Business interruption insurance hardest hit by global IT outage
More than 8.5 million Windows devices worldwide were affected by the July 2024 CrowdStrike update error.
Business interruption insurance policies were impacted the most by July’s global IT outage, not cyber insurance coverages.
“Typical cyber insurance coverage may not have been triggered because this was not a malicious attack,” Peter McMurtrie, a partner in West Monroe’s insurance vertical, told PropertyCasualty360.com.
“Where coverage did exist, things like deductible size, waiting period and coverage limits factor in the amount of exposure,” he said. “Standard small business owners’ policies were less likely to have coverage, while more complex policies for middle market and fortune 500 companies may have had broader coverage triggers for non-malicious outages caused by third party software issues.”
A software update on July 19, 2024 by the cybersecurity firm CrowdStrike impacted organizations worldwide using Microsoft Windows, subsequently interrupting hospital systems and media outlets, booting banks offline, delaying thousands of flights, and disrupting routine tasks and daily business transactions.
The initial effects of the outage were similar across large and small businesses, McMurtrie said, with variances based on the ability to recover operations and if insurance protection would cover the loss of business income during the outage period.
“Larger businesses are more likely to have sophisticated disaster recovery plans that implement redundancy of services after unplanned outages,” he added. “These insurance programs are also broader in what types of incidents are covered.”
More than 8.5 million Windows devices worldwide were affected by the CrowdStrike update error, according to Microsoft.
The incident demonstrates the interconnected nature of a broad ecosystem, global cloud providers, software platforms, security and other software vendors and customers, the company said in a blog. “It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist.”
McMurtrie said the outage was so widespread because organizations critical to societal infrastructure are the very institutions implementing cybersecurity services like those provided by CrowdStrike.
“Every crucial sector uses specialized cybersecurity services including agriculture, airlines, banking, energy, government, healthcare, manufacturing, and retail,” he said. “Insurance carriers base their risk appetite on the ability to understand risk and then price for that risk. This is very difficult to do when facing emerging threats, but I expect insurers to clarify policy language, improve risk selection criteria and potentially launch new products designed specifically for this new exposure.”
See also: