Microsoft to Host Security Summit on September 10

Just one month after 8.5 million Microsoft Windows users were hit by a major outage, the company decided to hold a security summit.

The Windows Endpoint Security Ecosystem Summit will be held on September 10 in Redmond.

This article discusses the lessons Microsoft has learned from this outage, as well as actions that can be taken to prevent similar situations in the future.

Microsoft will be the host security summit next month in Washington in response to the failed CrowdStrike update that caused a hard Windows outage on 8.5 million devices.

The summit, called Windows Endpoint Security Ecosystem, will take place September 10 in Redmond.

The participants included: Crowdstrike, government officials and various key partners who are involved in providing security solutions. Below are the topics discussed at the summit:

Top Ways to Strengthen Windows Security

Safe Implementation Practices

Best practices for network design to enhance cyber resilience

Best practices to avoid another crisis like this one

How (generally speaking) the industry can work together as a whole

Microsoft believes that the summit discussions will have both short-term and long-term consequences which will help build a safer and more reliable technical ecosystem for all.

Even though the summit is not open to the public, the company decided to reveal some key details.

Microsoft’s response to the outage

This is the first major step the company is taking to address what happened on July 19, when millions of people around the world were unable to access their devices. Previously, the company had focused primarily on sharing updates and handling customer complaints.

That doesn’t mean it doesn’t take the issue seriously. In fact, right after the incident, there were calls for changes to Windows and considerations Moving security providers from the Windows kernel.

The kernel is the core part of an operating system that has unrestricted access to a device’s memory and hardware.

This isn’t the first time the company has tried to shut down access to the Microsoft Kernel. There was a similar initiative in 2006, but it was met with great resistance from cybersecurity solution providers and regulatory authorities.

Cybersecurity vendors expected to protest again. Deeper access to Microsoft systems helps them build innovative security solutions. So it makes sense why they would want to keep access to the Kernel. But then again, Microsoft doesn’t want third parties to disable its entire operating system again.

The relationship between security vendors and Microsoft is further complicated by the fact that the company first builds the Windows platform for them and then competes for customers who pay for its security solutions.

This time, however, the discussion will take place in the presence of government representatives which will provide a much higher level of transparency and likely better results.

About the failure

The outage was caused by cybersecurity firm CrowdStrike, which tried to update its software but unfortunately its the update file contained an error which caused the entire Microsoft system to crash.

As a result, millions of customers were faced with the problem of “blue screen of death” and were unable to log into their devices. The impact was widespread, covering the UK, US, India, Australia, Japan, the Netherlands and many other countries.

The aviation industry was hit hardest. Countless flights have been cancelled or delayed which led to unimaginable crowds at airports. Supermarkets also had trouble processing online payments, and pharmacies and hospitals had trouble downloading patient data.

Cybercriminals also took advantage of this situation and sent phishing emails. In short, it was a huge mess.

Our editorial process

Tech Report’s editorial policy is focused on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specialist knowledge of the topics they cover, including the latest developments in technology, online privacy, cryptocurrencies, software and more. Our editorial policy ensures that each topic is researched and edited by our in-house editors. We maintain rigorous journalistic standards, and every article is written by 100% real authors.