Incident Response, Channel partner programs, MSSP

CrowdStrike: Big in the Enterprise, But a Newbie Among MSSPs, MSPs

Share

The CrowdStrike IT outage impacted 8.5 million endpoints, according to Microsoft, and recovery from the crisis continued throughout the weekend. As IT fixers, MSPs were called on to fix the issue which has required touching each individual machine – not a money-making proposition if you are providing a subscription-based IT service.

But how big a deal is CrowdStrike, really, when it comes to the channel?

CrowdStrike is certainly big. The company is second only to Microsoft in terms of endpoint protection market share. Gartner says Microsoft owns 40.2% of the market while CrowdStrike is second with 14.7%.

Yet CrowdStrike’s market share is concentrated with big enterprises, according to Canalys Chief Analyst Jay McBain.

“CrowdStrike has been a Fortune-sized enterprise player since the beginning,” McBain told MSSP Alert. “It was just recently that they started going down market and trying to appeal to the broader MSP audience.”

Indeed, CrowdStrike just unveiled a partner program for service providers such as MSSPs and MSPs in September 2023 – not even a year ago. The Accelerate partner program provides incentives and education for MSSPs to use the Falcon platform.

On its partner page, CrowdStrike has plenty of logos of global systems integrators (GSIs) such as Ernst & Young, Accenture, Deloitte, Cap Gemini and more. But no logos are listed under the managed security service provider heading part of the partner landing page.

Its unclear still just how many MSSPs and MSPs are service provider partners with CrowdStrike. MSSP Alert has reached out to CrowdStrike to find out, and we’ll update this story with the number if it is provided to us.

Meanwhile, what are the overall implications of the CrowdStrike outage going forward for both the cybersecurity vendor and the industry as a whole?

Insights on CrowdStrike Outage Impacts for IT Industry

McBain sees three impacts:

Changes in how updates are rolled out - “From this point forward they will be batching the updates so when the first 100k machines brick in Australia, they will call off the update. This is how Apple, Google, and other large platforms roll their updates.”

Greater oversight on processes – “I am guessing that there will be a government-led review of the process and Microsoft will be looking at who has boot-sector access to the OS and governing how all updates will work in the future.”

A learning event, but CrowdStrike’s reputation will be largely unscathed – “CrowdStrike does have defendable IP and their Falcon products continue to be the technology leader in their category. This will be a serious learning event for them without much long-term reputational damage in my opinion.”

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.