Lessons for SMBs from the CrowdStrike Incident and the Importance of Cyber Insurance

In today’s digital landscape, the threat of cyberattacks is ever-present, and no business, regardless of size, is immune. Despite this, many small and medium-sized enterprises (SMBs) believe they are unlikely targets for cybercriminals. This misconception can have devastating consequences. According to a recent report, 43% of all cyberattacks target SMBs (Astra Security ) (Small Business Trends ). Furthermore, 61% of SMBs experienced a cyberattack in 2021 alone (StrongDM ). These statistics highlight the urgent need for SMBs to bolster their cybersecurity measures and ensure they are adequately insured.

A recent event highlighting this need is the CrowdStrike outage. CrowdStrike, a leading cybersecurity firm, suffered a substantial service interruption, causing widespread disruption for businesses dependent on their services. This occurrence emphasizes that vulnerabilities in third-party services can have severe consequences, even if your business is not the direct target of an attack. The news coverage of the incident has focused mainly on major corporations like Delta Airlines. Yet, statistics reveal that small and medium-sized businesses (SMBs) are equally vulnerable to these threats.

Using CrowdStrike as an Example

The CrowdStrike incident illustrates businesses’ dependence on third-party services for cybersecurity. When these services fail, the fallout can be widespread and damaging. The impact can be particularly severe for SMBs, which often lack the extensive resources of larger enterprises to manage and mitigate such risks internally.

This is where cyber insurance comes into play. Cyber insurance can help SMBs recover from such incidents by covering various costs associated with cyber disruptions, including business interruption, data restoration, and even public relations efforts to manage reputational damage.

In the following sections, we’ll explore the CrowdStrike incident in more detail, discuss the role of cyber insurance in mitigating such risks, and provide actionable steps SMBs can take to protect themselves against future cyber threats.

Background of the CrowdStrike Incident

The prominent cybersecurity firm recently experienced a significant service disruption that had widespread effects on businesses relying on their Falcon platform for threat detection and response. The outage, caused by a failure in one of CrowdStrike’s critical infrastructure components, lasted several hours and left many businesses temporarily vulnerable without their primary cybersecurity tool.

The financial repercussions of this outage were considerable. Many businesses reported substantial operational disruptions, leading to significant economic losses. According to Moody’s, the losses due to business interruption were particularly severe.

• Parametrix has estimated $5.4 billion in economic losses from the event, ?with insured losses likely to be no more than 10% to 20% of financial losses ($540 million to $1.08 billion).
• CyberCube’s initial estimate of insured losses for the standalone cyber insurance market ranges from $400 million to $1.5 billion.

This incident underscores the risks associated with reliance on third-party cybersecurity providers and highlights the importance of having robust cyber insurance coverage to mitigate such impacts.

For small and medium-sized businesses (SMBs), this incident is a stark reminder of the necessity for comprehensive cyber insurance. Cyber insurance can provide a crucial safety net, covering financial losses and helping businesses recover more quickly from such disruptions. By understanding and preparing for these risks, SMBs can better protect themselves against the growing threat of cyber incidents.

You can read the full article on the CrowdStrike incident and its implications on cyber insurance here .

Risk Management and Loss Control

The 7/19/2024 incident highlights the critical need for robust risk management and loss control strategies. Effective measures can significantly reduce the impact of cyber incidents on your business. For detailed guidance on implementing these strategies, including a comprehensive cyber incident response plan, employee training, and more, please refer to our latest blog by 4C Advising: Strengthening Your Cyber Defenses: Essential Risk Management and Loss Controls for SMBs .

Enhancing your cybersecurity posture can better protect your business from potential threats and ensure a quicker recovery during an incident.

The Role of Cyber Insurance

Cyber insurance is a vital component of a comprehensive risk management strategy. It provides financial protection and support to help businesses recover from cyber incidents. Coverage typically includes costs related to data breaches, business interruption, legal fees, and even public relations efforts to manage reputational damage.

With the right cyber insurance policy, SMBs can mitigate the financial impact of incidents like the CrowdStrike outage and ensure they have the resources to restore normal operations quickly.

Understanding Third-Party and First-Party Cyber Coverages

Cyber insurance policies typically include two main types of coverage: third-party and first-party. Understanding the difference between these coverages is essential for ensuring comprehensive protection for your business.

Third-Party Coverage Third-party cyber insurance covers claims against your business by external parties. This coverage is crucial for protecting your business from the financial impact of lawsuits, regulatory fines, and other liabilities arising from data breaches or cyber incidents that affect customers, partners, or other third parties. Critical components of third-party coverage include:

• Data Breach Liability: Covers legal fees, settlements, and judgments related to lawsuits from affected parties whose data was compromised.
• Regulatory Fines and Penalties: This policy section covers fines and penalties imposed by regulatory bodies for non-compliance with data protection laws.
• Media Liability: Protects against claims related to defamation, copyright infringement, and other media-related liabilities resulting from a cyber incident.

