It has always been common knowledge among systems designers that single point failure is brittle, which eventually leads to catastrophic failure. But centralization is often convenient, until you hit that catastrophic failure, and then you can put the price tag on it.
Which is to say, companies that were affected by the outage have done the math, and certainly they will if they're part of these lawsuit efforts. Inevitably many of them have already discussed what they're going to do to make sure that they don't experience the same thing next week or next year.
Many software vendors won't change. But some of the clients surely will, or have already.
Honestly the amount of sheer negligence, incompetence and lack of oversight is staggering the potential amount of damage this caused on top of the fact that this was his second offense should make this a proper felony that he faces jail time for and the corporation needs to be dissolved, and I don’t think I’m exaggerating but this speaks a lot to the monopolistic nature of mega corporations that are to big to fail… because sometimes they fail.
Negligence can invalidate an agreement and expose a company to lawsuits.
Many companies negotiate agreements, specifically to avoid having no recourse for this type of situation. Companies have individual agreements with crowdstrike that aren’t the boilerplate one they start out with.
Fortunately, the law in the United States disagrees with your stance. From a practical standpoint, we don't want companies to be able to hide from the consequences of basic incompetence or willful negligence.