CyberCube, a leading cyber risk analytics firm, estimates insured losses from the July 19 CrowdStrike outage to be between $400 million and $1.5 billion. Dubbed the “CrowdOut Event,” it was caused by a faulty CrowdStrike Falcon Sensor update, significantly impacting the standalone cyber insurance market. This incident represents a loss ratio impact of approximately 3-10% on global cyber premiums, which total $15 billion.
Despite the scale, CyberCube notes that the losses do not approach the extreme scenarios modeled by insurers, which can reach loss ratios of 234% in more severe events. The “CrowdOut Event” aligns with a 1-in-2 to 1-in-6 year industry loss return period, making it a significant but not catastrophic event for the cyber insurance market.
CyberCube’s estimates are provisional as the event is still unfolding, with many systems yet to be restored. The impact on each insurance carrier will vary based on their portfolio characteristics, including coverage for non-malicious system failure and contingent business interruption.
CyberCube’s Cyber Aggregation Event Response Service (CAERS) has been activated to provide real-time intelligence on this event to its clients, helping them assess the impact on their cyber insurance portfolios. The company will continue to monitor and support its customers through this evolving situation.
Source: CyberCube Estimates $400mn – $1.5bn Global Insured Losses From the CrowdOut Event.
Other News: Cybercrooks crafting solo careers in wake of ransomware takedowns.