News | World Insurance Associates, LLC

Global Tech Outage: The Importance of Insurance

Written by Jessame Hannus | Jul 24, 2024

On Friday, July 19, 2024, a faulty update from the leading cybersecurity firm, CrowdStrike, caused a global tech outage, highlighting the importance of insurance on both sides of a contract. The faulty update caused widespread crashes of Microsoft Windows systems, leading to significant disruption across various sectors.

What About Tech E&O Insurance?

Even though CrowdStrike only made one error, they rolled that error out to more than 6 thousand businesses and 8.5 million computers across all industry sectors. Their Tech E&O coverage will need to have sufficient limits to respond to all claims they face as a result and it’s likely their insurer will find that this is a single incident, and any resulting claims are “Related Wrongful Acts”. With proper contract management, CrowdStrike may have capped their losses at fees paid, but even if their customers settle for that amount, those costs will aggregate quickly. For this reason, we commonly see contracts requiring high limits for Tech E&O, even from Tech companies that are too small to support that premium.

How About Cyber Security Insurance?

CrowdStrike has emphasized that this was an error, not a cyber security incident, which brings us to the client side of the equation. CrowdStrike’s clients will discover that property policy Business interruption will not respond to this incident. Cyber Insurance might, so long as they have the right placement. Policies with Dependent (or Contingent) Business Interruption that includes System Failure as a trigger may well respond. Dependent BI has become a somewhat standard insuring agreement on Cyber Policies but might have restrictive definitions on what vendors qualify, maybe a lower sub-limit than the aggregate, or may not include System Failure.  System Failure coverage provides for a Business Interruption response when the disruption is due to a tech error rather than a cyber security incident. Cyber endorsements on a GL policy will probably be a low limit of liability only and will not have any of these additional insurance agreements.

What Would the Global Tech Outage Cost?

The recent CDK incident that caused Dependent Business Interruption for auto dealers across the US is estimated to have caused $1B in losses overall, and that was limited to one industry. The CrowdStrike event will take time to develop but will certainly lead to record-setting losses.

Key industries impacted included:

What Insurance Could Help Businesses in Future Situations Like the Global Outage?

Any insureds who are not currently carrying cyber insurance might want to pursue quotes now as these aggregated losses could push insurance premiums higher by the end of 2024.

 

 

This article is not intended to be exhaustive, nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice.