrowdStrike, they did not foresee competitors taking much market share as a result of the incident.
“This is clearly a major black eye for CrowdStrike and the stock will be under pressure,” said Dan Ives, analyst at Wedbush Securities, but he noted that the incident stemmed from a technical update and not a hack or cybersecurity threat, which he said would be “more worrying”.
Analysts at JPMorgan said customers would initially be upset, but that the company had taken ownership of the issue.
CrowdStrike CEO George Kurtz said in a post on social media platform X that the event was not a security incident or cyberattack and a fix had been deployed. He later apologised for the impact caused by the company.
“Outages happen, and the scale here is meaningful, but we think diligent handholding and efficient response from CrowdStrike will be helpful,” the JPMorgan analysts said.
Governments and public services in countries such as New Zealand, Australia, and various U.S. states were also hit by the outage. This could lead to lawmakers pushing through legislation to protect against a similar glitch in the future.
“There is likely going to be an investigation by governments about how this happened, and what they can do in terms of regulation to prevent it from happening again,” said D.A. Davidson’s Luria.
(Reporting by Martin Coulter, Harshita Mary Varghese, and Aditya Soni; Editing by Kirsten Donovan)