CrowdStrike outage marks watershed moment for software engineering, research from Adaptavist reveals
- Incident forced positive change in multiple areas for three-quarters of businesses, despite widespread upheaval.
- 86 percent of enterprises increasing budgets for software development and 86 percent in new hires in direct response.
- 83 percent looking to diversify software and service providers to mitigate future risk, while open-source adoption set to surge.
LONDON, UK—20 November 2024
The 19 July CrowdStrike outage has become a defining moment for the software industry, prompting an overhaul of software engineering practices and catalysing investment in people, processes, and technology, research from Adaptavist, the digital transformation technology and solutions provider, today reveals.
The study—which surveyed 400 software development professionals in organisations with over $10 million in annual revenue across the UK, USA, and Germany—uncovered that the incident is spurring companies to increase investment in software development, testing, delivery practices, and tools; bolster headcount; and boost training provisions in multiple areas. It also revealed that businesses around the world are evolving software engineering and testing practices to build resilience and mitigate risk in the wake of the outage, which brought down an estimated 8.5 million devices.
Massive impact exposes industry unpreparedness
According to Adaptavist's findings, the scale of disruption from the outage proved staggering, with 87 percent of organisations¹ experiencing downtime and 38 percent of companies facing severe operational disruptions lasting more than 24 hours.
The incident laid bare a stark lack of preparedness, with 82 percent of organisations² either lacking adequate incident response plans or having none at all before the incident. Of those with plans in place, only 16 percent found them effective during the crisis, while 40 percent discovered their plans were inadequate for an incident of this scale.
However, since the outage, almost half (41%) of software development professionals are now confident³ in their organisation's ability to prevent a CrowdStrike-like outage from affecting their systems in the future.
Positive transformation emerges
This newfound confidence is due to remarkably proactive and positive changes in the wake of the incident. The research shows that despite widespread upheaval, many industry insiders believe it to have positively impacted their businesses, with 74 percent or more reporting positive outcomes⁴ across all categories.
Most notably, 81 percent have implemented more robust development practices, while 80 percent report enhanced cybersecurity awareness among staff⁴. The incident has also triggered a complete overhaul of development practices, with 35 percent increasing focus on redundancy systems, while 33 percent have transformed their software update processes entirely.
Perhaps most surprisingly, the disruption has actually accelerated development in many organisations, with 68 percent⁵ reporting shortened timelines, and 32 percent cutting delivery times by more than a month. This acceleration, coupled with more robust processes, suggests organisations are finding more efficient ways to work while maintaining security.
The scale of organisational response is reflected in widespread budget increases, with 86 percent increasing budget for software development, and 87 percent investing in bolstering team capabilities and technology solutions following the outage. This includes:
- 88 percent of organisations plan to boost investment in cybersecurity training.
- 86 percent⁶ plan to increase incident response training budgets.
- 86 percent⁷ plan to increase budget for new hires, with 14 percent of businesses increasing investment by more than 20 percent.
Long-term strategic transformation
The industry's commitment to lasting change is evident in both hiring plans and supply chain restructuring. A seismic 99.5⁷ percent of organisations plan to expand their technical teams, with quality assurance leading the recruitment drive (36%), followed by IT operations (34%), software developers (32%), and DevOps engineers (31%).
This transformation extends to fundamental changes in vendor relationships, with 83 percent of organisations either actively diversifying their providers or planning to do so. This transformation extends to open-source adoption, with 34 percent of companies increasing their reliance on open-source solutions, while 37 percent are strengthening partnerships with current vendors, indicating a more nuanced approach to risk management.
Jon Mort, CTO of The Adaptavist Group, commented: 'The CrowdStrike incident was a call to arms for the software industry. While the widespread impact was concerning, with 98 percent of organisations affected, what's truly remarkable is how the industry has responded. We're seeing unprecedented levels of transformation—from massive investments in training and hiring to fundamental changes in how organisations approach development and vendor relationships.
'However, the data also reveals that this transformation is far from complete. With only 12 percent of organisations expressing high confidence in preventing similar incidents, it's clear that building true resilience will require us to address deeper cultural and structural challenges. The fact that the majority of organisations report positive outcomes from this crisis suggests that, while painful, this incident may prove to be exactly the catalyst our industry needed to build more resilient, efficient, and secure systems for the future.'
¹All 'Downtime' answers combined.
²'Yes, but it proved inadequate during the incident', 'No, but we're developing one now', and 'No, and we have no immediate plans to create one' answers combined.
³'Very confident' and 'Somewhat confident' answers combined.
⁴'Significant positive impact', 'Moderate positive impact', and 'Slight positive impact' answers combined.
⁵'Shortened by more than one month' and 'Shortened by up to one month' answers combined.
⁶All 'Increase budget' and 'Planning to invest, but unsure of budget' answers combined.
⁷Reverse of 'No plans for additional hiring'.
END OF RELEASE
Notes to editors:
Research conducted by Censuswide on behalf of Adaptavist between 08.10.2024 and 16.10.2024. Censuswide surveyed 400 people with responsibility for software development in organisations with $10 million or more in annual revenue in the UK (100 respondents), US (200 respondents), and Germany (100 respondents). Respondents' demographic profile determined by natural fall out as there is no reliable data available to represent the national population. All data based on this survey unless otherwise stated.