Skip to main content
What can we help you find?
main content, press tab to continue
Article

Lessons learned from the CrowdStrike incident

October 1, 2024

Key takeaways and challenges from the CrowdStrike incident
|Financial, Executive and Professional Risks (FINEX)
N/A

The recent CrowdStrike system failure has spotlighted the challenges businesses face with non-malicious outages and highlighted the importance of having the right cyber insurance coverage in place. During Cyber Security Awareness Month, we provide critical insights into system failures, outage prevention, and the implications for the cyber insurance marketplace.

Explore our other resources to understand how to protect your business from system failures and ensure your cyber insurance policies provide comprehensive coverage.

Key takeaways from the CrowdStrike incident

System failures and outages: Non-malicious system failures are common across security software products. While smaller events often go unnoticed, larger outages like the CrowdStrike incident can severely disrupt business operations. Understanding how these failures occur and how to mitigate their impact is essential.

Challenges in avoiding outages: Outages are difficult to avoid as security products must run on operating systems that require constant updates to stay ahead of evolving cyber threats. Regular maintenance is necessary to reduce the risk of outages but cannot guarantee their prevention.

Best practices to minimize downtime: While you can’t eliminate the risk of system failures, companies can take these steps to reduce their impact:

  • Stage updates to minimize disruption.
  • Revisit software vendor inventories regularly to ensure all systems are up to date.
  • Update business continuity plans frequently.
  • Establish clear communication strategies in case of outages.

The role of cyber insurance in system failures

Coverage for non-malicious events: Cyber insurance policies often cover non-malicious events like system failures, though the exact scope of coverage can vary. It’s critical to understand how these failures are categorized in your policy to ensure your business is protected.

System failure definitions: System failures are typically defined as unplanned and unintentional outages. However, definitions vary between policies, affecting the scope of coverage. Understanding these definitions in your policy is key to avoiding coverage gaps.

Third-party network claims: Coverage for third-party claims during system failures is often excluded under cyber policies. However, errors and omissions (E&O) insurance may cover certain aspects. Discuss with your broker to ensure you have appropriate protection for third-party exposures.

Improving your cyber insurance claims

Importance of forensic accountants: Independent forensic accountants play a vital role in accurately quantifying losses from system failures and business interruptions. Engaging them early in the process ensures proper documentation and helps maximize recovery. Insurers will often recommend forensic accounting firms on their panel, but these firms are not independent and are biased towards the insurance carrier.

Practical steps for claims: To file a successful claim:

  • Engage independent forensic accountants early to assess losses.
  • Keep detailed records of system failures, including both internal and third-party impacts.
  • Document all downtime, business disruptions, and recovery efforts.

Market impact of the CrowdStrike incident

Market response: Despite the impact of the CrowdStrike incident, the cyber insurance marketplace has responded calmly. Insurers have continued offering coverage for system failures without drastic changes in pricing or capacity.

Global cyber marketplace outlook: The CrowdStrike incident is not expected to significantly impact the global cyber insurance market. Insurers remain committed to offering coverage, though policy definitions and scopes of coverage will continue to evolve based on risk profiles.

Download

Title File Type File Size
Client Alert Crowdstrike Outage PDF .2 MB

Contact

Glyn Thoms
Head of FINEX Cyber & Tech Direct
email Email phone +44 20 3124 8673
Related content tags, list of links Article Cyber Risk Management and Insurance Financial, Professional and Executive Risks

Get started today

Watch our webinar on system failures and cyber insurance

For a deeper dive into the CrowdStrike incident and its impact on system failures and cyber insurance, watch our exclusive webinar recording where WTW cyber experts discuss the incident’s implications and how businesses can better prepare for such events.

Our Financial, Executive and Professional Risks Capabilities

Financial, Professional and Executive Risks

We specialize in mitigating financial, professional and executive liability risks, enabling you to safeguard your reputation and bolster your business's prosperity.
Cyber Risk Management and Insurance

Safeguard your digital infrastructure and assets against cyber threats with our tailored coverage solutions and experienced teams.
Financial Institutions

From an ever-shifting regulatory landscape to the digitalization of the workplace, financial institutions face a complex set of challenges and risks. WTW helps our financial institution clients manage risk, cultivate talent and explore new ways of working.
Directors' and Officers' Liability Insurance

D&O insurance provides legal protection and promotes good corporate governance. Consider it as part of your risk management strategy.
Mergers and Acquisitions

We partner with you at every stage of the M&A deal making process, whether you are a strategic buyer, seller or a private equity firm that needs people or risk solutions.
Operational Risk Solutions

Helping to bridge the gap between risks and insurance programs for Financial Institutions.
Professional Indemnity Insurance

Our professional indemnity insurance offers tailored risk solutions for legal, financial, construction, and tech professionals, protecting against legal liabilities and financial loss.
Contact us