YALE-MSS-14.1: Report any suspected security incidents to the Information Security Team in a timely manner

Crowdstrike Outage Cybersecurity

Recently, a faulty update from CrowdStrike caused a worldwide technical outage. The outage mostly impacted Windows systems. CrowdStrike confirmed this was a technical issue and not a cybersecurity attack. However, we should be aware of how cybercriminals will use this outage to their advantage.

Standards Group:
YALE-MSS-14: Security Incident Reporting

Low Risk Endpoint Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

Details and definitions

This includes all Yale IT Systems, whether hosted by Yale or by a third party on behalf of Yale.

Guidance

For more information see the Report an Incident page.

Controls

YALE-MSS-14.1.1: Require vendors (third-party service providers) to notify Yale of a security incident within a 72 hours of a discovery of a confirmed incident

Crowdstrike Outage Cybersecurity

YALE-MSS-14.1: Report any suspected security incidents to the Information Security Team in a timely manner

Standards Group:YALE-MSS-14: Security Incident Reporting

Details

Controls

Standards Group:
YALE-MSS-14: Security Incident Reporting