From: Captive International
Captive insurers can design insurance policies specifically tailored to cover cyber risks.
Captive insurers can design insurance policies specifically tailored to cover cyber risks, especially for non-physical damage business interruption as seen in Friday’s CrowdStrike outage writes Marcus Schmalbach.
On July 19, 2024, the cybersecurity industry was rocked by a significant incident involving CrowdStrike, a leading provider of endpoint security, threat intelligence, and cyberattack response services. A flawed update to their Falcon sensor software led to widespread disruptions, affecting millions of Windows machines globally. The fallout from this incident was profound, impacting critical sectors such as healthcare, aviation, and finance. The financial impact was enormous, with estimated direct and indirect costs running into billions of dollars. This included remediation expenses, lost productivity, operational downtime, and severe reputational damage. Insured losses might cover some of these costs, but uninsured expenses, particularly those associated with business interruption and intangible assets like brand reputation, are likely to be considerable. This incident underscored the urgent need for comprehensive cyber insurance coverage, particularly for non-damage business interruption (NDBI) and intangible assets. Moreover, it highlighted the pivotal role that captive insurance solutions can play in managing cyber risks effectively.
The Incident
The root cause of the problem was a detection logic update for the Falcon sensor’s Memory Scanning prevention policy, which caused an overload in CPU usage, leading to significant performance degradation and system crashes. Reports indicated that the update resulted in operational failures across various critical systems. Airports such as LaGuardia experienced baggage handling disruptions, while hospitals faced dire risks as machines used during surgeries required reboots, potentially endangering patient lives.
Global Impact
The global repercussions of the CrowdStrike incident were immediate and severe. Commercial flights were grounded, media outlets like Sky News went offline, and banking and healthcare services experienced significant disruptions. Emergency call centres also reported substantial downtime. Financial markets reacted swiftly, with CrowdStrike’s stock plummeting by over 11% by the day’s end, erasing significant market value and shaking investor confidence.
