Cut down on courthouse antics. Learn how legal system abuse is defined + strategies to mitigate this type of abuse with Marsh McLennan Agency. Defend your org.
An insurance check may not give the angry, grounded flyers affected by the global CrowdStrike/Microsoft outage their lost weekend back, but it should help businesses recoup a fraction of the losses they experienced.
The CrowdStrike outage cost insurers between $300 million and $3 billion in payouts each, reinsurance broker Guy Carpenter estimated in a new report.
The outage came after the cybersecurity company flubbed an update according to a CrowdStrike incident summary. While the outage on July 19 disrupted businesses globally, only “a small percentage of Microsoft devices” were disrupted and fewer than 1% of companies with cyber insurance were impacted, according to the Guy Carpenter report.
CrowdStrike quickly introduced a fix, the reinsurance broker noted, which means many organizations were up and running “before the waiting period expired for business interruption claims,” which is typically “between four to 12 hours in cyber insurance policies.”
“Guy Carpenter’s findings align with the conclusion that this event would not result in a material loss for most insurers, although this could change based on the wordings adopted by carriers, concentration of underwriting within affected industry sectors, and uptake of System Failure coverage,” according to the report.
An accidental system failure like this one doesn’t rack up expenses like a malicious attack, which is associated with fun things like “forensic expenses, breach counsel, data restoration and extortion costs,” the report noted.
Guy Carpenter also cautioned that the full impacts aren’t known yet. “At this point, many insureds have filed notices of circumstances, and it is still early in the claims process.”
Experts recently told CFO Brew that the global outage holds important lessons in IT strategy continuity planning.