By Tyler Lyster | Seubert’s Vice President of Operations
Risk Management and Insurance in the Wake of the CrowdStrike Outage and CDK Cyber-Attack
The digital landscape is filled with risks, and the recent CrowdStrike outage and CDK Global cyber-attack have brought to light the critical role of proactive risk management paired with robust insurance coverage in mitigating these risks. As businesses reel from the impact of these events, the insurance industry is at the forefront, assessing coverage and responding to claims.
The CrowdStrike outage, which affected millions of Microsoft devices globally, was not a deliberate cyber-attack but a software update mishap. Nonetheless, the repercussions were significant, causing operational disruptions across various sectors. The CDK ransomware attack, targeting automotive retail systems, further underscored the vulnerability of digital infrastructures. These incidents have prompted businesses to turn to their insurers for recourse, leading to a surge in business interruption claims.
For insurers and brokers, the first challenge lies in determining the extent of coverage. Cyber insurance policies are designed to cover losses from cyber events, but the nuances of the policies issued by each carrier can vary. The CrowdStrike outage presents a unique scenario where the disruption was not due to a malicious act but an unintentional software issue. This raises questions about policy triggers and the definition of a covered event.
The CDK ransomware attack, on the other hand, falls squarely within the realm of cybercrime, and businesses affected by these attacks are likely to find solace in their cyber insurance coverage (depending on specific policy wording). However, the adequacy of coverage limits and the response of insurers in the face of widespread claims will be tested. Further, businesses that depend on CDK Global for their own operations suffered serious downtime and lost profits as a result. Coverage implications for downstream parties will likely take months to sort through.
Insurers are now scrutinizing their policy wordings, exclusions, and endorsements to ensure clarity on coverage. The incidents have highlighted the need for comprehensive cyber insurance that can adapt to the evolving nature of cyber risks. Brokers must work closely with policyholders to review and update their coverage needs, ensuring that it aligns with their risk profiles and provides adequate protection. As the cyber landscape continues to mature, so does the coverage afforded by cyber insurers. New coverage terms, conditions, and exclusions arise from claims scenarios that were previously unknown.
Moreover, recent events have sparked a conversation about the need for standardized cyber insurance products. The lack of uniformity in policy wording and coverage can lead to confusion and disputes during claims. A standardized approach could help streamline the claims process and provide clearer guidance to policyholders.
In the aftermath of the CrowdStrike outage and CDK cyber-attack, the insurance industry is at a crossroads. Insurers must balance the need to provide comprehensive coverage with the constraint to manage their own risk exposure and reinsurance. Policyholders must take a proactive approach to cyber risk management, implementing robust security measures and ensuring that their insurance coverage is up to date.
As the dust settles, it is clear that the insurance industry plays a pivotal role in the cyber ecosystem. It is the safety net that allows businesses to recover and rebuild in the face of cyber adversities. However, it should be viewed as just that: A last line of defense to help an insured recover from an unforeseen and uncontrollable event. Proactive cyber risk management strategies must encompass a comprehensive approach to cybersecurity, including the implementation of robust security protocols, regular system updates, and employee training on cyber threats.
Businesses should take a holistic approach to cybersecurity, which involves not only deploying advanced security solutions but also fostering a culture of cyber awareness among employees. Key strategies include:
- Regular Risk Assessments: Conducting thorough and regular risk assessments to identify vulnerabilities and potential threats.