INDUSTRY IMPACTS depending on the circumstance . For this article , we ’ ll focus on cyber insurance :
Directly impacted CrowdStrike customers : Most cyber insurance policies , including Coalition ’ s , offer coverage for certain business interruption events . Business interruption coverage is designed to cover lost income and the extra expenses incurred to recover from a partial or complete interruption of a policyholder ’ s computer systems . Extra expenses generally include things like employee overtime and necessary additional IT resources to aid in the recovery effort . In most cyber insurance policies , including Coalition ’ s , a business interruption event may be triggered either by a cyber security failure or a systems outage , as in this instance . Coverage is often subject to a waiting period , usually eight hours , after which coverage is granted . For many insurers , coverage is only provided beyond the waiting period up to the specified policy limit , although for Coalition , the waiting period is merely a trigger after which coverage is more broadly provided from the start of the outage . Importantly , coverage is generally limited to failures of the policyholder ' s own computer systems / network and not computer systems hosted by third parties . Fortunately , there is another coverage to address that scenario ( read on ).
Everyone else ( including non-customers , indirectly impacted CrowdStrike customers , and / or impacted customers using CrowdStrike in third-party hosted environments ): The subsequent outages experienced by many organizations as the direct result of the CrowdStrike snafu led to a broader cascading series of failures that impacted customers and noncustomers of CrowdStrike alike , albeit indirectly . Many cyber insurance policies , including Coalition ’ s , also include coverage for these so-called contingent business interruption events that result from the failure of computer systems ( including applications ) hosted by contingent third parties such as cloud services and SaaS providers . In some cases , this coverage may extend even further to include systems outages of any third-party service provider , including non-IT suppliers . Whether you have this coverage , and the extent of what it covers , may limit your recovery , however , coverage might also be found on other insurance policies designed to cover business interruption events to the extent they don ’ t exclude cyber events .
Many cyber insurance policies contain limitations or exclusions that may limit coverage for particular types of system outages or widespread failures that could result in large systematic aggregation events that would otherwise threaten the insurance industry due to their unpredictability , high loss correlation , and significant financial impact . These limitations will need to be assessed based on the specific facts and circumstances of the incident and the policy wording .
If you have questions about your specific circumstance , we recommend contacting one of our claims professionals or speaking with your insurance broker . And if you are a Coalition policyholder impacted by this event we recommend that you notify us as soon as possible . Our team is ready and available to provide guidance on and assist in the claims process .
Finally , we advise all policyholders to be mindful of phishing and social engineering attacks from cyber criminals posing as CrowdStrike or other security vendors offering assistance . CrowdStrike has warned of such malicious attempts and stated they will not make unsolicited outreach to customers .
IMPLICATIONS FOR THE CYBER INSURANCE INDUSTRY
The CrowdStrike outage is the third material supply chain outage of 2024 , following the outages of Change Healthcare , impacting thousands of hospitals , pharmacies , and medical practitioners , and software vendor CDK , impacting thousands of car dealerships . The potential for a cyber attack or systems outage , such as these , raises concerns about the potential for further large systemic losses .
SEPTEMBER / OCTOBER 2024
15