Members of the House Homeland Security Committee pressed a senior CrowdStrike executive on Sept. 24 to explain how and why the company released a software update that caused blue screens of death on millions of machines.

CrowdStrike SVP of Counter Adversary Operations Adam Meyers appeared before the House Subcommittee on Cybersecurity and Infrastructure Protection to express contrition for the infamous, defective July 2024 update to its Falcon platform that caused Windows machines the world over to crash. Meyers reiterated the outage—which cyber insurer Parametrix estimated cost Fortune 500 companies alone $5.4 billion—was not the result of a breach.

“On behalf of everyone at CrowdStrike, I want to apologize,” Meyers told the committee. “We’re deeply sorry, and we are determined to prevent this from ever happening again.”

“I want to underscore that this was not a cyberattack. The incident was caused by a CrowdStrike rapid response content update that was focused on addressing new threats,” he added.

“We have undertaken a full review of our systems and are implementing plans to bolster our content update procedures so that we emerge from this experience as a stronger company,” he added. “I can assure you that we will take the lessons learned from this incident and use them to inform our work as we improve for the future.”

Read the rest here.—TM

How one of the world’s largest companies approaches cybersecurity is seeing a major shift, and with that change is coming hiring in the C-suite.

In Microsoft’s Secure Future Initiative (SFI) progress report in September, the tech behemoth announced an overhaul in how it will manage its cybersecurity going forward, prioritizing protection and including it in performance reviews.

The company is “dedicating the equivalent of 34,000 full-time engineers” to the SFI, the report said, and brought on 13 deputy CISOs to handle the shift in priorities.

“As global CISO, I am responsible for the overall cyber defense of Microsoft, our products, business operations, and partnering with engineering teams to make progress against SFI objectives,” Microsoft global CISO Igor Tsyganskiy said in a LinkedIn post announcing the new positions. “To scale my ability to do so, I have established the Cybersecurity Governance Council and developed a set of new roles instrumental for security: deputy CISOs.”

Of the new CISOs, four are new staff while nine have had their duties adjusted. Here are three of the new hires.

Read more here.—EH

Join us for an exclusive cybersecurity event in New York on Oct. 31, where industry leaders Alissa "Dr. Jay" Abdullah, deputy chief security officer at Mastercard, and Thomas Voûte, GM Enterprise at Pursuit, will dive into the future of cyber defense. Learn how AI, quantum computing, and cloud security will shape the industry’s next steps. Can’t make it in person? Grab a livestream pass and be part of the conversation from anywhere!