On July 19, 2024 businesses around the world came to a screeching halt. Operations at airlines, television networks, banks, hospitals and more were shut down as a massive technical outage crashed computer systems around the globe.
Although the disruption caused by the event was similar to that of a ransomware attack where cyber criminals hold systems and data hostage, it was actually caused by a faulty update installed by CrowdStrike, one of the world’s most widely used cybersecurity firms. The outage impacted more than 8.5 million Windows PCs and servers connected to the CrowdStrike security platform, interrupting countless businesses worldwide.
In honor of Cybersecurity Awareness Month, we’re sharing three of the most significant risk management and insurance takeaways that emerged in the aftermath of the CrowdStrike incident.
Organizations must have plans in place to quickly respond to cyber incidents and restore critical business functions and data with as little down time as possible. Plans must include comprehensive procedures to ensure early detection, mitigation of the effects of the event and rapid restoration of data and business operations. Plans should delineate a clear chain of command and the roles and responsibilities of staff members. Elements such as contact information and alternative channels of communication are essential to plans, and response and business continuity plans must extend to key vendors.
Many impacted organizations turned to their cybersecurity insurance policies to recover some of the revenue lost during the interruption. However, many were informed by their carriers that this was not a covered event because the outage was caused by a faulty security patch implemented by CrowdStrike, not by cyber criminals. Because there was no malicious act, most cybersecurity policies were not triggered, leaving the companies without coverage. To avoid coverage gaps in the future, it is critical for organizations to fully understand their cyber policy’s coverage limitations and work with their broker to find ways to close protection gaps.
Beyond securing comprehensive insurance coverage, organizations must ensure their contracts with third party vendors include strong indemnity clauses. These contracts must clearly detail responsibility for damages and financial losses resulting from business interruptions caused by technical failures as well as cybersecurity breaches.
Cybersecurity Awareness Month is a great time to brush up on cyber defense and insurance. Our experts at Conner Strong & Buckelew are going to be discussing cybersecurity and insurance issues all month long, offering tips to help organizations protect their data and systems. Securing contracts and understanding coverage requires expertise, and it is best not to go at it alone. At Conner Strong & Buckelew, our team is deeply experienced in cyber insurance and can help your organization ensure it is fully covered. We also employ cybersecurity experts who can examine your cybersecurity defense to confirm best practices are leveraged.
For more information on how our team can help, please reach out to your Conner Strong & Buckelew representative, call us at 1-877-861-3220 or email [email protected].
