By
Ru ChenKey Takeaways
CrowdStrike is a leader in global cybersecurity. The July 2024 worldwide CrowdStrike outage has caused an unprecedented scale of cyber security issues across critical sectors. Canceled flights, delayed medical procedures, and broken Microsoft services have raised crucial questions – is tech too vulnerable? How much cyber insurance does a business need?
Financial uncertainty is normal after such an incident. Let’s go over the CrowdStrike outage, who’s paying for it, the value of cyber liability insurance, and what to do next.
On July 19th, 2024, the cybersecurity firm CrowdStrike pushed out a routine software update that ended up anything but routine. Microsoft users everywhere were alarmed to see the classic Blue Screen of Death on their Windows. The faulty update was rolled back within two hours, but by then it was too late. Around 8.5 million PCs and devices that ran Microsoft Windows were affected by the ensuing CrowdStrike outage.
People initially thought the issues might be the consequence of a cyberattack. However, CrowdStrike announced that the outage was due to a bug in CrowdStrike’s Falcon platform update for Microsoft Windows. This was why users of other operating systems were unaffected.
Countless core systems in our global society rely on Crowdstrike for cybersecurity. The bug disrupted systems around the world – hospitals, airports, media outlets, financial institutions, and thousands of other organizations. While 8.5 million devices affected is a drop in the bucket, less than 1% of Windows devices, the outage rippled severe consequences around the world.
The widespread impact of CrowdStrike’s outage is in part due to how crucial sectors require specialized cybersecurity services. For example, agriculture, airlines, government, and healthcare all need their own types of cybersecurity measures. Thousands of organizations use CrowdStrike’s cybersecurity solutions without many alternatives.
It’s a bit of a loss-loss in this unfortunate situation – without cybersecurity, any cyber attack could devastate a company. But the reliance on a single cybersecurity firm can also lead to widespread issues. Experts and regulators are currently discussing how we should continue with cybersecurity when so much critical infrastructure is interconnected.
Now that we’ve gone over what is CrowdStrike and what the CrowdStrike outage has caused so far, let’s discuss the consequences of an IT outage in depth.
The most noticeable consequence of an IT outage is the negative impact on day-to-day business operations. Since critical systems and apps become inaccessible, the entire organization might need to halt operations until the issue is fixed. Expect delays, hurt productivity, lowered morale, and customer dissatisfaction. Many customers will likely call your customer support or skip straight to posting about their bad experiences online.
In addition, an IT outage results in an increased vulnerability to cyber threats. Firewalls and other security systems may be compromised. Cybercriminals who hear of your IT outage may take advantage of this lapse in cybersecurity and launch an attack. They may exploit your vulnerabilities and steal sensitive information, such as customer information and financial details.
It’s no surprise to see the CrowdStrike stock plummet in the weeks following their outage. CrowdStrike shares fell around 25%, wiping out $22 billion in market value.
Crowdstrike clients have also suffered financially after the outage. Analysts are worried about litigation and other consequences that may arise over the next few months. Other than the financial losses that arise from the disrupted operations and disappointed clients, an IT outage can cost millions to mitigate the impact and restore routine services.
In general, an organization that encounters IT outages can expect to see heavy financial losses depending on what business operations are forced to stop. With airlines, the financial cost is overwhelming. With medical facilities, the cost may even be deadly.
Long-term variable losses also exist. Liability lawsuits can cost millions of dollars and years to resolve. Settlement costs can bankrupt a business. Businesses of all sizes should be wary of the financial loss related to cyber incidents.
A company that the average person might not know about has now become a household name – for an unfortunate reason. Since the outage, there has been a widespread loss of trust in CrowdStrike’s reliability. The clients who have used CrowdStrike, such as Microsoft, have also suffered reputational damage due to the outage.
As for legal and regulatory repercussions, experts say there may be potential legal actions and regulatory scrutiny.
Other organizations should be concerned about compliance and data protection during an IT outage. If you store any sensitive information or need to comply with any data regulations (e.g. the California Consumer Privacy Act), it’s essential to create a cyber security strategy that keeps loss mitigation and reputational damage in mind. Consider how your organization would react in case of an outage – who would you need to contact, how is stored data being protected, and what would you tell your clients?
Having a crisis action plan can greatly reduce the negative impact of a cyber incident, outage, or data breach. Cyber liability insurance is one form of protection that organizations should consider.
Cyber liability insurance offers monetary payouts in case of covered cyber incidents. If your business gets disrupted, some cyber insurance policies cover business interruption and data recovery costs.
