Enjoy free access to the best ideas and insights – selected by our editors.

In the wake of the recent CrowdStrike outageFinancial institutions recognize that there is no perfect protection against the next cyber disaster – but they must try anyway.

The Austin, Texas-based cybersecurity company confirmed that a “sensor configuration update” for its Falcon Sensor software was the core of the disruptionwhich triggered a “logical error that resulted in a system crash and a blue screen of death (BSOD) on the affected systems,” according to a July 20 report. Blog post. Further details released this month revealed that a test designed to detect these bugs before their introduction failed, leading to numerous crashes.

Affected are, among others, ICE Mortgage TechnologyFifth Third Bank with $214 billion in assets, TD Bank, Canandaigua National Bank with $5 billion in assets in Canandaigua, New York, and more.

Read more: Due to inadequate testing, CrowdStrike bugs caused millions of computers to crash

Dave Martin, founder and consultant of the consulting firm BankMechanics, said American Banker in July that events such as power outages are often theorized when developing emergency plans for worst-case scenarios, but can become reality at any time – which underlines the importance of planning and learning.

“There is no doubt that bank chiefs around the world are now more focused than ever on contingency plans and backup preparations for a similar disruption to the system,” Martin said. “The fact that such an event has occurred and affected so many people shows how unforeseen some crises really can be.”

As such incidents become more common in financial services—and are not just the result of faulty updates and ransomware attacks—cybersecurity is a top concern for many executives. The consequences of inadequate defenses have also evolved.

In the course of his Cyber ​​attack in JunePatelco Credit Union, with assets of $9.6 billion in Dublin, California, is faced with at least four individual lawsuits and claimed that the institution stored sensitive member data such as social security numbers and addresses in an unsecured format.

Andrew Retrum, managing director and global practice leader for technology risk and resilience at consulting firm Protiviti, highlighted the challenges organizations face in preparing for various worst-case scenarios, while stressing the importance of planning.

“While there are endless scenarios that can impact the business, there are few significant consequences (such as) loss of technology, loss of sites, unavailable resources (and more). … Focus on robust response and recovery efforts that define courses of action for the future based on the expected negative consequences,” Retrum said.

Read more: Are US banks prepared for a major ACH outage?

Other data security experts who commented on the CrowdStrike outage agreed that it was important to develop action plans, including ways to restore operations as quickly as possible.

“They should be prepared to quickly switch to alternative systems and service providers when needed, which in some situations might even mean resorting to manual processes,” said Kim Phan, partner for privacy, data security and regulatory compliance at Troutman Pepper. “Financial institutions should also promote these concepts to consumers and make clear that our ‘on-demand’ economy is a privilege, not a right.”

Below you will find detailed insights into some of the most serious cyber outages in the banking sector in recent years.