Why Every Business Owner Needs Cyber Liability Insurance: Lessons from the CrowdStrike Outage

by | Aug 6, 2024 | Commercial Lines, Cyber Risk, Cyber Security, FB Cyber Defense

Recap: The July 2024 CrowdStrike Outage

In July 2024, a widespread CrowdStrike outage affected approximately 8.5 million Microsoft users, causing system failures and massive business interruptions. Businesses everywhere, including New England were hit, some facing potential financial losses due to the disruption.

Recovery Options for Impacted Businesses

Understanding Different Coverages

Businesses with standalone cyber liability policies may find a lifeline through Contingent Business Interruption (CBI) and Dependent System Failure (DSF) coverage. These provisions kick in when a third-party service provider (like CrowdStrike) experiences an outage that affects your business operations.

  • Contingent Business Interruption (CBI): This coverage compensates for lost income resulting from disruptions caused by a third-party service provider’s outage. If your business relies on services like CrowdStrike, CBI can help bridge the income gap during downtime.
  • Dependent System Failure (DSF): DSF coverage specifically addresses losses due to system failures of third-party vendors. If your business relies on external systems (such as cloud services or software platforms), DSF can provide financial relief.
Understanding Your Policy and Responsibilities

Business owners must be proactive in understanding their cyber liability policies. Here are key points to consider:

  • Prompt Notification: If your business suffers a cyber event, notify your cyber liability insurer immediately. Timely reporting preserves your rights under the policy.
  • Income Comparison: Compare your normal business income to the income during the disruption. This helps determine the extent of the loss.
  • Waiting Periods: It is likely that a waiting period will apply, requiring systems be down for between 6-24 continuous hours with 12 hours being the most common.
Taking Action: Steps for Recovery

Cyber policies require insured individuals to directly notify their carriers in the event of a cyber incident.

  • Notify Your Carrier: Refer to the first page (Declarations Page) of your policy for instructions on notifying your carrier. As the insured, you’re responsible for directly informing them of the loss.
  • Quantify the Impact: Assess the immediate and future impact of the disruption. Document the specific timeframe of disruptions, affected systems, and the financial loss incurred.
  • Copy Your Agency: To streamline the claims process, copy your insurance agent on the notice. They can assist and oversee the claims handling.

If your business suffered from the CrowdStrike outage, your cyber liability policy’s CBI and DSF coverage can be your safety net. Act swiftly, quantify the impact, and follow the steps outlined above.

For questions on Cyber Insurance, contact FBinsure at 508-824-8666 or at info@fbinsure.com

Learn more about FBinsure’s cyber defense solutions here: FB Cyber Defense – FBinsure

Follow us on LinkedIn for the latest Agency updates.

SHARE THIS POST

Related Posts