A Bolt Out of the Blue: What the CrowdStrike Contagion Can Teach Wealth Management

Much to the delight of wordsmiths, a new entry into the annals of denominalization has come to the fore. Last month, millions of computers and their users worldwide were “crowdstruck†by a software defect that triggered the most significant global IT outage ever.

While verbing is not new, the far-reaching impact of the CrowdStrike computer glitch took most people by surprise. Airlines, banks, medical facilities and manufacturers were among the industries left scrambling by crashing computer systems. Though not a malevolent cybersecurity incident, the CrowdStrike debacle impacted a multitude of people and serves as a warning to CEOs and CTOs everywhere that such failures are costly, both financially and reputationally, and are particularly potent when introduced into a heavily interconnected tech infrastructure … much like the wealth management ecosystem.

Regulators overseeing our industry are hyper-focused on cybersecurity, with the SEC including it among its 2024 Exam Priorities. On May 16, 2024, the SEC finalized significant cybersecurity amendments to Regulation S-P that establish a new federal minimum standard for data breach notifications, expand the definition of “customer information,†require the adoption of policies and procedures for incident response and service provider oversight and impose new recordkeeping obligations. So, among other things, the SEC now puts the onus on RIAs and other wealth management firms to conduct proper due diligence on the vendors they engage, including outsourced wealthtech providers. Is this enough protection? Can it be?

The CrowdStrike incident was not an attack by bad actors, but a defect in software designed to deliver cybersecurity protection. Still, does this incident underscore additional legitimate cybersecurity concerns for wealth management firms? How can they avoid a similar situation from happening?

The intricacies inherent in technologies used by wealth management enterprises are complex. How do front-line tech leaders in our industry view the CrowdStrike failure, and how can a similar scenario be avoided going forward? I consulted three tech gurus for their thoughts on whether the CrowdStrike-driven outage underscores legitimate cybersecurity concerns for wealth management firms, and how these enterprises can avoid a similar situation in the future: 

• Scott Sailors, Chief Information Security Officer, AlphaONE, a pioneer in cybersecurity and IT solutions
• John Messinger, Information Security Officer, FusionIQ, a leader in the delivery of cloud-based wealth management solutions
• Sid Yenamandra, Founder & CEO, Surge Ventures, a SaaS venture studio targeting the financial services and wealth management industries      

Scott Sailors – The recent CrowdStrike incident highlights how digital failures can unpredictably cause costly and dangerous outcomes across multiple industries, from car dealerships to airlines and hospitals, inconveniencing millions and causing significant financial harm. Although this event wasn’t a security breach, it underscores the ever-increasing security risks associated with the supply chain. Inadequate testing and rollout procedures by a commercial product vendor caused widespread issues, impacting all downstream businesses. Wealth management firms must align with specialized cybersecurity providers to address their unique regulatory, business, and data security needs. Robust vendor management and incident response planning are crucial components of any comprehensive cybersecurity program.

John Messinger –The July CrowdStrike incident underscores significant cybersecurity concerns for wealth management firms, particularly concerning the interconnectivity and dependencies within their technology infrastructure. This event is a stark reminder of the potential risks associated with relying heavily on single vendors or systems. The impact, although not malicious, highlights the necessity for robust contingency plans and diversified security measures that are architected with disaster recovery as a key requirement.

Many lessons can be learned from this event, including the importance of comprehensive testing protocols and staged rollouts for updates and patches to prevent widespread disruptions. Wealth management firms should prioritize a well-defined incident response plan incorporating more than just threats and exploits, with a system architecture emphasizing a disaster recovery capability incorporating automation. Automation is crucial in maintaining the availability of key systems and functions at scale, ensuring swift recovery with minimal manual intervention.

To mitigate similar incidents, firms should invest in regular assessments of their vendors, audit their incident response plans, incorporate continuous monitoring, and deploy disaster recovery solutions that leverage automated processes. These measures will enhance resilience and ensure that disruptions are swiftly addressed, minimizing the impact on operations and client data, safeguarding the firm’s reputation and client trust.

Sid Yenamandra â€“ The internet outage caused by a software update error at CrowdStrike highlights significant cybersecurity concerns for wealth management firms. This incident underscores the vulnerability of even the most reputable cybersecurity providers to unforeseen errors and the cascading effects such disruptions can have across industries. Wealth management firms, heavily reliant on digital infrastructure, must recognize the risks posed by single points of failure and the potential for widespread operational impact. 

To avoid a similar situation, firms should adopt a multi-layered cybersecurity approach. This includes diversifying their cybersecurity vendors to reduce dependency on a single provider, implementing robust backup systems, and ensuring regular, comprehensive testing of their disaster recovery plans. Continuous monitoring and real-time threat detection can help identify and mitigate issues before they escalate. Additionally, investing in employee training to recognize and respond to cybersecurity threats can bolster the firm’s overall resilience. By taking these proactive steps, wealth management firms can better safeguard their operations against similar disruptions.

Sander Ressler is Co-Owner and Managing Director of Essential Edge Compliance Outsourcing Services, LLC, a strategic consultancy specializing in compliance and regulatory affairs for broker-dealers and registered investment advisers (RIAs).