CROWDSTRIKE OUTAGE IMPACTS
POLICYHOLDER GUIDANCE AND INSURANCE IMPLICATIONS written by Joshua Motta , Coalition
On Friday , July 19 , 2024 , at 04:09 UTC , cybersecurity vendor CrowdStrike released a single computer file buried in a defective software update , causing a global IT outage for customers running the update on any Microsoft Windows operating system version 7.11 and above . Numerous airports , banks , 911 services , hotels , trains , hospitals , restaurants , governments , and maybe even your own computer were taken offline and replaced by the so-called Blue Screen of Death . Microsoft has estimated that 8.5 million computer systems were impacted .
Coalition was not impacted by the outage . We are processing claims as they are received , and our security support and incident response teams are readily available to assist impacted customers . Remediation guidance was also directly provided to affected Coalition policyholders immediately following its availability and can be found on CrowdStrike ’ s remediation hub , together with a preliminary postincident review detailing CrowdStrike ’ s investigation into the outage .
Understandably , this event has garnered international media attention and raised questions among Coalition policyholders and insurance partners about how cyber insurance — and Coalition , specifically — will respond . It also highlights the ongoing discussion about risk aggregation and how ( or whether ) the insurance industry can insure widespread events .
GUIDANCE FOR POLICYHOLDERS
Is it covered ? No doubt the question that is on everyone ’ s mind . The answer , of course , is nuanced based on what happened , to who , and under which policy . Let ’ s start with what “ it ” is . The CrowdStrike Outage resulted not only in business interruption to its customers running on Windows but also to noncustomer organizations that experienced cascading contingent business interruption as a result of the downtime of CrowdStrike ’ s customers . In some cases , the impacted systems were hosted in local networks , and others , in third-party cloud providers . Finally , while many of the cascading business interruption events resulted from IT systems failures , some were also caused by broader non-IT supply chain failures ( e . g ., the massive interruption and cancellation of flights , medical procedures , and the like ). What is covered and by which policy will depend on the specific facts and circumstances of the business interruption event , together with the specific policy wording of the policies in question . This is all to say that coverage may extend beyond cyber insurance
14 KANSAS INSURANCE AGENT & BROKER