CrowdStrike outage to cost cyber insurers up to $1.5b

• CyberCube’s assessment indicates the losses incurred may reshape how insurance companies approach underwriting for technology-related incidents.
• Individual insurance carriers may experience varying claims outcomes based on multiple factors inherent to their specific portfolios.

The recent technological crisis, widely referred to as the CrowdOut Event, underscores the tremors that resonate through global industries in the wake of significant cyber disruptions.

Last week, an update to CrowdStrike’s Falcon Sensor—a tool widely employed for cybersecurity—essentially catalyzed a global IT outage, causing massive disruptions across sectors ranging from aviation to banking.

The repercussions of this incident, as estimated by cyber analytics firm CyberCube, have led to projected insured losses between $400 million and $1.5 billion, marking potentially one of the single largest losses in the burgeoning realm of cyber insurance.

At the core of the CrowdOut Event lies a software bug within CrowdStrike’s quality-control system. This diminutive malfunction triggered a cascading failure that paralyzed systems worldwide.

As the event unfolded, it became evident that the magnitude of the outage had extensive ramifications on global operations.

Industries heavily reliant on IT infrastructure, such as airlines, were among the first to report the damage, with Delta Air Lines, for instance, canceling over 6,000 flights, resulting in a considerable operational financial strain estimated to be in the hundreds of millions.

Air France KLM’s reported loss of approximately €10 million due to the outage further illustrates the immediate impact on entities dependent on technology and stable operational flow.

The expected loss ratio impact of this incident on global cyber premiums, calculated at roughly 3-10 per cent of the current market, highlights the significance of such a crisis.

To understand this better, one must consider that the global cyber insurance premium market is valued at around $15 billion.

This affects not only the immediate fiscal health of insurers but also affects the manner in which they assess and underwrite risks associated with technology failures, which till now was generally categorized under cyber threats.

CyberCube’s assessment indicates that the losses incurred from this incident may reshape how insurance companies approach underwriting for technology-related incidents. Importantly, individual insurance carriers may experience varying claims outcomes based on multiple factors inherent to their specific portfolios.

These include the extent of coverage provided for non-malicious system failures and the structural composition of insured parties.

The variability suggests that although the entirety of the cyber insurance market is affected, the impact will disproportionately land on those portfolios with significant exposures to large corporate entities.

Risk Assessment Recalibrated

A critical component in this ongoing analysis is the recognition that the current estimates from CyberCube are provisional, demonstrating the fluidity and dynamic nature of the situation—many affected systems are still in the process of being restored.

 Lessons learned from the CrowdOut Event will catalyse insurers to re-examine their risk exposure and re-evaluate their risk modeling strategies. Insurers who previously may have felt insulated or complacent regarding non-malicious system failures might now be compelled to revisit their assessment and policy formulations.

The traditional lens of underwriting, which has primarily concentrated on malicious cyber threats, will need to broaden to include the complexities and vulnerabilities inherent in software updates and system failures.

Parametrix’s estimate of losses for Fortune 500 companies eclipsing $500 million brings to light the economic scale of such outages.

Institutions are now prompted to assess their dependency on third-party software solutions and review contingency plans, particularly in sectors like aviation that directly tie profitability and operational continuity to technological reliability.

Furthermore, the ramifications extend beyond merely financial metrics. The potential for a significant breakdown in public trust must be considered. With consumers increasingly reliant on seamless digital experiences, the intersecting realms of technology, customer service, and risk management must align in ways that prioritise system reliability while maintaining a robust cybersecurity posture.