Adrian Johnson
TLDR:
Key Points:
- Insured losses from CrowdStrike outage could reach $1 billion
- Ransomware attack could have resulted in losses up to $2 billion
Article Summary:
The article discusses the estimated insured loss impact of $1 billion following a global IT outage triggered by a faulty CrowdStrike Falcon software update. Guy Carpenter, a reinsurance brokerage business, released a report indicating that if the incident had involved a ransomware attack, losses could have reached $2 billion. The insurance industry may need to reevaluate its perspective on risks and consider smaller but more frequent catastrophic events rather than focusing solely on single catastrophic incidents.
The CrowdStrike outage, considered one of the largest IT outages in history, caused massive disruptions globally, affecting commercial flights, hospitals, and emergency systems. While many insured organizations have filed notices of circumstances, it is still early in the claims process. Less than 1% of companies globally with cyber insurance coverage were impacted by the event.
The report estimates that Fortune 500 companies will see a direct impact of $5.4 billion from the disruption, excluding the impact on Microsoft. Most insurance losses are expected to be driven by business interruption claims. The insurance industry may need to incorporate smaller but more frequent catastrophic events into their modeling in response to recent cyberattacks and outages.
Combined with other recent incidents, the CrowdStrike event could trigger a 10% loss ratio impact on the insurance industry. It is noted that the findings in the report suggest the event may not lead to a significant loss for most insurance companies, depending on factors such as underwriting concentration and coverage for system failure.
