Cyber insurance and its role when tech outages occur

A 2024 CrowdStrike software update resulted in an outage that disrupted business operations for millions around the world¹, particularly in sectors such as transportation, retail, and healthcare. Over 500 Marsh clients were affected, with over 375 claims notifications received.

While the issue was resolved relatively quickly, the CrowdStrike event highlights the risk of technology disruption as supply chains become increasingly interconnected digitally. Whether you are looking to kickstart your journey to mitigating cyber risk or evaluating existing cyber insurance coverage, understanding how cyber insurance can protect your business from financial losses is crucial to technology risk resilience.

When does cyber insurance apply?

Cyber insurance can help organisations recover losses and associated costs resulting from technology events that disrupt their business operations. Examples of such events include ransomware attacks, large-scale data breaches, or IT outages like the recent CrowdStrike software update incident.

What does cyber insurance cover?

Cyber insurance can protect organisations by providing tailored coverage against a broad spectrum of first-party and third-party losses.

First-party coverages may include:

Business Interruption or Contingent Business Interruption (CBI): Protects against the loss of business income or extra expenses incurred by the insured when its operations are directly impacted or indirectly impacted (e.g. by a vendor) by an outage.
Cyber Extortion or Ransomware: Covers the costs of investigating, forensics, and ransom payments in the event of a cyber extortion or ransomware attack.
Data Restoration: Covers the costs to replace, restore, and recreate damaged or lost data.
Event Management or Breach Responses: Coverage covers costs such as forensics, public relations, setting up a call centre, notification (e.g. to regulators, customers, etc.), and credit monitoring services in the aftermath of a data breach.

Third-party coverages may include:

Privacy Liability: Protects against liability and defence costs, fines, and penalties arising from failing to prevent unauthorised access or disclosure of entrusted personally identifiable or confidential information.
Network Security Liability: Protects against liability and defence costs arising from the failure of system security to prevent or mitigate a computer attack.
Privacy Regulatory Defence Costs: Covers fines or penalties assessed by regulators in relation to a privacy breach.
Technology Errors and Omissions: Covers defence and damages for loss arising from the actual or alleged failure of the insured's technology services or products.

It is important to note that for claims related to network downtime, a waiting period of 4 to 12 hours typically applies before claims can be made on a policy. A trusted insurance broker and risk advisor can advise on the appropriate amount of coverage and customise the terms and conditions of the cyber policy to your business’s needs.

Enhance your cyber risk insurability with 12 key risk controls

When purchasing cyber insurance, the adoption of certain cyber risk controls has now become a minimum requirement of insurers. Organisations that have implemented controls such as multifactor authentication (MFA), email filtering and web security, privileged access management (PAM), and endpoint detection and response (EDR), among others, will typically be looked upon favourably by insurers when placing a cyber policy.

Organisations of all sizes can leverage Marsh's Cyber Self-Assessment tool to evaluate their cyber risk maturity and identify gaps in their controls by benchmarking against industry peers. The tool also enables organisations to identify areas of improvement in their cyber controls to enhance their cyber risk insurability and potentially reduce their cyber insurance premiums. Recognised by all insurers, responses from the assessment can be used directly on applications for cyber insurance coverage, simplifying and accelerating the insurance placement experience.

Not a matter of if, but when – Protect your business against the consequences of tech outages now

In an increasingly connected digital world, cyber insurance provides financial protection and support for the inevitable cyber incident. If you do not have cyber insurance and want to protect your business from the risk of technology disruption, speak to a Marsh Asia Cyber representative today.

¹ Reuters. (2024). Microsoft says about 8.5 million of its devices affected by CrowdStrike-related outage. https://www.reuters.com/technology/microsoft-says-about-85-million-its-devices-affected-by-crowdstrike-related-2024-07-20/