In addition, a cyber insurance policy could help compensate your business for the income lost due to halted operations. Depending on your policy and how long your business operations get interrupted, this sort of policy could protect you from millions of lost income. The additional expenses needed to resume normal operations, such as data recovery and system repairs, can also be covered by cyber insurance.
When securing cyber liability insurance, companies should choose a liability coverage limit that fits their risk tolerance and needs.
Data breaches are notorious for having extremely high settlements. Thanks to the recent report by IBM security on data breaches, we know that the global average cost of a data breach is $4.45 million. In addition, these costs have been on the rise in recent years, and organizations should expect data breaches to continue to pose a significant risk long into the future.
Cyber liability insurance can cover legal fees and compensatory costs that are related to data breaches. It can also protect against regulatory fines and penalties.
Businesses that operate in the EU often ask: does cyber liability insurance cover GDPR fines? This depends on the policy. Some cyber insurance policies cover penalties. However, be sure to read the fine print and check for exclusions – for example, insurance companies typically exclude incidents that are caused by criminal acts.
Post-data breach responses can cost around $1.2 million for a business. An effective response can reduce the negative impact of a data breach and preserve the company’s reputation. The first 24 hours following an incident are critical for PR and recovery efforts. Nobody wants to be the business that failed to notify customers and leave everyone guessing as to why business operations were disrupted.
When a data breach or other cyber incident occurs, professional incident response teams can help. The cyber response team experts are trained to quickly assess the situation and take the next steps. They can help your business contain the breach, mitigating further damage. Professionals can provide valuable support for efficient crisis management and system restoration.
As for specific incident response and system restoration tasks, a disrupted business typically needs to:
One portion of a cyber incident response is notifying those who have been affected by a data breach. Cyber liability insurance can help cover the notification costs.
As you may have seen from the fallout of CrowdStrike’s outage, it is crucial to have a solid PR team to manage reputational damage. The better your communication with stakeholders and customers, the more likely you can recover from the cyber incident.
Cyber insurance may be able to help you with PR support and expenses, depending on the policy.
Following a cyber incident, it is entirely possible for clients or partners to file claims against the company.
Third-party cyber liability insurance serves to cover cyber liability lawsuits filed by third parties.
First-party cyber liability insurance covers the cost of a cyber attack on the company that carries the insurance policy.
Depending on your business’ priorities, challenges, and risk tolerance, you may want to obtain both first- and third-party cyber liability insurance.
While some cyber incidents are inevitable, having the right preventive measures in place can reduce their negative impact on your business. Here are the major proactive measures for businesses that want protection from cyber disruptions.
While it is ironic that CrowdStrike’s routine update was what led to widespread Blue Screens of Death on Microsoft Windows operating systems, it is still essential to keep your software updated. Regular updates of applications and software serve to patch out vulnerabilities and eliminate bugs.
Your IT experts should implement redundancies and fail-safes to ensure that if one part of the system breaks, you still have a plan. For example, if you store essential data on a server, make sure to keep backups so it isn’t all lost. If your websites crash due to DDoS or another cyber attack, there should be a way to notify customers of what steps you’re taking to recover operations.
The more robust your IT infrastructure, the better prepared your business will be in case of a cyber incident. Whether that’s a zero-day vulnerability or a data theft incident, better IT infrastructure can always improve a company.
Investing in comprehensive cybersecurity measures to protect against threats can go a long way. When an organization is upgrading systems, changing services, or suffering from an IT outage, this period of vulnerability can be stressful. During periods of vulnerability, enhanced monitoring and incident response plans can help companies maintain security.
After implementing cybersecurity measures, it’s important to not be complacent. Companies should conduct regular audits to identify vulnerabilities, potential exploits, and bugs. Issues should be addressed as soon as possible.
Continuous risk assessment is necessary because the digital threat landscape is constantly evolving. If your company fails to stay up-to-date with cybersecurity measures, it’s easy to get targeted by malicious actors.
Human vulnerabilities in cyber security are everywhere. Businesses can train their employees and educate them on cybersecurity best practices. For example, cyber security training should explain how common phishing scams and social engineering attacks work.
Your staff should be trained to know a streamlined, effective incident response plan. Make sure management is on the same page in case of a cyber incident. Update the incident response regularly to take into account any new risk factors or systems. An effective incident response strategy typically includes:
IT outages can cause serious disruptions and expose entire sectors to disruptions. It is still too early to discern the exact consequences of CrowdStrike’s global outage, but we know with certainty that it is painfully costly.
To protect your organization from cyber threats and liability claims, consider cyber liability insurance. Insurance can mitigate the devastating expenses following a data breach or other cyber incident.
Companies should be aware of the latest cyber security best practices and implement as needed, such as: