CrowdStrike Losses Not Covered By Insurance
In light of last week’s IT disaster, now would be a good time to review your cyber insurance policy. According to Parametrix, who does this for a living, just for US Fortune 500 companies, the cost from the CrowdStrike disaster is going to be more than $5 billion. In fairness, the Fortune 500 collectively have $18 trillion in annual revenue so, while they might not like spending the dough, they also won’t go broke.
Parametrix says that insurance might cover around $500 million to a billion of that or about 10 to 20 percent of that loss.
That is due to two things – high retained liabilities (deductibles) and low policy limits.
And, while they might be able to afford that, maybe you can’t.
Some industries, like manufacturing, mostly escaped. Airlines got clobbered. Retail and IT each lost about a half billion each.
Globally, the losses amounted to around $15 billion. From one cyber event and it wasn’t (at least that is what they say) a hacking event.
But CrowdStrike is trying to make it up. Not to paying customers. Those folks are going to sue CrowdStrike. To teammates and partners. They gave them Uber Eats gift codes. For TEN DOLLARS. What is that – half a meal. A bit tone deaf. On top of it. so many of them got used that Uber thought they were being hacked, so they cancelled the codes. So, for those folks that tried to use the card later in the day, they got a message that, again tone deaf, CrowdStrike cancelled the code rather than Uber thought they were being hacked – better for Uber to blame its customer than to take the blame itself – Pretty typical for Uber.
But, it certainly is a good time to look at your cyber risk insurance, check out what is covered, your limits are and what the retained liability or deductible is and see if you need to make any changes. If you need assistance, please contact us. Credit: The Register