Preparing for the Next Worldwide Tech Outage

As tech leaders race to bring Windows systems back online after Friday’s software update by cybersecurity company CrowdStrike crashed around 8.5 million machines worldwide, experts share with CIO Journal their takeaways for preparing for the next major information technology outage.

Be familiar with how vendors develop, test and release their software

IT leaders should hold vendors deeply integrated within IT systems, such as CrowdStrike , to a “very high standard” of development, release quality and assurance, said Neil MacDonald , a Gartner vice president.

“Any security vendor has a responsibility to do extensive regression testing on all versions of Windows before an update is rolled out,” he said.

That involves asking existing vendors to explain how they write software, what testing they do and whether customers may choose how quickly to roll out an update.

“Incidents like this remind all of us in the CIO community of the importance of ensuring availability, reliability and security by prioritizing guardrails such as deployment and testing procedures and practices,” said Amy Farrow, chief information officer of IT automation and security company Infoblox.

Re-evaluate how your firm accepts software updates from ‘trusted’ vendors

While automatically accepting software updates has become the norm—and a recommended security practice—the CrowdStrike outage is a reminder to take a pause, some CIOs said.

“We still should be doing the full testing of packages and upgrades and new features,” said Paul Davis, a field chief information security officer at software development platform maker JFrog . undefined undefined Though it’s not feasible to test every update, especially for as many as hundreds of software vendors, Davis said he makes it a priority to test software patches according to their potential severity and size.

Automation, and maybe even artificial intelligence-based IT tools, can help.

“Humans are not very good at catching errors in thousands of lines of code,” said Jack Hidary, chief executive of AI and quantum company SandboxAQ. “We need AI trained to look for the interdependence of new software updates with the existing stack of software.”

Develop a disaster recovery plan

An incident rendering Windows computers unusable is similar to a natural disaster with systems knocked offline, said Gartner’s MacDonald. That’s why businesses should consider natural disaster recovery plans for maintaining the resiliency of their operations.

One way to do that is to set up a “clean room,” or an environment isolated from other systems, to use to bring critical systems back online, according to Chirag Mehta, a cybersecurity analyst at Constellation Research.

Businesses should also hold tabletop exercises to simulate risk scenarios, including IT outages and potential cyber threats, Mehta said.

Companies that back up data regularly were likely less impacted by the CrowdStrike outage, according to Victor Zyamzin, chief business officer of security company Qrator Labs. “Another suggestion for companies, and we’ve been saying that again and again for decades, is that you should have some backup procedure applied, running and regularly tested,” he said.

Review vendor and insurance contracts

For any vendor with a significant impact on company operations , MacDonald said companies can review their contracts and look for clauses indicating the vendors must provide reliable and stable software.

“That’s where you may have an advantage to say, if an update causes an outage, is there a clause in the contract that would cover that?” he said.

If it doesn’t, tech leaders can aim to negotiate a discount serving as a form of compensation at renewal time, MacDonald added.

The outage also highlights the importance of insurance in providing companies with bottom-line protection against cyber risks, said Peter Halprin, a partner with law firm Haynes Boone focused on cyber insurance.

This coverage can include protection against business income losses, such as those associated with an outage, whether caused by the insured company or a service provider, Halprin said.

Weigh the advantages and disadvantages of the various platforms

The CrowdStrike update affected only devices running Microsoft Windows-based systems , prompting fresh questions over whether enterprises should rely on Windows computers.

CrowdStrike runs on Windows devices through access to the kernel, the part of an operating system containing a computer’s core functions. That’s not the same for Apple ’s Mac operating system and Linux, which don’t allow the same level of access, said Mehta.

Some businesses have converted to Chromebooks , simple laptops developed by Alphabet -owned Google that run on the Chrome operating system . “Not all of them require deeper access to things,” Mehta said. “What are you doing on your laptop that actually requires Windows?”

Porsche car deliveries fell 10% in 2025 as demand was hit by a slowdown in luxury spending in China and as it ceased production of its 718 Boxster and 718 Cayman models through the year.

The German luxury sports-car maker said Friday that it delivered 279,449 cars in the year, down from 310,718 in 2024.

The company had a tumultuous year as it contended with a stuttering transition to electric vehicles and a tough Chinese market, while the Trump administration’s automotive tariffs presented a further headwind.

Deliveries in its largest sales region of North America were virtually flat at 86,229, but continued challenges in China meant deliveries in the country dropped 26% to 41,938 vehicles.

Automakers have faced intense competition in China, sparking a prolonged price war as rivals cut prices to win customers, while a lengthy property market slump and economic-growth concerns in the country has also led to buyers pulling back on luxury spending.

“Key reasons for the decline remain the challenging market conditions, particularly in the luxury segment, and the very intense competition in the Chinese market, especially for all-electric models,” the company said.

Other German brands including Audi, BMW and Mercedes-Benz have all recently reported that the challenging Chinese market hit demand last year.

In Europe, Porsche deliveries fell 13% to 66,340 cars excluding its home market of Germany, while German deliveries dropped 16%.

The company cut guidance several times last year as it warned of hits from U.S. import tariffs, investments in new combustion engines and hybrid models amid the slow uptake of EVs, and the competitive situation in China.

Porsche also last year announced plans to scale back its EV ambitions and instead expand its lineup with more gas-powered and plug-in hybrid models than it had originally planned.

However, in its statement Friday, the company said it increased its share of electrified-vehicle deliveries in the year. Around 34% of vehicles delivered worldwide were electrified, an increase of 7.4 percentage points on year, with about 22% all-electric vehicles and 12% plug-in hybrids.

That leaves its global share of fully-electric vehicles at the upper end of its target range of 20% to 22% for 2025.

In Europe, for the first time in 2025, more electrified vehicles than purely combustion engine vehicles were delivered.

The Macan topped the delivery charts in the year, while the 911 reached a record high with 51,583 deliveries worldwide, it said.

Porsche said it is investing in its three-pronged powertrain strategy and will continue to respond to increasing demand for personalization requests from customers.

“We have a clear focus for 2026,” Sales and Marketing Chief Matthias Becker said. “We want to manage supply and demand in accordance with our ‘value over volume’ strategy.

“At the same time, we are realistically planning our volume for 2026 following the end of production of the 718 and Macan with combustion engines.”