
The CrowdStrike outage in July 2024 was the biggest IT crash in history causing a significant disruption in their cybersecurity services, impacting various sectors reliant on their technology, including finance, healthcare, and government. This included 8.5 million Windows devices, according to Microsoft (BBC). The outage was primarily due to insufficient testing of updates, leading to widespread service interruptions. But what does this mean for public sector cybersecurity?
Related article: Creating a Robust Risk Management Strategy for Cybersecurity Threats
Major impacts included compromised public safety and security, disruption of essential healthcare and government services, and financial and reputational damage to CrowdStrike, with their market share dropping by 11% (Forbes). This incident highlighted the critical need for thorough testing, robust crisis management, and effective communication to maintain trust and continuity in essential services. This article identifies key areas for public sector authorities to protect in their systems.
Why Incident Management Is Important
Effective incident management is critical in minimizing the impact of unforeseen disruptions. By developing robust protocols, organizations can ensure they are better prepared to handle crises and protect their interests.
According to Forbes, these are 6 Lessons learnt from the CrowdStrike Outage:
What they did Well | What they got Wrong |
✔ Prompt Recognition and Openness | ✖ Inadequate Pre-Deployment Testing Procedures |
✔ Rapid Implementation of a Solution | ✖ Effect on Key Sectors |
✔ Customer Assistance and Information Dissemination | ✖ Investor Confidence and Economic Consequences |
The Importance of Crisis Management in the Public Sector

The CrowdStrike outage offers valuable lessons not only for private enterprises but also for the public sector, where the stakes can be even higher. Here’s why effective crisis management is crucial for public sector organizations:
Ensuring Continuity of Essential Services
1. Public Safety and Security
Public sector organizations are often responsible for maintaining critical infrastructure and services that directly impact public safety and security. Any disruption in cybersecurity can lead to vulnerabilities that might be exploited, causing widespread harm. Ensuring the continuity of these services through effective crisis management is paramount.
2. Healthcare Services
Healthcare facilities and services, many of which rely on digital platforms for patient records, diagnostics, and communication, must remain operational to provide essential care. A failure in cybersecurity can disrupt these services, putting patients’ lives at risk. Effective incident management ensures that healthcare services can continue to function smoothly, even during a crisis.
Related article: The Heightened Cyber Attack Threat on the NHS

3. Government Operations
Government agencies manage a vast array of functions, from social services to law enforcement. Interruptions in these services can lead to significant public inconvenience and can undermine trust in government institutions. Robust crisis management helps maintain the seamless operation of these essential functions, ensuring that citizens continue to receive necessary services without interruption.
Protecting Sensitive Information
- Data Security Public sector organizations handle vast amounts of sensitive data, including personal information of citizens, classified information, and intelligence data. Any breach or disruption can lead to severe consequences, including identity theft, loss of confidential information, and compromised national security. Ensuring that these data remain secure during crises is vital.
- Compliance with Regulations Governments are bound by strict data protection regulations. Effective crisis management ensures that these regulations are adhered to, even during disruptions, thus avoiding legal penalties and maintaining public trust.

Maintaining Public Trust and Confidence
- Transparency and Communication In times of crisis, transparency and timely communication are crucial in maintaining public trust. Public sector organizations must keep citizens informed about the nature of the crisis, the steps being taken to resolve it, and the expected timelines for resolution. This transparency helps in managing public expectations and maintaining confidence in public institutions.
- Accountability Public sector entities are accountable to the citizens they serve. Effective crisis management demonstrates a commitment to accountability, showing that the organization is prepared to handle disruptions responsibly and efficiently.
Preparing for Future Challenges
- Building Resilience Crises like the CrowdStrike outage highlight the need for resilience in public sector organizations. By learning from such incidents, public entities can strengthen their preparedness and develop more robust contingency plans to handle future disruptions.
- Training and Development Investing in regular training and development for public sector employees ensures that they are well-prepared to handle crises. This includes technical training, as well as training in communication and emergency response.

Moving Forward: Quality Assurance and Restoring Confidence
In the aftermath of the outage, CrowdStrike and other businesses must prioritize quality assurance to prevent future incidents and restore market confidence. This involves not only fixing immediate issues but also demonstrating a commitment to robust incident management and continuous improvement. The outage serves as a powerful case study in crisis management, highlighting the importance of transparency, quick action, and strong customer support while underscoring the need for better testing and preparedness.
For the public sector, the CrowdStrike outage underscores the critical importance of effective crisis management. Ensuring the continuity of essential services, protecting sensitive information, maintaining public trust, and preparing for future challenges are vital. This incident highlights that crisis management is not just reactive but a proactive strategy essential for resilience and reliability in an increasingly interconnected and digital world. Find out more about public sector cyber security and building crisis management protocols below.
REGISTER FREE: Public Sector Cyber Security Conference

Hear Our Session: Developing a Robust Incident Management Protocol
- Join us for an insightful session with Martin R. Peters MA CISMP MCIIS
- Detective Superintendent, City of London Police
- Deputy Lead, National Police Chief’s Council (NPCC) National Cybercrime Programme
- Learn how to develop and implement effective incident management protocols to safeguard your organization.
Join us at The Public Sector Cyber Security Conference 2025 to receive the latest updates on the threat landscape. Discover the strategies and tactics required to successfully defend your organisation against attacks. Share experiences with your peers around the UK. Find the partners and solution providers you need to meet your challenges and stay secure.
Register FREE to access 2 more articles
We hope you’ve enjoyed your first article on GE Insights. To access 2 more articles for free, register now to join the Government Events community.
(Use discount code CPWR50)