A year ago this month, the business world received a stark reminder of just how fragile our interconnected systems can be and how quickly a technical problem can escalate into a reputational crisis.

In July 2024, a faulty software update from CrowdStrike’s Falcon platform inadvertently triggered one of the most significant IT outages in recent memory. It wasn’t a cyberattack. It wasn’t malicious. Yet within hours, an estimated 8.5 million Windows systems were down, causing global chaos: airlines were grounded, hospital systems stalled, banks went offline, and all from a routine software patch.

For many in the tech sector, this was a cautionary tale about overreliance on a single security vendor. For us in PR, it was also about something else: a vivid case study of what happens when crisis communications have to catch up to events it didn’t cause, and why your reputation management strategy must be ready for risks beyond your control.

The new normal: Tech glitches, AI, and public trust on the line

We’re operating in a world where even the smallest slip in a tech stack, or the most innocuous line of code, can ripple through supply chains, customer experiences, and public services.

Now add to that the rapid rise of AI across every industry. AI is transforming how companies innovate, predict problems, and personalise experiences, but it also means more interdependencies, more blackbox decision-making, and more room for errors that no human might catch until it’s too late.

If you’re leading comms today, you’re not just managing your brand’s voice. You’re managing risk, from traditional issues to entirely new vulnerabilities introduced by AI-driven operations.

In a recent Liberty whitepaper, we highlighted that modern PR isn’t only about tracking coverage or share of voice. It’s about safeguarding long-term trust. Incidents like the CrowdStrike outage underline exactly why that matters.

When a crisis isn’t your fault, but it is your problem

For CrowdStrike, this was a reputational challenge layered on top of a technical one. Their market value reportedly dropped by 11% almost overnight. But the ripple didn’t stop there.

Hundreds of businesses relying on their software were suddenly fielding frantic customer calls and urgent press requests. Airlines, banks, healthcare providers, and even local councils all scrambled to explain why their systems had ground to a halt.

The lesson? It doesn’t matter who caused the problem. If your customers’ experiences are disrupted, it’s your reputation that takes the hit. That’s especially true when AI systems are involved. People are already wary of ‘machines running the show.’ If a fault emerges, or worse, an unexplained AI decision, trust erodes quickly.

What CrowdStrike did right (and what all of us can learn)

To their credit, CrowdStrike’s leadership moved quickly to acknowledge the issue, isolate the faulty code, and push out a fix. Their communication was relatively transparent, given the complexity of the situation. They issued apologies, regular updates, and kept support channels active.

However, this also exposed the gap between technical updates and human reassurance. Customers and the media want clear, jargon-free explanations, a sense of empathy, and credible assurances that it won’t happen again – something many technical statements still fail to deliver.

It’s a reminder that crisis management is as much about language and emotion as it is about facts. AI may help us write statements faster or summarise sentiment, but it can’t replicate human judgement on when to show humility, when to show strength, or how to restore trust.

Why PR needs a seat at the AI resilience table

The CrowdStrike outage was a software glitch, but next time, it could well be an AI model gone awry. We’re already seeing examples of AI-generated errors sparking backlash, from misjudged financial decisions to brand safety fiascos.

Liberty’s AI whitepaper explores this tension in depth. Yes, AI is a phenomenal tool for spotting risk early, predicting issues, and even drafting initial statements under pressure. But it also introduces new vulnerabilities which require new oversight.

Your crisis comms playbook must evolve alongside your tech stack. That means:

  • Running scenario planning that includes AI-related failures, not just hacks or human scandals.
  • Developing layered holding statements that can flex to different types of tech incidents.
  • Training spokespeople (especially technical leaders) to explain complex issues simply and calmly.
  • Stress-testing your internal comms: Employees need clear guidance before the online world does.

A year on, the real question for PR leaders

The CrowdStrike incident is already being factored into risk reports and insurance models. However, for those of us in communications, it should remain at the forefront of our minds.

Because the truth is, the next crisis probably won’t look like the last one. It might be a failed AI update. Or a partner’s system collapses. Or a simple data glitch with no villain to blame. And when it happens, customers and journalists won’t accept a shrug or a redirect; they’ll expect clear, honest answers.

The most important lesson remains simple: technical resilience and reputational resilience are intertwined. And the strongest AI models in the world can’t save a brand that loses trust because it failed to communicate.

Want to get ahead of the next crisis?

Explore our latest resources:

If you’d like to build a crisis-ready communications strategy or just sanity-check your AI playbook, we’re always here to help.