House Homeland Security Committee Seeks Testimony From CrowdStrike CEO

Two members of the House Homeland Security Committee have asked CrowdStrike CEO George Kurtz to appear before the committee and give public testimony about the faulty software update that affected organizations around the world on Friday (July 19).

In a letter dated Monday (July 22), Rep. Mark E. Green, R-Tenn., who is chairman of the House Committee on Homeland Security, and Rep. Andrew R. Garbardino, R-N.Y., who is chairman of the committee’s Subcommittee on Cybersecurity and Infrastructure Protection, asked Kurtz to schedule a hearing with the subcommittee by 5 p.m. on Wednesday (July 24).

Friday’s IT outage impacted key functions of the global economy and was attributed to a CrowdStrike software update, according to a Monday press release issued by the Homeland Security Committee.

“While we appreciate CrowdStrike’s response and coordination with stakeholders, we cannot ignore the magnitude of this incident, which some have claimed is the largest IT outage in history,” the letter said. “In less than one day, we have seen major impacts to key functions of the global economy, including aviation, healthcare, banking, media and emergency services. Recognizing that Americans will undoubtedly feel the lasting, real-world consequences of this incident, they deserve to know in detail how this incident happened and the mitigation steps CrowdStrike is taking.”

The letter said that the outage led to cancellations of 3,000 commercial flights, delays of 11,800 other flights, cancellations of surgeries, disruptions to 911 emergency call centers, and a need for companies to devote millions of manual labor hours to solving the problem.

“Protecting our critical infrastructure requires us to learn from this incident and ensure that it does not happen again,” the letter said.

Kurtz said in a Friday post on X that the problem was caused by “a defect found in a single content update for Windows hosts” and that it is “not a security incident or cyberattack.”

While it wasn’t a cyberattack, the incident put security at the top of the table as companies tried to ensure that “this won’t happen again,” PYMNTS reported Monday.

On Monday, CrowdStrike, Microsoft and other companies that were victimized by the outage continued to issue updates as they slowly completed the manual processes necessary to fix the problem.

PYMNTS-MonitorEdge-May-2024