Financial Times: Cyber insurers emerge as winners amid recent CrowdStrike IT outage

In July 2024, the world witnessed an unprecedented IT outage caused by a faulty update in software development industry. The incident affected numerous industries worldwide, grounding planes, disrupting medical appointments, and taking broadcasters off the air. Despite the chaos, the impact on the emerging cyber insurance sector remained limited, with most of the estimated $15 billion in damages left uninsured.

In the Financial Times article, experts argue that the outcome might have been different if the outage had lasted longer. Most cyber insurance policies have a delay of around eight hours before coverage begins, and the cause of the disruption was easier to rectify than a full-scale cyberattack. Risk retention strategies and policy limits also helped minimize insurers’ liabilities, with payouts expected to cover less than a fifth of the $5.4 billion in losses reported by Fortune 500 companies (excluding Microsoft), according to the insurer Parametrix.

However, looking ahead, insurers may not always be so fortunate. The cyber insurance market is one of the riskiest in the industry, with limited data available for accurate risk assessment. Surely though, the recent outage will provide valuable insights. For instance, while insurance can only partially address the growing cyber threat, the recent outage may drive increased demand for coverage. Even before the incident, risk managers were alarmed by cyber threats, as highlighted by the Allianz Risk Barometer. The widespread disruption caused by the so-called ‘blue screen of death’ has only strengthened this concern.