First-Party Coverage First-party cyber insurance covers losses that directly affect your business. This type of coverage helps your business recover from the immediate financial impact of a cyber incident. Critical components of first-party coverage include:

• Business Interruption: Covers lost income and operating expenses incurred during the downtime caused by a cyber incident.
• Data Restoration and Recovery: Provides coverage for restoring and recovering lost or compromised data.
• Cyber Extortion and Ransomware: Covers expenses related to responding to extortion demands and negotiating with cybercriminals, including ransom payments if necessary.
• Crisis Management and Public Relations: Helps cover the costs of managing the reputational impact of a cyber incident, including public relations efforts and customer notification expenses.

By combining third-party and first-party coverages, businesses can ensure comprehensive protection against the wide range of financial risks associated with cyber incidents. It’s important to review your policy with an insurance advisor to tailor the coverage to your specific needs and ensure that all potential risks are adequately addressed.

The Current State of the Cyber Insurance Marketplace

The cyber insurance marketplace has evolved significantly in recent years, driven by the increasing frequency and severity of cyber incidents. As cyber threats continue to grow, so does the demand for comprehensive cyber insurance coverage. Here’s a brief overview of the current state of the market:

1. Increasing Demand

• Rising Cyber Threats: With cyberattacks becoming more frequent and sophisticated, businesses of all sizes recognize the need for robust cyber insurance. High-profile incidents, like the Crowdstrike outage, have underscored the importance of being prepared.
• Regulatory Requirements: New data protection regulations, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), have made cyber insurance a critical component for compliance and risk management.

2. Premiums and Coverage Limits

• Rising Premiums: Insurers have been increasing premiums due to the surge in cyber claims. The average cost of cyber insurance has significantly increased as insurers adjust to the growing risk landscape.
• Coverage Limits: While premiums have increased, some insurers are also tightening coverage limits and adding more exclusions to policies. Therefore, businesses need to review their policies and ensure adequate coverage.

3. Evolving Policy Offerings

• Tailored Policies: Insurers are developing more tailored policies to meet the specific needs of different industries. This includes customized coverage options for healthcare, finance, and retail sectors facing unique cyber risks.
• Risk Management Services: Many insurers now offer additional services, such as risk assessments, cybersecurity training, and incident response planning, as part of their policies. These services help businesses mitigate risks and enhance their overall cybersecurity posture.

4. Claims and Payouts

• Increased Claims Frequency: The frequency of cyber insurance claims has increased, with more businesses experiencing incidents like ransomware attacks, data breaches, and business interruptions.
• Claims Handling: Insurers are improving their claims handling processes to provide quicker payouts and better support for policyholders. This includes dedicated cyber incident response teams and streamlined claims procedures.

5. Market Challenges

• Underwriting Complexity: As the cyber threat landscape evolves, underwriting cyber risks has become more complex. Insurers must continually update their models and risk assessments to keep pace with emerging threats.
• Capacity Constraints: Some insurers limit their exposure to cyber risks, leading to capacity constraints in the market. This can make it challenging for businesses to find adequate coverage at a reasonable price.

Conclusion The cyber insurance marketplace is dynamic and rapidly evolving. Businesses must stay informed about market trends and work closely with insurance advisors to secure the proper coverage. By understanding the current state of the market and proactively managing their cyber risks, businesses can better protect themselves against the financial impact of cyber incidents.

Call to Action

The CrowdStrike incident is a powerful reminder of the ever-present cyber threats that can disrupt businesses of all sizes. Protecting your business from these threats requires a comprehensive approach that includes robust cybersecurity measures and the right cyber insurance coverage.

At Fusco Orsini & Associates, we specialize in helping SMBs navigate the complexities of cyber insurance. Our team of experts is here to guide you in selecting the right coverage to safeguard your business against the financial impact of cyber incidents.

Take the next step to protect your business:

• Consult with Our Experts: Complete our cyber-quick form below to schedule a consultation with one of our insurance advisors. The advisor will review your current cyber insurance policy and identify any gaps in coverage.
• Access Comprehensive Resources: Visit our 4C Advising Blog to explore detailed risk management and loss control guides, including our Cyber Incident Response Plan and Employee Cybersecurity Training Program.

Don’t wait until a cyber incident impacts your business. Contact us today to ensure you have the protection and peace of mind that comes with being prepared. Together, we can build a resilient and secure future for your business.

I wrote this article with some help from my friends at OpenAI.

OpenAI. (2024). ChatGPT (4o) [Large language model].